Edit tour

Windows Analysis Report
https://hianime.to

Overview

General Information

Sample URL:	https://hianime.to
Analysis ID:	1544176
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected suspicious URL

Performs DNS queries to domains with low reputation

Connects to several IPs in different countries

Detected hidden input values containing email addresses (often used in phishing pages)

Detected non-DNS traffic on DNS port

Detected suspicious crossdomain redirect

HTML page contains hidden javascript code

Suricata IDS alerts with low severity for network traffic

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5676 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 3484 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1920 --field-trial-handle=1984,i,16721783093829496953,14232056814186547916,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6328 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://hianime.to" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Suricata Signatures

ET EXPLOIT_KIT Possible Nuclear EK Nov 13 2015 Landing URI struct

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-10-29T00:06:50.479722+0100	2022090	1	Exploit Kit Activity Detected	192.168.2.4	57528	188.114.96.3	443	TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Source: https://wejeestuze.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=windows&os_version=10.0.0&is_mobile=false&browser_version=117.0.5938.132

HTTP Parser: {"sync":"L\u001bRR\u001f\u001c&\u001c\u0014\u0005g\u001f\u001cK\u0012\u0003\u0001\u0005P\u000eL_\u0003\u0001l\u0004%+?JY@J\u0000[\u0003C+ ,>qNEpV\\Q\u0016\u0001UH#\u0017T\u0002\u0018WA[@X\\\u0004NEdNZP\u000e7\u0011\t\u0011\u0007JI=\\\u0017\u0003\r\u000eR\u001c=\u0018UCVD\u0015MY@E\u001a\bYI\t\"Z*.[\u001dBMdNZP\u000e7\u0011\t\u0011\u0007JI\u001dK\b\u001c\u000b\u0019[\u0016BOEO\u0011\fX#\u0016\u0007\u0012\u000e]I0W\u0002DNC5[\u0001\n[\\\u001a\u0014VF\u000b\u0018\u0005@\u0002^U\u001b\u0015\u0010\u0001IH\u0006Z]\u001b\u001bDAX^HZMR\u0014K\u000eQCPWSF\u0018L\u001a^N\u0011\fKVAXY@O\u0000\u0011\u001b[S^\\^\u0016\u0019\u0015\u0015\u0003\u0003\u001aX\u0013\u0000JOR\u0014K\u0010ACP^GPC\b\u000e\u0015\u0003\u0003\u001aX\u0017\u0018\u0000WX\u0001QM\u0015C\u0019\u0006IH\u0005^_\u0003\u0015\u0011E\rFCYGZ\bE[J\u0000\u001dLQC\u0006V]\u001b\u001bGE%\u0000\u001c\u001c\u0010\u0001L\f\u001d\u001b[ZBI\u0018G\u001b\f\u0015\u0003\u0011{\u0015\u001e\u0010\u0004\u0019\u0003\u0017\\W\tAB9\u0002\u001cP\u0001\u001aD\u0019}bZUIFEY\u0018>\u0010WW^UK\n\u0002ZD\u0017xCF\u0016\u0001.\r\u0017)Q\u001dV\fR]@XD\u0014F&m~zVD\u0015\u0001\u001e\u0007\u0018.\u001cZ\n\u0005GK1\\\u001c\u0002Z\\\u001c\u0007KSWX[R\u0016YYj\u0000\f\u000f\u0019\u001b\u001b[^\u0000\u0017\u0000\u0000XH[\u0006\u0005@\u0002XU\u001b\u0011\u000eLQP]\u0000\u0019RK]W\u0016I\t\f\u0013ON\u0000\u001cN\u0004\u0018T\u0002\u0001d'V^WGS\b\n\u0018\u0004X\u0012\\\u000fTO\b\u000f\u0019\u000e\u0000\u000e\u0007\u001egp\b_\u0014\u0010\u001c\u001a\u001b\u0003TD\t]\u0007G\u0018\u0002\u0017C\u000b\u001f\rP@f3_\u0010\u0006\u0001\u0007J\u0007\u0018UL\u001a\n\r_B\u0007\b@\\A\f\u0013\u0017)!N\u000bV\u001d\u001cK\u000f\u000b\u0002F\u0002P\b@APVA\u001f\u0016C\u0001\u00062qR[\u0015C\u001f\u0007\u000fP\u000e\u0000\u0018[U\u001f\u0014\u001e\u0016\u001fJO@\u001aE[I\rHTI\u001a@\u001a\u001dD\u0003\u001c\u0019\r\u0001\u0013\r\u0010\u0011L\u001c\u0003\\O\u0004\u000b\u001f]\u0000A[\u0006\b\u000b\u0001BTF\u001e\u0014\u0010\u0005_L\nUX\\RTV\u001a\u0017\nx^S\b\r\u001a\tZ,]\u001e&`\u000e\u0018\u0005M\u0010@\u0001P\u0005\r\u0003\u0010\u0018\u0005\u000bU\r@\u0014K\u0017^CP_GP@\u0014O\r\u001br[\u001f\u0016\u0010\u000b\u0014Mv\f\u000ef8\u0005\u001c\u0000P\u0018L\u0003U\u001b\t\u0007VF\u0017\t\u0005@\u0002K.P\u000fY\\I^\u0016\u001e\u0019\u0015\u0003\u0003\u001aX\u0001\u000f\t\u0019@\u0002ZJ\u0015C\u0002\rIH\u0000BOST\u0011\fBH[\u001a\u0001\u0016\u001aSK\fQFL\b\u001ak\u0001\u000f]\u001b\t\u0007VF\u0017\u001fWX\tE[N\u0005HT\r\u0013X\u001d\b\u001b\u001b\\E\u0019\u0014\fJO\fM\u0005\u0015\u0015C\u0002\u0007\u000f\u0016Q\u0000O\r_RZ\t\u0001UJ\u0016\ng\u0006\u001bS>\u0003\u0000\u000f\u0017LLW\u0005\t\u0002\u001aX\u0013\u0010\u0006*\t]\u0010\nf\r\u000f\u0000\f\u0006\\LW\u0005\n\u0002\u001aX\u0007\u0016\u0004\u001a\u0010g\r\u001cI\u0015\u0002LQ@\u0000BOA\\]R\u0015\u0016[RW%W\u0006\u001eU\u0004J'\u0005\u0011\u001aLA\u0015^R[\u001f\u0014\u0018\f\u0006@\u0002YU\u001b\u000f\u0006LQPQ\u0000@bj\u0011\u001aX\n\u0015\u001bWX\u001a\f\u0017\u001449B\u000e\u001c\u0016BOTV_Y\b

Source: https://hianime.to/

HTTP Parser: Base64 decoded: {"adblock":{},"excludes":""}

Source: https://hianime.to/	HTTP Parser: No favicon
Source: https://hianime.to/	HTTP Parser: No favicon
Source: https://wejeestuze.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=windows&os_version=10.0.0&is_mobile=false&browser_version=117.0.5938.132	HTTP Parser: No favicon
Source: https://vaigreevouta.xyz/policy-sweep-check.htm?offer_id=99275599&geo=US&oaid=w6wr476743lz937223226b3o5npvk856&s=874903666652623598&z=6118780&b=21546778&var=6534229&campaignid=14083&utm_campaign=6534229&utm_medium=6118780&utm_source=zd_14083&utm_term=21546778&utm_content=zd_public_v2&country=US	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.51:443 -> 192.168.2.4:57656 version: TLS 1.2

Networking

Performs DNS queries to domains with low reputation

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: vaigreevouta.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: vaigreevouta.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: vaigreevouta.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: vaigreevouta.xyz

Source: unknown

Network traffic detected: IP country count 10

Source: global traffic	TCP traffic: 192.168.2.4:57493 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:57607 -> 162.159.36.2:53

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: wejeestuze.net to https://vaigreevouta.xyz/policy-sweep-check.htm?offer_id=99275599&geo=us&oaid=w6wr476743lz937223226b3o5npvk856&s=874903666652623598&z=6118780&b=21546778&var=6534229&campaignid=14083&utm_campaign=6534229&utm_medium=6118780&utm_source=zd_14083&utm_term=21546778&utm_content=zd_public_v2&country=us

Source: Network traffic

Suricata IDS: 2022090 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Nov 13 2015 Landing URI struct : 192.168.2.4:57528 -> 188.114.96.3:443

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hianime.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/home.css?v=0.9 HTTP/1.1Host: hianime.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/sharethis.js HTTP/1.1Host: platform-api.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/anw-min.webp?v=0.1 HTTP/1.1Host: hianime.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/logo.png?v=0.1 HTTP/1.1Host: hianime.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/64a3d891df473b0019d1b0da.js HTTP/1.1Host: buttons-config.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pview?event=pview&hostname=hianime.to&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fhianime.to%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Watch%20Anime%20Online%2C%20Free%20Anime%20Streaming%20Online%20on%20HiAnime.to%20Anime%20Website&cms=unknown&publisher=64a3d891df473b0019d1b0da&sop=true&version=st_sop.js&lang=en&description=HiAnime%20is%20a%20Free%20anime%20streaming%20website%20which%20you%20can%20watch%20English%20Subbed%20and%20Dubbed%20Anime%20online%20with%20No%20Account%20and%20Daily%20update.%20WATCH%20NOW!&ua=%22Google%20Chrome%22%3Bv%3D%22117%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22117%22&ua_mobile=false&ua_platform=Windows&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22117.0.5938.132%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22117.0.5938.132%22&ua_platform_version=10.0.0&uuid=a1ef854f-118b-457c-af69-f7096a1264b4 HTTP/1.1Host: l.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://hianime.toSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/sharethis.js HTTP/1.1Host: platform-api.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /images/logo.png?v=0.1 HTTP/1.1Host: hianime.toConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_R34F2GCSBW=GS1.1.1730156788.1.0.1730156788.0.0.0; _ga=GA1.1.525988088.1730156788
Source: global traffic	HTTP traffic detected: GET /images/anw-min.webp?v=0.1 HTTP/1.1Host: hianime.toConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_R34F2GCSBW=GS1.1.1730156788.1.0.1730156788.0.0.0; _ga=GA1.1.525988088.1730156788
Source: global traffic	HTTP traffic detected: GET /sc?event=pview&hostname=hianime.to&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fhianime.to%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Watch%20Anime%20Online%2C%20Free%20Anime%20Streaming%20Online%20on%20HiAnime.to%20Anime%20Website&cms=unknown&publisher=64a3d891df473b0019d1b0da&sop=true&version=st_sop.js&lang=en&description=HiAnime%20is%20a%20Free%20anime%20streaming%20website%20which%20you%20can%20watch%20English%20Subbed%20and%20Dubbed%20Anime%20online%20with%20No%20Account%20and%20Daily%20update.%20WATCH%20NOW!&ua=%22Google%20Chrome%22%3Bv%3D%22117%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22117%22&ua_mobile=false&ua_platform=Windows&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22117.0.5938.132%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22117.0.5938.132%22&ua_platform_version=10.0.0&uuid=a1ef854f-118b-457c-af69-f7096a1264b4&samesite=None HTTP/1.1Host: l.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://hianime.toSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /img/telegram.svg HTTP/1.1Host: platform-cdn.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /img/twitter.svg HTTP/1.1Host: platform-cdn.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /img/facebook.svg HTTP/1.1Host: platform-cdn.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /img/reddit.svg HTTP/1.1Host: platform-cdn.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /img/sharethis.svg HTTP/1.1Host: platform-cdn.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fhianime.to%2F HTTP/1.1Host: count-server.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /js/64a3d891df473b0019d1b0da.js HTTP/1.1Host: buttons-config.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /panorama.js HTTP/1.1Host: platform-api.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /img/sharethis.svg HTTP/1.1Host: platform-cdn.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /img/facebook.svg HTTP/1.1Host: platform-cdn.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /img/twitter.svg HTTP/1.1Host: platform-cdn.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /img/reddit.svg HTTP/1.1Host: platform-cdn.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hianime.toConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_R34F2GCSBW=GS1.1.1730156788.1.0.1730156788.0.0.0; _ga=GA1.1.525988088.1730156788
Source: global traffic	HTTP traffic detected: GET /sc?event=pview&hostname=hianime.to&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fhianime.to%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Watch%20Anime%20Online%2C%20Free%20Anime%20Streaming%20Online%20on%20HiAnime.to%20Anime%20Website&cms=unknown&publisher=64a3d891df473b0019d1b0da&sop=true&version=st_sop.js&lang=en&description=HiAnime%20is%20a%20Free%20anime%20streaming%20website%20which%20you%20can%20watch%20English%20Subbed%20and%20Dubbed%20Anime%20online%20with%20No%20Account%20and%20Daily%20update.%20WATCH%20NOW!&ua=%22Google%20Chrome%22%3Bv%3D%22117%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22117%22&ua_mobile=false&ua_platform=Windows&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22117.0.5938.132%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22117.0.5938.132%22&ua_platform_version=10.0.0&uuid=a1ef854f-118b-457c-af69-f7096a1264b4&samesite=None HTTP/1.1Host: l.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /img/telegram.svg HTTP/1.1Host: platform-cdn.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fhianime.to%2F HTTP/1.1Host: count-server.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /panorama.js HTTP/1.1Host: platform-api.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /5/6534229 HTTP/1.1Host: wejeestuze.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cswjpnmveybweu.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /panorama?uid=80ae3bc6e6f791d6378b72b3aa4b185ca02c260e3c61b5fce4f63442e6647f90&stid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /6/map HTTP/1.1Host: bcp.crwdcntrl.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cc_dc=1; _cc_id=4314c53bf0a50ee26fb672e299b0eb35
Source: global traffic	HTTP traffic detected: GET /manifest.json HTTP/1.1Host: hianime.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gid.js?userId=008103a728344721f89b0f64a5fc3c27 HTTP/1.1Host: my.rtmark.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://hianime.toSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP/1.1Host: ml314.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cms?partner_id=SHARE&gdpr=0&euconsent= HTTP/1.1Host: cms.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /panorama?uid=80ae3bc6e6f791d6378b72b3aa4b185ca02c260e3c61b5fce4f63442e6647f90&stid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /5/c=9084/tp=SARE/tpid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: bcp.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cc_dc=1; _cc_id=4314c53bf0a50ee26fb672e299b0eb35
Source: global traffic	HTTP traffic detected: GET /5/6534229 HTTP/1.1Host: wejeestuze.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=008103a728344721f89b0f64a5fc3c27; oaidts=1730156794
Source: global traffic	HTTP traffic detected: GET /images/icons-192.png HTTP/1.1Host: hianime.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_R34F2GCSBW=GS1.1.1730156788.1.0.1730156788.0.0.0; fpestid=-VbLctLiw4yEBKTBFoNJYcJ_dVFt7KXeMal4CUhXBwawwl7ShMWtyaZ-z4dEeT-OO_Ij4Q; _ga=GA1.2.525988088.1730156788; _gid=GA1.2.867265630.1730156792; _gat_gtag_UA_304498478_1=1; _cc_id=4314c53bf0a50ee26fb672e299b0eb35; panoramaId_expiry=1730761594227; panoramaId=80ae3bc6e6f791d6378b72b3aa4b185ca02c260e3c61b5fce4f63442e6647f90; panoramaIdType=panoDevice
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: hianime.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_R34F2GCSBW=GS1.1.1730156788.1.0.1730156788.0.0.0; fpestid=-VbLctLiw4yEBKTBFoNJYcJ_dVFt7KXeMal4CUhXBwawwl7ShMWtyaZ-z4dEeT-OO_Ij4Q; _ga=GA1.2.525988088.1730156788; _gid=GA1.2.867265630.1730156792; _gat_gtag_UA_304498478_1=1; _cc_id=4314c53bf0a50ee26fb672e299b0eb35; panoramaId_expiry=1730761594227; panoramaId=80ae3bc6e6f791d6378b72b3aa4b185ca02c260e3c61b5fce4f63442e6647f90; panoramaIdType=panoDevice
Source: global traffic	HTTP traffic detected: GET /sw.js?v=0.5 HTTP/1.1Host: hianime.toConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://hianime.to/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_R34F2GCSBW=GS1.1.1730156788.1.0.1730156788.0.0.0; fpestid=-VbLctLiw4yEBKTBFoNJYcJ_dVFt7KXeMal4CUhXBwawwl7ShMWtyaZ-z4dEeT-OO_Ij4Q; _ga=GA1.2.525988088.1730156788; _gid=GA1.2.867265630.1730156792; _gat_gtag_UA_304498478_1=1; _cc_id=4314c53bf0a50ee26fb672e299b0eb35; panoramaId_expiry=1730761594227; panoramaId=80ae3bc6e6f791d6378b72b3aa4b185ca02c260e3c61b5fce4f63442e6647f90; panoramaIdType=panoDevice
Source: global traffic	HTTP traffic detected: GET /gid.js?userId=w6wr476743lz937223226b3o5npvk856 HTTP/1.1Host: my.rtmark.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://hianime.toSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wrr?z=6534229&p_rid=38671fcb-ec68-4627-977a-750d8f930069&rb=bxUxa5MGzypX6DvWnJGeJDJGj_HqLOF2Mu0IU_HexHxSgE77wUsey6AYZkbYpX9_bGdH4M-rIuixrONYy7GXRcUPgpPKKODE1H57LeDijJ-x_8LnUs23LKy9hDyAf-buOssG3u89JsF0coqE_EZ2ED4TSQx2pYUnOVH6Qp5t2VtmWn27mcvGxFQxyUHukQsasXEFuDanb8vNouaYOPVTNfwBgQSPaB3Er7PW5rSKUqTdeP8EA4T28wt0a5YNcsXOBNFuD5uXTGNxDLRPr0wLDrYo7tuzqCQRk_oV-hYoznvCqYu0DMW4wP15pqXnIEEijOscXqER2kw=&os=windows&os_version=10.0.0&is_mobile=false&browser_version=117.0.5938.132&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=907&wiw=1280&ww=1280&wh=984&sah=984&wx=0&wy=0&cw=1263&wfc=2&pl=https%3A%2F%2Fhianime.to%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=America%2FNew_York&bto=240&tt=4&wgl=ANGLE%20(Google%2C%20Vulkan%201.3.0%20(SwiftShader%20Device%20(Subzero)%20(0x0000C0DE))%2C%20SwiftShader%20driver)&js_build=iclick-v1.980.24-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bml=1&bmi=1&wasm=1&dmn=wejeestuze.net&userId=w6wr476743lz937223226b3o5npvk856 HTTP/1.1Host: wejeestuze.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://hianime.toSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?rb=bxUxa5MGzypX6DvWnJGeJDJGj_HqLOF2Mu0IU_HexHxSgE77wUsey6AYZkbYpX9_bGdH4M-rIuixrONYy7GXRcUPgpPKKODE1H57LeDijJ-x_8LnUs23LKy9hDyAf-buOssG3u89JsF0coqE_EZ2ED4TSQx2pYUnOVH6Qp5t2VtmWn27mcvGxFQxyUHukQsasXEFuDanb8vNouaYOPVTNfwBgQSPaB3Er7PW5rSKUqTdeP8EA4T28wt0a5YNcsXOBNFuD5uXTGNxDLRPr0wLDrYo7tuzqCQRk_oV-hYoznvCqYu0DMW4wP15pqXnIEEijOscXqER2kw%3D&request_ab2=0&zoneid=6534229&js_build=iclick-v1.980.24-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=907&wiw=1280&ww=1280&wh=984&sah=984&wx=0&wy=0&cw=1263&wfc=2&pl=https%3A%2F%2Fhianime.to%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=America%2FNew_York&bto=240&tt=4&wgl=ANGLE%20(Google%2C%20Vulkan%201.3.0%20(SwiftShader%20Device%20(Subzero)%20(0x0000C0DE))%2C%20SwiftShader%20driver)&js_build=iclick-v1.980.24-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=38671fcb-ec68-4627-977a-750d8f930069&wasm=1&userId=w6wr476743lz937223226b3o5npvk856&os=windows&os_version=10.0.0&is_mobile=false&browser_version=117.0.5938.132&m=link HTTP/1.1Host: wejeestuze.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://hianime.toSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=008103a728344721f89b0f64a5fc3c27; oaidts=1730156794
Source: global traffic	HTTP traffic detected: GET /load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP/1.1Host: loadus.exelator.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP/1.1Host: ps.eyeota.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /395886.gif?partner_uid=3648035269061902378 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0ODAzNTI2OTA2MTkwMjM3OBAAGg0I_bGAuQYSBQjoBxAAQgBKAA HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=Obhhz/D+3oHeo10PkQxFx76+1dLl1kpbXEQmVZfvolc=; pxrc=CAA=
Source: global traffic	HTTP traffic detected: GET /track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=2151bf18-6c47-42a6-8c06-55bf537d1c41; TDCPM=CAEYBSgCMgsIisXD_Pzruz0QBTgB
Source: global traffic	HTTP traffic detected: GET /ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /int/lotame?uid=4314c53bf0a50ee26fb672e299b0eb35&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP/1.1Host: loadus.exelator.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EE="cfb3e233ce1663a94f8a7c2bbd3aebc9"; ud="eJxrXxzq6XKLQSE5Lck41cjYODnV0MzMONHSJM0i0TzZKCkpxTgxNSnZcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9UWjw4qKUNMZFJcWngk9mbQQAjvEohQ%253D%253D"
Source: global traffic	HTTP traffic detected: GET /pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP/1.1Host: ps.eyeota.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mako_uid=192d5619f40-3bfb0000010f586d; SERVERID=22637~DM
Source: global traffic	HTTP traffic detected: GET /wrr?z=6534229&p_rid=38671fcb-ec68-4627-977a-750d8f930069&rb=bxUxa5MGzypX6DvWnJGeJDJGj_HqLOF2Mu0IU_HexHxSgE77wUsey6AYZkbYpX9_bGdH4M-rIuixrONYy7GXRcUPgpPKKODE1H57LeDijJ-x_8LnUs23LKy9hDyAf-buOssG3u89JsF0coqE_EZ2ED4TSQx2pYUnOVH6Qp5t2VtmWn27mcvGxFQxyUHukQsasXEFuDanb8vNouaYOPVTNfwBgQSPaB3Er7PW5rSKUqTdeP8EA4T28wt0a5YNcsXOBNFuD5uXTGNxDLRPr0wLDrYo7tuzqCQRk_oV-hYoznvCqYu0DMW4wP15pqXnIEEijOscXqER2kw=&os=windows&os_version=10.0.0&is_mobile=false&browser_version=117.0.5938.132&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=907&wiw=1280&ww=1280&wh=984&sah=984&wx=0&wy=0&cw=1263&wfc=2&pl=https%3A%2F%2Fhianime.to%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=America%2FNew_York&bto=240&tt=4&wgl=ANGLE%20(Google%2C%20Vulkan%201.3.0%20(SwiftShader%20Device%20(Subzero)%20(0x0000C0DE))%2C%20SwiftShader%20driver)&js_build=iclick-v1.980.24-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bml=1&bmi=1&wasm=1&dmn=wejeestuze.net&userId=w6wr476743lz937223226b3o5npvk856 HTTP/1.1Host: wejeestuze.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=008103a728344721f89b0f64a5fc3c27; oaidts=1730156794
Source: global traffic	HTTP traffic detected: GET /?rb=bxUxa5MGzypX6DvWnJGeJDJGj_HqLOF2Mu0IU_HexHxSgE77wUsey6AYZkbYpX9_bGdH4M-rIuixrONYy7GXRcUPgpPKKODE1H57LeDijJ-x_8LnUs23LKy9hDyAf-buOssG3u89JsF0coqE_EZ2ED4TSQx2pYUnOVH6Qp5t2VtmWn27mcvGxFQxyUHukQsasXEFuDanb8vNouaYOPVTNfwBgQSPaB3Er7PW5rSKUqTdeP8EA4T28wt0a5YNcsXOBNFuD5uXTGNxDLRPr0wLDrYo7tuzqCQRk_oV-hYoznvCqYu0DMW4wP15pqXnIEEijOscXqER2kw%3D&request_ab2=0&zoneid=6534229&js_build=iclick-v1.980.24-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=907&wiw=1280&ww=1280&wh=984&sah=984&wx=0&wy=0&cw=1263&wfc=2&pl=https%3A%2F%2Fhianime.to%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=America%2FNew_York&bto=240&tt=4&wgl=ANGLE%20(Google%2C%20Vulkan%201.3.0%20(SwiftShader%20Device%20(Subzero)%20(0x0000C0DE))%2C%20SwiftShader%20driver)&js_build=iclick-v1.980.24-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=38671fcb-ec68-4627-977a-750d8f930069&wasm=1&userId=w6wr476743lz937223226b3o5npvk856&os=windows&os_version=10.0.0&is_mobile=false&browser_version=117.0.5938.132&m=link HTTP/1.1Host: wejeestuze.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=w6wr476743lz937223226b3o5npvk856; oaidts=1730156797; syncedCookie=true
Source: global traffic	HTTP traffic detected: GET /gid.js?userId=w6wr476743lz937223226b3o5npvk856 HTTP/1.1Host: my.rtmark.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ID=w6wr476743lz937223226b3o5npvk856
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: hianime.toConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_R34F2GCSBW=GS1.1.1730156788.1.0.1730156788.0.0.0; fpestid=-VbLctLiw4yEBKTBFoNJYcJ_dVFt7KXeMal4CUhXBwawwl7ShMWtyaZ-z4dEeT-OO_Ij4Q; _ga=GA1.2.525988088.1730156788; _gid=GA1.2.867265630.1730156792; _gat_gtag_UA_304498478_1=1; _cc_id=4314c53bf0a50ee26fb672e299b0eb35; panoramaId_expiry=1730761594227; panoramaId=80ae3bc6e6f791d6378b72b3aa4b185ca02c260e3c61b5fce4f63442e6647f90; panoramaIdType=panoDevice; prefetchAd_6534229=true
Source: global traffic	HTTP traffic detected: GET /images/icons-192.png HTTP/1.1Host: hianime.toConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_R34F2GCSBW=GS1.1.1730156788.1.0.1730156788.0.0.0; fpestid=-VbLctLiw4yEBKTBFoNJYcJ_dVFt7KXeMal4CUhXBwawwl7ShMWtyaZ-z4dEeT-OO_Ij4Q; _ga=GA1.2.525988088.1730156788; _gid=GA1.2.867265630.1730156792; _gat_gtag_UA_304498478_1=1; _cc_id=4314c53bf0a50ee26fb672e299b0eb35; panoramaId_expiry=1730761594227; panoramaId=80ae3bc6e6f791d6378b72b3aa4b185ca02c260e3c61b5fce4f63442e6647f90; panoramaIdType=panoDevice; prefetchAd_6534229=true
Source: global traffic	HTTP traffic detected: GET /ttd?uid=2151bf18-6c47-42a6-8c06-55bf537d1c41&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /csync.ashx?fp=64a59d0cf7f5a63d7772e8d8071bed921fe43a8528d34dbaa139825925164c34f4cb09cee1a4f8eb&person_id=3648035269061902378&eid=50082 HTTP/1.1Host: ml314.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pi=3648035269061902378
Source: global traffic	HTTP traffic detected: GET /nlsn?uid=cfb3e233ce1663a94f8a7c2bbd3aebc9 HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /eyeota?uid=2W_wE_u4Xrk4zVUL-4hyVLlslNeZ5BlzbEFn-weG1xPw&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /ups/58724/cms?partner_id=SHARE&gdpr=0&gdpr_consent=&verify=true HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBP4YIGcCEA-8dSTNpIQpImDzS26Sov8FEgEBAQFqIWcpZ9xS0iMA_eMAAA&S=AQAAAvZ2bmWfMm4_pfnY6JXJwu4
Source: global traffic	HTTP traffic detected: GET /int/lotame?uid=4314c53bf0a50ee26fb672e299b0eb35&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /csync.ashx?fp=64a59d0cf7f5a63d7772e8d8071bed921fe43a8528d34dbaa139825925164c34f4cb09cee1a4f8eb&person_id=3648035269061902378&eid=50082 HTTP/1.1Host: ml314.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pi=3648035269061902378
Source: global traffic	HTTP traffic detected: GET /ttd?uid=2151bf18-6c47-42a6-8c06-55bf537d1c41&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /nlsn?uid=cfb3e233ce1663a94f8a7c2bbd3aebc9 HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /eyeota?uid=2W_wE_u4Xrk4zVUL-4hyVLlslNeZ5BlzbEFn-weG1xPw&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /yahoo?uid=y-wHfU9zNE2oMC8vMk6seyXBIbdf4zqByC0xc-~A&gdpr=0 HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /yahoo?uid=y-wHfU9zNE2oMC8vMk6seyXBIbdf4zqByC0xc-~A&gdpr=0 HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /386076.gif?partner_uid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=3BnBX1xoRy/eo10PkQxFx76+1dLl1kpbXEQmVZfvolc=; pxrc=CP6xgLkGEgUI6AcQABIFCNtOEAA=
Source: global traffic	HTTP traffic detected: GET /log?vendor=sharethis&user_id=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: segments.company-target.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/55128 HTTP/1.1Host: i.liadm.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /getuid?https%3A%2F%2Fsync.sharethis.com%2Fadnxs%3Fuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/55128?_li_chk=true&previous_uuid=1720535ce0ae40bc942b1ad5a527fc3c HTTP/1.1Host: i.liadm.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: lidid=1720535c-e0ae-40bc-942b-1ad5a527fc3c
Source: global traffic	HTTP traffic detected: GET /validateCookie?vendor=sharethis&user_id=ZGqAAmcgGPYAAAAMeC0AAw==&verifyHash=1da6e37ebbdd1ea8f735508dc64aba927410a882 HTTP/1.1Host: segments.company-target.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tuuid=9842ade0-8d2d-4c72-b716-6318f4b592c6; tuuid_lu=1730156803
Source: global traffic	HTTP traffic detected: GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.sharethis.com%252Fadnxs%253Fuid%253D%2524UID%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=iZLeoSRpYfBK_5VVTI9ToWo_wX_E_Sz-WyvahKFtjer2nG4kdK_4jAyuFvGhcMbnxe_QI3XLoCJfGvBnYItlbxFziFqXsTp8Rp-XhJsahfQ.; receive-cookie-deprecation=1; uuid2=2495590272282165975
Source: global traffic	HTTP traffic detected: GET /sync?vxii_pid=7006&vxii_pdid=1720535c-e0ae-40bc-942b-1ad5a527fc3c&us_privacy=1YN- HTTP/1.1Host: thrtle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /oiq?uid=Q7834432031746047990 HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /adnxs?uid=2495590272282165975&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /validateCookie?vendor=sharethis&user_id=ZGqAAmcgGPYAAAAMeC0AAw==&verifyHash=1da6e37ebbdd1ea8f735508dc64aba927410a882 HTTP/1.1Host: segments.company-target.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tuuid=9842ade0-8d2d-4c72-b716-6318f4b592c6; tuuid_lu=1730156803
Source: global traffic	HTTP traffic detected: GET /sync?_reach=1&vxii_pdid=1720535c-e0ae-40bc-942b-1ad5a527fc3c&vxii_pid=12&vxii_pid1=7006&vxii_rcid=62af6d52-c5df-4662-8cea-36b5dd7eea07&vxii_rmax=3 HTTP/1.1Host: thrtle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mc=eyJpZCI6IjYyYWY2ZDUyLWM1ZGYtNDY2Mi04Y2VhLTM2YjVkZDdlZWEwNyIsImwiOjE3MzAxNTY4MDUxNjksInQiOjF9
Source: global traffic	HTTP traffic detected: GET /oiq?uid=Q7834432031746047990 HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /adnxs?uid=2495590272282165975&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /sync?nid=throtle HTTP/1.1Host: sync.srv.stackadapt.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?rb=bxUxa5MGzypX6DvWnJGeJDJGj_HqLOF2Mu0IU_HexHxSgE77wUsey6AYZkbYpX9_bGdH4M-rIuixrONYy7GXRcUPgpPKKODE1H57LeDijJ-x_8LnUs23LKy9hDyAf-buOssG3u89JsF0coqE_EZ2ED4TSQx2pYUnOVH6Qp5t2VtmWn27mcvGxFQxyUHukQsasXEFuDanb8vNouaYOPVTNfwBgQSPaB3Er7PW5rSKUqTdeP8EA4T28wt0a5YNcsXOBNFuD5uXTGNxDLRPr0wLDrYo7tuzqCQRk_oV-hYoznvCqYu0DMW4wP15pqXnIEEijOscXqER2kw%3D&request_ab2=0&zoneid=6534229&js_build=iclick-v1.980.24-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=907&wiw=1280&ww=1280&wh=984&sah=984&wx=0&wy=0&cw=1263&wfc=2&pl=https%3A%2F%2Fhianime.to%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=America%2FNew_York&bto=240&tt=4&wgl=ANGLE%20(Google%2C%20Vulkan%201.3.0%20(SwiftShader%20Device%20(Subzero)%20(0x0000C0DE))%2C%20SwiftShader%20driver)&js_build=iclick-v1.980.24-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=38671fcb-ec68-4627-977a-750d8f930069&wasm=1&userId=w6wr476743lz937223226b3o5npvk856&os=windows&os_version=10.0.0&is_mobile=false&browser_version=117.0.5938.132&m=link HTTP/1.1Host: wejeestuze.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://hianime.toSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=w6wr476743lz937223226b3o5npvk856; syncedCookie=true; oaidts=1730156799
Source: global traffic	HTTP traffic detected: GET /4/6118780?var=6534229&btz=America/New_York&bto=240&bar=x HTTP/1.1Host: wejeestuze.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=w6wr476743lz937223226b3o5npvk856; syncedCookie=true; oaidts=1730156799
Source: global traffic	HTTP traffic detected: GET /stattag.js HTTP/1.1Host: tzegilo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync?vxii_pid=5044&vxii_pdid=HBpOvYyFUsVHlARWgw9h85te8bw&_t=1730156807 HTTP/1.1Host: thrtle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mc=eyJpZCI6IjYyYWY2ZDUyLWM1ZGYtNDY2Mi04Y2VhLTM2YjVkZDdlZWEwNyIsImwiOjE3MzAxNTY4MDYwNDYsInQiOjF9; sc=eyJpIjoiNjJhZjZkNTItYzVkZi00NjYyLThjZWEtMzZiNWRkN2VlYTA3Iiwic2lkIjoic2lkLTRkY2U1ZmRmLTk1ODEtMTFlZi04ZDk0LTAyNDIwYWZmMDcwYiIsIm1zIjozLCJ0cyI6MSwicHMiOjEsInNwIjo1MDQ0LCJwcCI6MSwidHNlIjoxLCJpciI6dHJ1ZSwibHRzZSI6MTczMDE1NjgwNjA0NywiXyI6dHJ1ZX0=
Source: global traffic	HTTP traffic detected: GET /cat.php?userId=w6wr476743lz937223226b3o5npvk856&zoneid=6534229&rb=9XUdjZPvB_0Klf0-Vph1JnyBrRyTRhvJ6EXxlMOwdNviUdsZDbo4B8dlqYyIWTc26Knw6ZMH8dECz4dj3Fl2b2UjI1AIqSHC7GQtyoT5Afs4pp28p5DBJzD0KmWPGq1mSgoy0SiPYJdP6e-v6zJ7vvnN-R2P_zoL5vygNkz9V-i4lt7h76OcaoTUkc11nP5k5YTHAmXOP94Yn6EDt4P99cDu6PHwIlPAg7UgRa4IDkJWnbCIEKGuBsj8-UlgFHAce7dhOja-4e1z3QE-jZquP_vaPvoMol-YCJa6r319Jkt9_F-9MCX1FQ7KmHc3jjafBHkCel-Om13dM2Ry&uac=-1 HTTP/1.1Host: wejeestuze.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=w6wr476743lz937223226b3o5npvk856; syncedCookie=true; oaidts=1730156799
Source: global traffic	HTTP traffic detected: GET /?rb=bxUxa5MGzypX6DvWnJGeJDJGj_HqLOF2Mu0IU_HexHxSgE77wUsey6AYZkbYpX9_bGdH4M-rIuixrONYy7GXRcUPgpPKKODE1H57LeDijJ-x_8LnUs23LKy9hDyAf-buOssG3u89JsF0coqE_EZ2ED4TSQx2pYUnOVH6Qp5t2VtmWn27mcvGxFQxyUHukQsasXEFuDanb8vNouaYOPVTNfwBgQSPaB3Er7PW5rSKUqTdeP8EA4T28wt0a5YNcsXOBNFuD5uXTGNxDLRPr0wLDrYo7tuzqCQRk_oV-hYoznvCqYu0DMW4wP15pqXnIEEijOscXqER2kw%3D&request_ab2=0&zoneid=6534229&js_build=iclick-v1.980.24-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=907&wiw=1280&ww=1280&wh=984&sah=984&wx=0&wy=0&cw=1263&wfc=2&pl=https%3A%2F%2Fhianime.to%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=America%2FNew_York&bto=240&tt=4&wgl=ANGLE%20(Google%2C%20Vulkan%201.3.0%20(SwiftShader%20Device%20(Subzero)%20(0x0000C0DE))%2C%20SwiftShader%20driver)&js_build=iclick-v1.980.24-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=38671fcb-ec68-4627-977a-750d8f930069&wasm=1&userId=w6wr476743lz937223226b3o5npvk856&os=windows&os_version=10.0.0&is_mobile=false&browser_version=117.0.5938.132&m=link HTTP/1.1Host: wejeestuze.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=w6wr476743lz937223226b3o5npvk856; syncedCookie=true; oaidts=1730156807
Source: global traffic	HTTP traffic detected: GET /CookieSyncThrotle? HTTP/1.1Host: rtb.adentifi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sftouch?userId=w6wr476743lz937223226b3o5npvk856&z=6118780&p_rid=e36faf16-626f-4710-a8d3-1150547b3f27&p_src=sf&branchId=0&rb=RIIUa7srI10eZHA2g6jWLjcRZML7i7AVOzzEuMl4DPQOOVxd_k7SfH8gM54cE2Sp6M1o3LbMCG6Y1N8FOCtJkFesGol9Kye1M5i1bkzxof-bNz9-DvlNu8XYGCMfBPbSzBaMNfngzG7pZwLw_Xq6X4xt_OaGoOHaYmJoSclj31SIgncvOZAPTHWtEXK6dOKzkhKIbjVGh5Ufg8-Mk5LJow6E_zIp1BRcLOPurHrWkCl6qncuB5icMbrb0sky0abx7Fu2SPASUoWSUgDSn4W2MJcXzXYHj3RrAKzme3lSsYNaE2ewaWoXpHHj-uHZEMXm&w_img=1 HTTP/1.1Host: wejeestuze.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wejeestuze.net/4/6118780?var=6534229&btz=America/New_York&bto=240&bar=xAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=w6wr476743lz937223226b3o5npvk856; syncedCookie=true; oaidts=1730156799; captcha=player
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: wejeestuze.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wejeestuze.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=windows&os_version=10.0.0&is_mobile=false&browser_version=117.0.5938.132Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=w6wr476743lz937223226b3o5npvk856; syncedCookie=true; oaidts=1730156799; captcha=player
Source: global traffic	HTTP traffic detected: GET /stattag.js HTTP/1.1Host: tzegilo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=e36faf16-626f-4710-a8d3-1150547b3f27 HTTP/1.1Host: wejeestuze.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=w6wr476743lz937223226b3o5npvk856; syncedCookie=true; oaidts=1730156799; captcha=player
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive?partner_id=2326&gdpr=0&gdpr_consent=&partner_device_id=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pull?pid=2583191d-9d1a-483f-97ec-86ebd89e7576&tr=1&g=1&return-unstable=true&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.sharethis.com%2Froqad%3Fuid%3D%24BROWSER_ID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ws.rqtrk.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /policy-sweep-check.htm?offer_id=99275599&geo=US&oaid=w6wr476743lz937223226b3o5npvk856&s=874903666652623598&z=6118780&b=21546778&var=6534229&campaignid=14083&utm_campaign=6534229&utm_medium=6118780&utm_source=zd_14083&utm_term=21546778&utm_content=zd_public_v2&country=US HTTP/1.1Host: vaigreevouta.xyzConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=38671fcb-ec68-4627-977a-750d8f930069 HTTP/1.1Host: datatechonert.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive/check?partner_id=2326&gdpr=0&gdpr_consent=&partner_device_id=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1730156810152; TapAd_DID=b7802705-ac8a-4306-a852-40f1f5ab70aa
Source: global traffic	HTTP traffic detected: GET /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=e36faf16-626f-4710-a8d3-1150547b3f27 HTTP/1.1Host: wejeestuze.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=w6wr476743lz937223226b3o5npvk856; syncedCookie=true; captcha=player; oaidts=1730156799
Source: global traffic	HTTP traffic detected: GET /sftouch?userId=w6wr476743lz937223226b3o5npvk856&z=6118780&p_rid=e36faf16-626f-4710-a8d3-1150547b3f27&p_src=sf&branchId=0&rb=RIIUa7srI10eZHA2g6jWLjcRZML7i7AVOzzEuMl4DPQOOVxd_k7SfH8gM54cE2Sp6M1o3LbMCG6Y1N8FOCtJkFesGol9Kye1M5i1bkzxof-bNz9-DvlNu8XYGCMfBPbSzBaMNfngzG7pZwLw_Xq6X4xt_OaGoOHaYmJoSclj31SIgncvOZAPTHWtEXK6dOKzkhKIbjVGh5Ufg8-Mk5LJow6E_zIp1BRcLOPurHrWkCl6qncuB5icMbrb0sky0abx7Fu2SPASUoWSUgDSn4W2MJcXzXYHj3RrAKzme3lSsYNaE2ewaWoXpHHj-uHZEMXm&w_img=1 HTTP/1.1Host: wejeestuze.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OAID=w6wr476743lz937223226b3o5npvk856; syncedCookie=true; captcha=player; oaidts=1730156799
Source: global traffic	HTTP traffic detected: GET /roqad?uid=324fba7f-1496-4812-b5fd-6b91f7656a86&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: vaigreevouta.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vaigreevouta.xyz/policy-sweep-check.htm?offer_id=99275599&geo=US&oaid=w6wr476743lz937223226b3o5npvk856&s=874903666652623598&z=6118780&b=21546778&var=6534229&campaignid=14083&utm_campaign=6534229&utm_medium=6118780&utm_source=zd_14083&utm_term=21546778&utm_content=zd_public_v2&country=USAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b7802705-ac8a-4306-a852-40f1f5ab70aa%252C%252C&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=2151bf18-6c47-42a6-8c06-55bf537d1c41; TDCPM=CAEYBSABKAIyCwiKxcP8_Ou7PRAFOAE.
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive?partner_id=1830&partner_device_id=2151bf18-6c47-42a6-8c06-55bf537d1c41&ttd_puid=b7802705-ac8a-4306-a852-40f1f5ab70aa%2C%2C HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1730156810152; TapAd_DID=b7802705-ac8a-4306-a852-40f1f5ab70aa; TapAd_3WAY_SYNCS=
Source: global traffic	HTTP traffic detected: GET /roqad?uid=324fba7f-1496-4812-b5fd-6b91f7656a86&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /merge?pid=8050&3pid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&location=https%3A%2F%2Fsync.sharethis.com%2Fsovrn%3Fuid%3D%5BSOVRNID%5D HTTP/1.1Host: ce.lijit.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: vaigreevouta.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive?partner_id=1830&partner_device_id=2151bf18-6c47-42a6-8c06-55bf537d1c41&ttd_puid=b7802705-ac8a-4306-a852-40f1f5ab70aa%2C%2C HTTP/1.1Host: pixel.tapad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1730156810152; TapAd_DID=b7802705-ac8a-4306-a852-40f1f5ab70aa; TapAd_3WAY_SYNCS=1!7271
Source: global traffic	HTTP traffic detected: GET /s/121/2.gif?puid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /merge?pid=8050&3pid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&location=https%3A%2F%2Fsync.sharethis.com%2Fsovrn%3Fuid%3D%5BSOVRNID%5D&dnr=1 HTTP/1.1Host: ce.lijit.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ljt_reader=JkwqARZHi7yHSqT9SOi7ayR2
Source: global traffic	HTTP traffic detected: GET /c/121/121/2/1.gif?puid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=2bd96c41-0248-7308-a7e5-0e51819a4ed8#1730156814285#1
Source: global traffic	HTTP traffic detected: GET /sovrn?uid=JkwqARZHi7yHSqT9SOi7ayR2 HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /sovrn?uid=JkwqARZHi7yHSqT9SOi7ayR2 HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F121%2F441%2F1%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: rtb.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adscores/r.pixel?sid=9212270798&puid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: aa.agkn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/121/441/1/2.gif?puid=e_3cc2536b-0cc2-439f-8439-ce65af800cec&gdpr=0&gdpr_consent= HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=2bd96c41-0248-7308-a7e5-0e51819a4ed8#1730156814285#2; 3pi=121#1730156815391#-552445553
Source: global traffic	HTTP traffic detected: GET /adscores/r.pixel?sid=9212270798&puid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: aa.agkn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ab=0001%3AHW5YirwwN7Il6jNvn4fwNv9dg68Kb4%2Fz
Source: global traffic	HTTP traffic detected: GET /?partner=138&gdpr=0&gdpr_consent=&mapped=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D HTTP/1.1Host: pixel.onaudience.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=2151bf18-6c47-42a6-8c06-55bf537d1c41; TDCPM=CAESFAoFdGFwYWQSCwje2vbd5-u7PRAFGAEgASgCMgsIitH5iv7ruz0QBTgBWgV0YXBhZGAC
Source: global traffic	HTTP traffic detected: GET /cookie-sync/id5?us_privacy= HTTP/1.1Host: match.prod.bidr.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?partner=147&mapped=2151bf18-6c47-42a6-8c06-55bf537d1c41&icm&gdpr=0&gdpr_consent=&cver HTTP/1.1Host: pixel.onaudience.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookie=5308a287155b7085; done_redirects147=1
Source: global traffic	HTTP traffic detected: GET /cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP/1.1Host: match.prod.bidr.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: checkForPermission=ok
Source: global traffic	HTTP traffic detected: GET /k/155.gif?puid=AAEJRE7OQDIAABXuPvAYYA&id5AccountNum=155&numCascadesAllowed=9 HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=2bd96c41-0248-7308-a7e5-0e51819a4ed8#1730156814285#2; 3pi=121#1730156815391#-552445553\|441#1730156817855#-1781507910#e_3cc2536b-0cc2-439f-8439-ce65af800cec; cf=gif; cip=121; cnac=0; car=3; gdpr=0\|
Source: global traffic	HTTP traffic detected: GET /cms?partner_id=DELI&gdpr=0 HTTP/1.1Host: cms.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBP4YIGcCEA-8dSTNpIQpImDzS26Sov8FEgEBAQFqIWcpZ9xS0iMA_eMAAA&S=AQAAAvZ2bmWfMm4_pfnY6JXJwu4; IDSYNC=19b8~2lin
Source: global traffic	HTTP traffic detected: GET /v1/s/sharethis?puid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdprcs=?&rdurl=http%3A%2F%2Fsync.sharethis.com%2Fcarbon%3Fuid%3D%7B%7Bccuid%7D%7D%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: eus-api.ccgateway.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /k/155.gif?puid=AAEJRE7OQDIAABXuPvAYYA&id5AccountNum=155&numCascadesAllowed=9 HTTP/1.1Host: id5-sync.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=2bd96c41-0248-7308-a7e5-0e51819a4ed8#1730156814285#2; 3pi=121#1730156815391#-552445553\|441#1730156817855#-1781507910#e_3cc2536b-0cc2-439f-8439-ce65af800cec\|155#1730156821670#-1510354881#AAEJRE7OQDIAABXuPvAYYA
Source: global traffic	HTTP traffic detected: GET /ups/58679/cms?partner_id=DELI&gdpr=0 HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBP4YIGcCEA-8dSTNpIQpImDzS26Sov8FEgEBAQFqIWcpZ9xS0iMA_eMAAA&S=AQAAAvZ2bmWfMm4_pfnY6JXJwu4; IDSYNC=19b8~2lin
Source: global traffic	HTTP traffic detected: GET /pixel?pid=m4omg6v&t=gif&call=2&gdpr=0&gdpr_consent= HTTP/1.1Host: ps.eyeota.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mako_uid=192d5619f40-3bfb0000010f586d; SERVERID=22637~DM
Source: global traffic	HTTP traffic detected: GET /?partner=252&mapped=y-sOI5tEpE2pRehte.P_CC.Ct5eKHsJ3ar.Q--~A&gdpr=0 HTTP/1.1Host: pixel.onaudience.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookie=5308a287155b7085; done_redirects147=1; done_redirects252=1
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=eye&google_cm&google_sc&google_hm=MlgwVnZnUGdOemRsUWpTZjNIQU1YTUtIa3lka3dvU19iRV93djAxUmNJbDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=m4omg6v&&referrer_pid=m4omg6v HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP/1.1Host: pixel.onaudience.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookie=5308a287155b7085; done_redirects147=1; done_redirects252=1; done_redirects109=1
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MlgwVnZnUGdOemRsUWpTZjNIQU1YTUtIa3lka3dvU19iRV93djAxUmNJbDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=m4omg6v&referrer_pid=m4omg6v&google_tc= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=m4omg6v&referrer_pid=m4omg6v&google_gid=CAESEG0L0ZNM1waH-bvd2pCZjfE&google_cver=1 HTTP/1.1Host: ps.eyeota.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mako_uid=192d5619f40-3bfb0000010f586d; SERVERID=22637~DM
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=600901&dpuuid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.sharethis.com%2Fadobe%3Fuid%3D%24%7BDD_UUID%7D%26_rand%3D1730156815489 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /connectors/sharethis/usersync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.sharethis.com%2Fbasis%3Fuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: pixel-sync.sitescout.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w/1.0/cm?id=37d1e8f3-8329-48ce-b278-0c992e7e03af&r=https%3A%2F%2Fsync.sharethis.com%2Fopenx%3Fuid%3D HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /image.sbmx?go=304847&pid=583&xid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D HTTP/1.1Host: ib.mookie1.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync/img?req=api5137&cust=269&p1=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D HTTP/1.1Host: api5137.d41.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync/img?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.sharethis.com%2Fmediamath%3Fuid%3D%5BMM_UUID%5D HTTP/1.1Host: pixel.mathtag.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /r/dd/id/L2NzaWQvMS9jaWQvMTc1MDM5MzI3NS90LzA/url/https%3A%2F%2Fsync.sharethis.com%2Fnexxen%3Fuid%3D%24!%7BTURN_UUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: d.turn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?i=515400001&ip&id=predactive:ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: audience.synocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /map/st/?pid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: map.go.affec.tvConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /connectors/sharethis/usersync?cookieQ=1&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.sharethis.com%2Fbasis%3Fuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: pixel-sync.sitescout.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ssi=1cd085c7-d9f0-45f2-994c-eeeaa8df646c#1730156827761
Source: global traffic	HTTP traffic detected: GET /w/1.0/cm?cc=1&id=37d1e8f3-8329-48ce-b278-0c992e7e03af&r=https%3A%2F%2Fsync.sharethis.com%2Fopenx%3Fuid%3D HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=821957f9-c138-466a-b063-e049b1b1df1c\|1730156827
Source: global traffic	HTTP traffic detected: GET /demconf.jpg?et:ibs%7cdata:dpid=600901&dpuuid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.sharethis.com%2Fadobe%3Fuid%3D%24%7BDD_UUID%7D%26_rand%3D1730156815489 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=57995349001529773434166949594740360752
Source: global traffic	HTTP traffic detected: GET /r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=m4omg6v&&referrer_pid=m4omg6v HTTP/1.1Host: d.turn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /712087.gif?cparams=7047493e75b1491fab961fdea3877ecd-cfe2be4afa90439b8421f746fb5208b2-2-269-api5137 HTTP/1.1Host: id.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=3BnBX1xoRy/eo10PkQxFx76+1dLl1kpbXEQmVZfvolc=; pxrc=CP6xgLkGEgUI6AcQABIFCNtOEAA=
Source: global traffic	HTTP traffic detected: GET /mediamath?uid=500c6720-191c-4e00-81f2-d7fbed1ab491&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=ibehavior&google_cm&google_sc&pid=266&go=244276&m=&xid=ZGqAAmcgGPYAAAAMeC0AAw== HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkMs5f9dyet3ee9XUPRZzi7ppCc22blNKW0qnm6pwZLok-GaLanlscI6cyI1Oo
Source: global traffic	HTTP traffic detected: GET /nexxen?uid=3217476897502835182&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /match?dsp_callback=1&publisher_dsp_id=440&external_user_id=6720191c9d63b30001c8c1b4&r=https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fim%2F%7BPUB_USER_ID%7D%3Fch%3D6720191c9d63b30001c8c1b5%26chc%3Dst%26redirect_url%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: match.360yield.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /openx?uid=d6aa3630-fb1f-4001-9510-afc499012c19 HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /basis?uid=1cd085c7-d9f0-45f2-994c-eeeaa8df646c-6720191b-5553&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /adobe?uid=57995349001529773434166949594740360752&_rand=1730156815489 HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /match?bid=1mpjpn0&turn_id=3639968756646353895&newuser=1&dc_rc=2&dc_mr=5&dc_orig=m4omg6v&&referrer_pid=m4omg6v HTTP/1.1Host: ps.eyeota.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mako_uid=192d5619f40-3bfb0000010f586d; SERVERID=22637~DM
Source: global traffic	HTTP traffic detected: GET /mediamath?uid=500c6720-191c-4e00-81f2-d7fbed1ab491&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /image.sbxx?pid=266&go=244276&m=&xid=ZGqAAmcgGPYAAAAMeC0AAw==&google_gid=CAESEJ7f1Kvup6hBpBOGiWe_OzQ&google_cver=1 HTTP/1.1Host: global.ib-ibi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nexxen?uid=3217476897502835182&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /ul_cb/match?dsp_callback=1&publisher_dsp_id=440&external_user_id=6720191c9d63b30001c8c1b4&r=https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fim%2F%7BPUB_USER_ID%7D%3Fch%3D6720191c9d63b30001c8c1b5%26chc%3Dst%26redirect_url%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: match.360yield.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tuuid=4a1d9372-53d7-41e1-97c0-d7599eabfd40; tuuid_lu=1730156829
Source: global traffic	HTTP traffic detected: GET /openx?uid=d6aa3630-fb1f-4001-9510-afc499012c19 HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /basis?uid=1cd085c7-d9f0-45f2-994c-eeeaa8df646c-6720191b-5553&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /adobe?uid=57995349001529773434166949594740360752&_rand=1730156815489 HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /image.sbxx?pid=266&go=244276&m=&xid=ZGqAAmcgGPYAAAAMeC0AAw==&google_gid=CAESEJ7f1Kvup6hBpBOGiWe_OzQ&google_cver=1 HTTP/1.1Host: ib.mookie1.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=uds1dxzbqm2xoysybt4w1l1d; ibkukiuno=s=8cab1ae4-04fb-4579-b222-5d4e18f94fd2&h=&v=0&l=-8584714500683049851&op=&hl=0&vlu=0&tcs=1&dcc=-8584714500683049851; ibkukinet=2606690748=-8584714500683049851
Source: global traffic	HTTP traffic detected: GET /map/im/4a1d9372-53d7-41e1-97c0-d7599eabfd40?ch=6720191c9d63b30001c8c1b5&chc=st&redirect_url=&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP/1.1Host: map.go.affec.tvConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ck=6720191c9d63b30001c8c1b4; oo=1; pt=eyJzdCI6eyJkdCI6MTczMDE1NjgyOCwiaWQiOiJaR3FBQW1jZ0dQWUFBQUFNZUMwQUF3PT0iLCJscyI6MTczMDE1NjgyOH0sInYiOjB9\|1730156828\|1040d92d8a976a644cdc60078e1966888784418a
Source: global traffic	HTTP traffic detected: GET /image.sbxx?pid=266&go=244276&m=&xid=ZGqAAmcgGPYAAAAMeC0AAw==&google_gid=CAESEJ7f1Kvup6hBpBOGiWe_OzQ&google_cver=1 HTTP/1.1Host: ib.mookie1.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=uds1dxzbqm2xoysybt4w1l1d; ibkukiuno=s=8cab1ae4-04fb-4579-b222-5d4e18f94fd2&h=&v=0&l=-8584714500581623151&op=&hl=0&vlu=0&tcs=2&dcc=-8584714500683049851; ibkukinet=2606690748=-8584714500581623151&2606690748=-8584714500581623151
Source: global traffic	HTTP traffic detected: GET /match?uid=ZyAZHgAAAJ2n7wAZ&bid=0rijhbu&dc_rc=3&dc_mr=5&dc_orig=m4omg6v&&referrer_pid=m4omg6v&_test=ZyAZHgAAAJ2n7wAZ HTTP/1.1Host: ps.eyeota.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mako_uid=192d5619f40-3bfb0000010f586d; SERVERID=22637~DM
Source: global traffic	HTTP traffic detected: GET /getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6720191c9d63b30001c8c1b5%26chc%3Dst%257Cim%26redirect_url%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: secure.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=iZLeoSRpYfBK_5VVTI9ToWo_wX_E_Sz-WyvahKFtjer2nG4kdK_4jAyuFvGhcMbnxe_QI3XLoCJfGvBnYItlbxFziFqXsTp8Rp-XhJsahfQ.; receive-cookie-deprecation=1; uuid2=2495590272282165975
Source: global traffic	HTTP traffic detected: GET /getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Dm4omg6v%26%26referrer_pid%3Dm4omg6v HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=iZLeoSRpYfBK_5VVTI9ToWo_wX_E_Sz-WyvahKFtjer2nG4kdK_4jAyuFvGhcMbnxe_QI3XLoCJfGvBnYItlbxFziFqXsTp8Rp-XhJsahfQ.; receive-cookie-deprecation=1; uuid2=2495590272282165975
Source: global traffic	HTTP traffic detected: GET /map/an/2495590272282165975?ch=6720191c9d63b30001c8c1b5&chc=st%7Cim&redirect_url=&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP/1.1Host: map.go.affec.tvConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ck=6720191c9d63b30001c8c1b4; oo=1; pt=eyJzdCI6eyJkdCI6MTczMDE1NjgyOCwiaWQiOiJaR3FBQW1jZ0dQWUFBQUFNZUMwQUF3PT0iLCJscyI6MTczMDE1NjgyOH0sImltIjp7ImR0IjoxNzMwMTU2ODMxLCJpZCI6IjRhMWQ5MzcyLTUzZDctNDFlMS05N2MwLWQ3NTk5ZWFiZmQ0MCIsImxzIjoxNzMwMTU2ODMxfSwidiI6MH0=\|1730156831\|daa22bde9cc8e0023a58313aaf30f5e711aad670
Source: global traffic	HTTP traffic detected: GET /match?uid=2495590272282165975&bid=2cr76e1&dc_rc=4&dc_mr=5&dc_orig=m4omg6v&&referrer_pid=m4omg6v HTTP/1.1Host: ps.eyeota.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mako_uid=192d5619f40-3bfb0000010f586d; SERVERID=22637~DM
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=2151bf18-6c47-42a6-8c06-55bf537d1c41; TDCPM=CAESFAoFdGFwYWQSCwje2vbd5-u7PRAFGAEgASgCMgsInrPzzf7ruz0QBTgBWgd4a3N3OWxhYAI.
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=2151bf18-6c47-42a6-8c06-55bf537d1c41; TDCPM=CAESFAoFdGFwYWQSCwje2vbd5-u7PRAFGAEgASgCMgsInrPzzf7ruz0QBTgBWgd4a3N3OWxhYAI.
Source: global traffic	HTTP traffic detected: GET /map/ttd/2151bf18-6c47-42a6-8c06-55bf537d1c41?ttd_puid=&gdpr=0&gdpr_consent= HTTP/1.1Host: map.go.affec.tvConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ck=6720191c9d63b30001c8c1b4; oo=1; pt=eyJhbiI6eyJkdCI6MTczMDE1NjgzNCwiaWQiOiIyNDk1NTkwMjcyMjgyMTY1OTc1IiwibHMiOjE3MzAxNTY4MzR9LCJzdCI6eyJkdCI6MTczMDE1NjgyOCwiaWQiOiJaR3FBQW1jZ0dQWUFBQUFNZUMwQUF3PT0iLCJscyI6MTczMDE1NjgyOH0sImltIjp7ImR0IjoxNzMwMTU2ODMxLCJpZCI6IjRhMWQ5MzcyLTUzZDctNDFlMS05N2MwLWQ3NTk5ZWFiZmQ0MCIsImxzIjoxNzMwMTU2ODMxfSwidiI6MH0=\|1730156834\|7d1f9fa335aee7cbcc0fb0d46c42cd7caa558416
Source: global traffic	HTTP traffic detected: GET /match?uid=2151bf18-6c47-42a6-8c06-55bf537d1c41&bid=1e2n4ou HTTP/1.1Host: ps.eyeota.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mako_uid=192d5619f40-3bfb0000010f586d; SERVERID=22637~DM
Source: global traffic	HTTP traffic detected: GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fsync.sharethis.com%2Fpubmatic%3Fuid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT HTTP/1.1Host: image6.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /398646.gif?n=1 HTTP/1.1Host: rc.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=3BnBX1xoRy/eo10PkQxFx76+1dLl1kpbXEQmVZfvolc=; pxrc=CP6xgLkGEgUI6AcQABIFCNtOEAA=
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /match?uid=2151bf18-6c47-42a6-8c06-55bf537d1c41&bid=1e2n4ou HTTP/1.1Host: ps.eyeota.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mako_uid=192d5619f40-3bfb0000010f586d; SERVERID=22637~DM
Source: global traffic	HTTP traffic detected: GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fsync.sharethis.com%2Fpubmatic%3Fuid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&rdf=1 HTTP/1.1Host: image6.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KTPCACOOKIE=YES
Source: global traffic	HTTP traffic detected: GET /api/sync?pid=5324&it=1&iv=336baef0b788e58a0ac5e354ba0c7b3e7b5385d97bd64577a2a0891bca84fab1791426b5417dce21&_=2 HTTP/1.1Host: pippio.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /pubmatic?uid=C9610386-E77C-4A32-BC3D-AF407972DD08&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /398646.gif?n=2 HTTP/1.1Host: rc.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=gkqgnaY+/WQfdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=; pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAA
Source: global traffic	HTTP traffic detected: GET /398646.gif?n=3 HTTP/1.1Host: rc.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=gkqgnaY+/WQfdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=; pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAA
Source: global traffic	HTTP traffic detected: GET /398646.gif?n=4 HTTP/1.1Host: rc.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=gkqgnaY+/WQfdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=; pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAA
Source: global traffic	HTTP traffic detected: GET /398646.gif?n=5 HTTP/1.1Host: rc.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=gkqgnaY+/WQfdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=; pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAA
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=821957f9-c138-466a-b063-e049b1b1df1c\|1730156827
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=2151bf18-6c47-42a6-8c06-55bf537d1c41; TDCPM=CAESFAoFdGFwYWQSCwje2vbd5-u7PRAFGAEgASgCMgsIoJ-e9f_ruz0QBTgBWgZleWVvdGFgAg..
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=epsilon&google_cm HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkMs5f9dyet3ee9XUPRZzi7ppCc22blNKW0qnm6pwZLok-GaLanlscI6cyI1Oo
Source: global traffic	HTTP traffic detected: GET /getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=iZLeoSRpYfBK_5VVTI9ToWo_wX_E_Sz-WyvahKFtjer2nG4kdK_4jAyuFvGhcMbnxe_QI3XLoCJfGvBnYItlbxFziFqXsTp8Rp-XhJsahfQ.; receive-cookie-deprecation=1; uuid2=2495590272282165975
Source: global traffic	HTTP traffic detected: GET /pubmatic?uid=C9610386-E77C-4A32-BC3D-AF407972DD08&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
Source: global traffic	HTTP traffic detected: GET /396846.gif?served_by=evergreen&partner_uid=047317c6-a5f8-4ffd-b5cc-a852ec0d8d39 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=KlsJwD7R4AofdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=; pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAAEgYItuoBECo=
Source: global traffic	HTTP traffic detected: GET /362588.gif?partner_uid=2151bf18-6c47-42a6-8c06-55bf537d1c41 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=KlsJwD7R4AofdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=; pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAAEgYItuoBECo=
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /362358.gif?google_gid=CAESEGJhSvAopj9Ll4b2TFvbifo&google_cver=1 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=KlsJwD7R4AofdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=; pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAAEgYItuoBECo=
Source: global traffic	HTTP traffic detected: GET /52154.gif?served_by=evergreen&partner_uid=2495590272282165975 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=KlsJwD7R4AofdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=; pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAAEgYItuoBECo=
Source: global traffic	HTTP traffic detected: GET /396846.gif?served_by=evergreen&partner_uid=047317c6-a5f8-4ffd-b5cc-a852ec0d8d39 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAAEgYItuoBECo=; rlas3=ecn9eKNZVCIfdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=
Source: global traffic	HTTP traffic detected: GET /362588.gif?partner_uid=2151bf18-6c47-42a6-8c06-55bf537d1c41 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAAEgYItuoBECo=; rlas3=ecn9eKNZVCIfdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /362358.gif?google_gid=CAESEGJhSvAopj9Ll4b2TFvbifo&google_cver=1 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAAEgYItuoBECo=; rlas3=o1HMHirwUcAfdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=
Source: global traffic	HTTP traffic detected: GET /52154.gif?served_by=evergreen&partner_uid=2495590272282165975 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pxrc=CP6xgLkGEgUI6AcQABIFCOhHECgSBQjbThAAEgYItuoBECo=; rlas3=o1HMHirwUcAfdpZjq40qbr6+1dLl1kpbXEQmVZfvolc=
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: "false": "https://www.facebook.com/dialog/send?" + st.qs({ equals www.facebook.com (Facebook)
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: facebook: "https://www.facebook.com/sharer.php?" + st.qs({ equals www.facebook.com (Facebook)
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: linkedin: "https://www.linkedin.com/shareArticle?" + st.qs({ equals www.linkedin.com (Linkedin)
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: facebook: 'https://www.facebook.com/', equals www.facebook.com (Facebook)
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: linkedin: 'https://www.linkedin.com/', equals www.linkedin.com (Linkedin)
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: twitter: 'https://www.twitter.com/', equals www.twitter.com (Twitter)
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: youtube: 'https://www.youtube.com/', equals www.youtube.com (Youtube)
Source: chromecache_236.2.dr, chromecache_229.2.dr	String found in binary or memory: Math.round(q);t["gtm.videoElapsedTime"]=Math.round(f);t["gtm.videoPercent"]=r;t["gtm.videoVisible"]=u;return t},rk:function(){e=pb()},zd:function(){d()}}};var Yb=ka(["data-gtm-yt-inspected-"]),qD=["www.youtube.com","www.youtube-nocookie.com"],rD,sD=!1; equals www.youtube.com (Youtube)
Source: chromecache_236.2.dr, chromecache_229.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var k=XA(a,c,e);S(121);if(k["gtm.elementUrl"]==="https://www.facebook.com/tr/")return S(122),!0;if(d&&f){for(var m=Ab(b,g.length),n=0;n<g.length;++n)g[n](k,m);return m.done}for(var p=0;p<g.length;++p)g[p](k,function(){});return!0},$A=function(){var a=[],b=function(c){return db(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_236.2.dr, chromecache_229.2.dr	String found in binary or memory: if(!(e\|\|f\|\|g\|\|k.length\|\|m.length))return;var p={Ah:e,yh:f,zh:g,ii:k,ji:m,Pe:n,Ib:b},q=C.YT;if(q)return q.ready&&q.ready(d),b;var r=C.onYouTubeIframeAPIReady;C.onYouTubeIframeAPIReady=function(){r&&r();d()};F(function(){for(var u=E.getElementsByTagName("script"),v=u.length,t=0;t<v;t++){var w=u[t].getAttribute("src");if(BD(w,"iframe_api")\|\|BD(w,"player_api"))return b}for(var x=E.getElementsByTagName("iframe"),y=x.length,A=0;A<y;A++)if(!sD&&zD(x[A],p.Pe))return oc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_139.2.dr, chromecache_191.2.dr	String found in binary or memory: return b}oD.F="internal.enableAutoEventOnTimer";var Yb=ka(["data-gtm-yt-inspected-"]),qD=["www.youtube.com","www.youtube-nocookie.com"],rD,sD=!1; equals www.youtube.com (Youtube)
Source: chromecache_236.2.dr, chromecache_229.2.dr	String found in binary or memory: var DC=function(a,b,c,d,e){var f=uA("fsl",c?"nv.mwt":"mwt",0),g;g=c?uA("fsl","nv.ids",[]):uA("fsl","ids",[]);if(!g.length)return!0;var k=zA(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);S(121);if(m==="https://www.facebook.com/tr/")return S(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!gz(k,iz(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: hianime.to
Source: global traffic	DNS traffic detected: DNS query: stackpath.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: use.fontawesome.com
Source: global traffic	DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: platform-api.sharethis.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: buttons-config.sharethis.com
Source: global traffic	DNS traffic detected: DNS query: l.sharethis.com
Source: global traffic	DNS traffic detected: DNS query: cswjpnmveybweu.com
Source: global traffic	DNS traffic detected: DNS query: count-server.sharethis.com
Source: global traffic	DNS traffic detected: DNS query: platform-cdn.sharethis.com
Source: global traffic	DNS traffic detected: DNS query: t.sharethis.com
Source: global traffic	DNS traffic detected: DNS query: bcp.crwdcntrl.net
Source: global traffic	DNS traffic detected: DNS query: wejeestuze.net
Source: global traffic	DNS traffic detected: DNS query: sync.sharethis.com
Source: global traffic	DNS traffic detected: DNS query: my.rtmark.net
Source: global traffic	DNS traffic detected: DNS query: yonmewon.com
Source: global traffic	DNS traffic detected: DNS query: sr7pv7n5x.com
Source: global traffic	DNS traffic detected: DNS query: loadus.exelator.com
Source: global traffic	DNS traffic detected: DNS query: match.adsrvr.org
Source: global traffic	DNS traffic detected: DNS query: ps.eyeota.net
Source: global traffic	DNS traffic detected: DNS query: ml314.com
Source: global traffic	DNS traffic detected: DNS query: cms.analytics.yahoo.com
Source: global traffic	DNS traffic detected: DNS query: idsync.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: ups.analytics.yahoo.com
Source: global traffic	DNS traffic detected: DNS query: segments.company-target.com
Source: global traffic	DNS traffic detected: DNS query: ib.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: px.owneriq.net
Source: global traffic	DNS traffic detected: DNS query: i.liadm.com
Source: global traffic	DNS traffic detected: DNS query: thrtle.com
Source: global traffic	DNS traffic detected: DNS query: sync.srv.stackadapt.com
Source: global traffic	DNS traffic detected: DNS query: tzegilo.com
Source: global traffic	DNS traffic detected: DNS query: flerap.com
Source: global traffic	DNS traffic detected: DNS query: fleraprt.com
Source: global traffic	DNS traffic detected: DNS query: datatechonert.com
Source: global traffic	DNS traffic detected: DNS query: rtb.adentifi.com
Source: global traffic	DNS traffic detected: DNS query: ws.rqtrk.eu
Source: global traffic	DNS traffic detected: DNS query: pixel.tapad.com
Source: global traffic	DNS traffic detected: DNS query: vaigreevouta.xyz
Source: global traffic	DNS traffic detected: DNS query: ce.lijit.com
Source: global traffic	DNS traffic detected: DNS query: id5-sync.com
Source: global traffic	DNS traffic detected: DNS query: rtb.gumgum.com
Source: global traffic	DNS traffic detected: DNS query: aa.agkn.com
Source: global traffic	DNS traffic detected: DNS query: pixel.onaudience.com
Source: global traffic	DNS traffic detected: DNS query: match.prod.bidr.io
Source: global traffic	DNS traffic detected: DNS query: eus-api.ccgateway.net
Source: global traffic	DNS traffic detected: DNS query: cm.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: tags.bluekai.com
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: map.go.affec.tv
Source: global traffic	DNS traffic detected: DNS query: ib.mookie1.com
Source: global traffic	DNS traffic detected: DNS query: api5137.d41.co
Source: global traffic	DNS traffic detected: DNS query: pixel.mathtag.com
Source: global traffic	DNS traffic detected: DNS query: pixel-sync.sitescout.com
Source: global traffic	DNS traffic detected: DNS query: d.turn.com
Source: global traffic	DNS traffic detected: DNS query: us-u.openx.net
Source: global traffic	DNS traffic detected: DNS query: audience.synocdn.com
Source: global traffic	DNS traffic detected: DNS query: id.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: c.cintnetworks.com
Source: global traffic	DNS traffic detected: DNS query: match.360yield.com
Source: global traffic	DNS traffic detected: DNS query: global.ib-ibi.com
Source: global traffic	DNS traffic detected: DNS query: sync-tm.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: secure.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: image6.pubmatic.com
Source: global traffic	DNS traffic detected: DNS query: rc.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: pippio.com

Source: unknown

HTTP traffic detected: POST /6/map HTTP/1.1Host: bcp.crwdcntrl.netConnection: keep-aliveContent-Length: 439sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://hianime.toSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://hianime.to/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 28 Oct 2024 23:06:50 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcf-cache-status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDWDcRo6RR36Pc8Z%2F%2FGzYdXCXa%2FAJTOEaLBc%2BM2Ovj3OHstqJ5f9kVZnzyn7RbNe3%2Fjelg%2BXKN%2Bnu4iPnWxMBaQmqfm%2FT4tJJPoNW1JtXe55BUrLuRbIaG4qga0yZTwT9Kxe"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d9e941f5cd34647-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1004&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2841&recv_bytes=1519&delivery_rate=2452159&cwnd=249&unsent_bytes=0&cid=2c111dbf3025fb22&ts=560&x=0"

Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://ajaxian.com/archives/creating-a-queryselector-for-ie-that-runs-at-native-speed
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://compose.mail.yahoo.com/?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://service.weibo.com/share/share.php?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://share.naver.com/web/shareView.nhn?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://surfingbird.ru/share?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://widget.renren.com/dialog/share?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://wordpress.com/wp-admin/press-this.php?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://www.douban.com/recommend/?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://www.evernote.com/clip.action?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://www.instapaper.com/edit?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: http://www.plurk.com/?
Source: chromecache_229.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_205.2.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Source: chromecache_187.2.dr, chromecache_186.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://api.qrserver.com/v1/create-qr-code/?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://bitbucket.org/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://buffer.com/add?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://buttons-config.sharethis.com/js/
Source: chromecache_139.2.dr, chromecache_236.2.dr, chromecache_191.2.dr, chromecache_229.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://connect.mail.ru/share?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://connect.ok.ru/dk?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://count-server.sharethis.com/v2.0/get_counts?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://data.stbuttons.click/data
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://datasphere-sbsvc.sharethis.com?n=
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://del.icio.us/save?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://developers.gfycat.com/iframe/#gfycat-iframe
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://digg.com/submit?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://discord.gg/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://dribbble.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://electricbikereview.com/gocycle/gs/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://embed.ly/code?url=http%3A%2F%2Fgoogle.com
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://en.support.wordpress.com/soundcloud-audio-player/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://flipboard.com/
Source: chromecache_232.2.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_232.2.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_181.2.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Poppins:wght
Source: chromecache_173.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2)
Source: chromecache_173.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2)
Source: chromecache_173.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)
Source: chromecache_173.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)
Source: chromecache_173.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2)
Source: chromecache_173.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2)
Source: chromecache_173.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2)
Source: chromecache_173.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2)
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://foursquare.com/intent/venue/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://foursquare.com/v/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://gab.com/compose?url=
Source: chromecache_220.2.dr	String found in binary or memory: https://gdpr-api.sharethis.com/cmp-v2.js
Source: chromecache_220.2.dr	String found in binary or memory: https://gdpr-api.sharethis.com/cmp.js
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://gdpr-api.sharethis.com/is_eu
Source: chromecache_201.2.dr, chromecache_155.2.dr, chromecache_158.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://getpocket.com/edit?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://giphy.com/posts/how-to-embed-giphy-gifs-on-your-website
Source: chromecache_201.2.dr, chromecache_155.2.dr, chromecache_158.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_201.2.dr, chromecache_158.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://gitlab.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://goop.com/wellness/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://help.imgur.com/hc/en-us/articles/211273743-Embed-Unit
Source: chromecache_205.2.dr, chromecache_206.2.dr, chromecache_165.2.dr	String found in binary or memory: https://hianime.to/
Source: chromecache_205.2.dr	String found in binary or memory: https://hianime.to/images/capture.png
Source: chromecache_174.2.dr	String found in binary or memory: https://hianime.to/images/icons-192.png
Source: chromecache_174.2.dr	String found in binary or memory: https://hianime.to/images/icons-512.png
Source: chromecache_205.2.dr	String found in binary or memory: https://hianime.to/search?keyword=
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://iorbix.com/m-share?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://jezebel.com/15-tiktoks-that-deserve-academy-awards-1838371668
Source: chromecache_220.2.dr	String found in binary or memory: https://l.sharethis.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://l.sharethis.com/log
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://lineit.line.me/share/ui?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://mail.google.com/mail/?view=cm&
Source: chromecache_205.2.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://meneame.net/submit.php?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://mix.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://news.ycombinator.com/submitlink?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://nextdoor.com/sharekit/?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://ok.ru/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://open.spotify.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://outlook.live.com/mail/deeplink/compose?
Source: chromecache_229.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_139.2.dr, chromecache_236.2.dr, chromecache_191.2.dr, chromecache_229.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://pinboard.in/add?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://pinterest.com/pin/create/button/?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-api.sharethis.com
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-api.sharethis.com/atlas-exp.js
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-api.sharethis.com/dmd.js
Source: chromecache_205.2.dr	String found in binary or memory: https://platform-api.sharethis.com/js/sharethis.js#property=64a3d891df473b0019d1b0da&product=inline-
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-api.sharethis.com/navistone.js
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-api.sharethis.com/panorama.js
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-api.sharethis.com/powr.js?platform=sharethis
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-api.sharethis.com/ppg.js
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-api.sharethis.com/rhombus.js
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-cdn.sharethis.com
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-cdn.sharethis.com/img/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-cdn.sharethis.com/img/share-this-logo%402x.png
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://platform-metrics-api.sharethis.com
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://pushtokindle.fivefilters.org/send.php?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://reddit.com/submit?
Source: chromecache_220.2.dr	String found in binary or memory: https://redditblog.com/2017/06/14/why-publishers-should-use-reddit-embeds/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://refind.com?
Source: chromecache_205.2.dr	String found in binary or memory: https://schema.org
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://secure.actblue.com/donate/ms_blm_homepage_2019
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://shar.es/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://share.diasporafoundation.org/?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://share.flipboard.com/bookmarklet/popout?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://sharethis.com/platform/share-buttons?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://snapchat.com/scan?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://soundcloud.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://stackoverflow.com/a/9493060/2688027
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://stackoverflow.com/users/
Source: chromecache_205.2.dr	String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Source: chromecache_236.2.dr, chromecache_229.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_186.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://story.kakao.com/share?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://sync.sharethis.com/panorama
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://sync.sharethis.com/powr/hem?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://t.me/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://t.me/share/url?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://t.sharethis.com/1/k/t.dhj?
Source: chromecache_187.2.dr, chromecache_186.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_139.2.dr, chromecache_236.2.dr, chromecache_191.2.dr, chromecache_229.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://time.com/4128887/kobe-bryant-retirement-celebrities-reaction/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://trello.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://trello.com/add-card?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://twitter.com/intent/tweet?
Source: chromecache_205.2.dr	String found in binary or memory: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://vimeo.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://vimeo.zendesk.com/hc/en-us/articles/224969968-Embedding-videos-overview
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://vk.com/share.php?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://wa.me/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://web.skype.com/share?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://web.wechat.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://web.whatsapp.com/send?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.airbnb.com/rooms/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.amazon.com/gp/profile/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.bbc.com/news/uk-wales-51311320
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.behance.net/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.blogger.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.blogger.com/blog-this.g?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.dexerto.com/entertainment/top-10-most-viewed-twitch-clips-of-all-time-2-310900
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.digg.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.diigo.com/post?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.etsy.com/shop/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.fark.com/submit?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.flickr.com/people/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.github.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.goodreads.com/quotes?
Source: chromecache_139.2.dr, chromecache_191.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_187.2.dr, chromecache_186.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_187.2.dr, chromecache_186.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_187.2.dr, chromecache_186.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_229.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_187.2.dr, chromecache_186.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.google.com/bookmarks/mark?
Source: chromecache_139.2.dr, chromecache_236.2.dr, chromecache_191.2.dr, chromecache_229.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_229.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_187.2.dr, chromecache_186.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_205.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-R34F2GCSBW
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.houzz.com/imageClipperUpload?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.houzz.com/user/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.instagram.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.kooapp.com/create?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.linkedin.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.linkedin.com/shareArticle?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.livejournal.com/update.bml?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.medium.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.meetup.com/members/
Source: chromecache_236.2.dr, chromecache_229.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.messenger.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.patreon.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.pinterest.com/
Source: chromecache_220.2.dr	String found in binary or memory: https://www.podcastinsights.com/podcast-embed-players/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.quora.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.reddit.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.sharethis.com
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.slideshare.net/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.snapchat.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.threads.net/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.tiktok.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.tripadvisor.com/Profile/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.tumblr.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.tumblr.com/share?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.twitch.tv/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.twitter.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.usmagazine.com/entertainment/news/kim-kardashian-north-asks-if-she-can-visit-prisons-wit
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.vk.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.weibo.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.xing.com/app/user?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.xing.com/profile/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.yelp.com/
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.youtube.com/
Source: chromecache_236.2.dr, chromecache_229.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.yummly.com/urb/verify?
Source: chromecache_203.2.dr, chromecache_220.2.dr	String found in binary or memory: https://www.zillow.com/profile/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 57680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57622 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57645 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57496
Source: unknown	Network traffic detected: HTTP traffic on port 57668 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57497
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57498
Source: unknown	Network traffic detected: HTTP traffic on port 57725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57499
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57494
Source: unknown	Network traffic detected: HTTP traffic on port 57702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 57748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 57507 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 57713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 57611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 57783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 57714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 57657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 57554 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57497 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 57541 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 57679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57518 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57623 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57529 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 57747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 57634 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 57712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 57552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57687
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57688
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57689
Source: unknown	Network traffic detected: HTTP traffic on port 57758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57697
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57691
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57692
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57693
Source: unknown	Network traffic detected: HTTP traffic on port 57612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57543 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 57520 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57635 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 57681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 57498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57698
Source: unknown	Network traffic detected: HTTP traffic on port 57773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57646 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 57670 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 57762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57531 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57519 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57647 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57564 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 57658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 57757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57553 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57542 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57613 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 57508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57510 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57625 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57494 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57509 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57637 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 57711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 57648 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57659 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57521 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 57500 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57523 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57649 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57661 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57626 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57555 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57512 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57615 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57496 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57511 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57627 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57801
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57803
Source: unknown	Network traffic detected: HTTP traffic on port 57754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57513 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57800
Source: unknown	Network traffic detected: HTTP traffic on port 57536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57703
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57704
Source: unknown	Network traffic detected: HTTP traffic on port 57640 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57700
Source: unknown	Network traffic detected: HTTP traffic on port 57753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57501 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57524 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57717
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57719
Source: unknown	Network traffic detected: HTTP traffic on port 57662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57713
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57716
Source: unknown	Network traffic detected: HTTP traffic on port 57719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57710
Source: unknown	Network traffic detected: HTTP traffic on port 57778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57711
Source: unknown	Network traffic detected: HTTP traffic on port 57535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57617 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57651 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57503 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57664 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57629 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57558 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57663 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57514 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57647
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57527
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57648
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57649
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57529
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57522
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57643
Source: unknown	Network traffic detected: HTTP traffic on port 57665 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57523
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57524
Source: unknown	Network traffic detected: HTTP traffic on port 57642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57645
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57767
Source: unknown	Network traffic detected: HTTP traffic on port 57499 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57525
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57646
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57650
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57651
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57531
Source: unknown	Network traffic detected: HTTP traffic on port 57562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57652
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57532
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57653
Source: unknown	Network traffic detected: HTTP traffic on port 57751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57770
Source: unknown	Network traffic detected: HTTP traffic on port 57780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57551 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57537
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57538
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57659
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57779
Source: unknown	Network traffic detected: HTTP traffic on port 57516 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57539
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57533
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57654
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57534
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57655
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57656
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57778
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57657
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57540
Source: unknown	Network traffic detected: HTTP traffic on port 57619 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57661
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57662
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57542
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57663
Source: unknown	Network traffic detected: HTTP traffic on port 57728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57785
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57543
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57664
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57784
Source: unknown	Network traffic detected: HTTP traffic on port 57688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57660
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57780
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57527 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57653 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.51:443 -> 192.168.2.4:57656 version: TLS 1.2

Source: classification engine

Classification label: mal48.troj.win@24/165@197/69

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1920 --field-trial-handle=1984,i,16721783093829496953,14232056814186547916,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://hianime.to"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1920 --field-trial-handle=1984,i,16721783093829496953,14232056814186547916,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://hianime.to"	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Persistence and Installation Behavior

AI detected suspicious URL

Source: Email

JoeBoxAI: AI detected suspicious URL: URL: https://hianime.to

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label
https://stats.g.doubleclick.net/g/collect	0%	URL Reputation	safe
https://ampcid.google.com/v1/publisher:getClientId	0%	URL Reputation	safe
https://fontawesome.com	0%	URL Reputation	safe
https://stats.g.doubleclick.net/j/collect	0%	URL Reputation	safe
https://ok.ru/	0%	URL Reputation	safe
https://schema.org	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
segments.company-target.com	18.245.86.101	true	false	unknown
id5-sync.com	162.19.138.82	true	false	unknown
ws.rqtrk.eu	57.129.18.105	true	false	unknown
vici-asg-prod-alb-2112236320.us-east-1.elb.amazonaws.com	35.170.217.152	true	false	unknown
d-ams1.turn.com	46.228.164.13	true	false	unknown
vaigreevouta.xyz	188.114.96.3	true	true	unknown
httplogserver-lb.global.unified-prod.sharethis.net	52.59.126.110	true	false	unknown
platform-api.sharethis.com	108.156.22.110	true	false	unknown
cm.g.doubleclick.net	142.250.181.226	true	false	unknown
idaas-ext.cph.liveintent.com	54.174.123.73	true	false	unknown
www.google.com	142.250.186.68	true	false	unknown
dcs-ups.g03.yahoodns.net	87.248.119.251	true	false	unknown
id.rlcdn.com	35.244.174.68	true	false	unknown
bcp.crwdcntrl.net	54.194.72.83	true	false	unknown
match.adsrvr.org	52.223.40.198	true	false	unknown
d2znr2yi078d75.cloudfront.net	65.9.66.81	true	false	unknown
match.prod.bidr.io	54.74.251.229	true	false	unknown
us-u.openx.net	35.244.159.8	true	false	unknown
s-part-0023.t-0009.t-msedge.net	13.107.246.51	true	false	unknown
maxcdn.bootstrapcdn.com	104.18.11.207	true	false	unknown
pixel.onaudience.com	54.38.113.3	true	false	unknown
pixel-sync.sitescout.com	34.36.216.150	true	false	unknown
euw-ice.360yield.com	54.171.207.38	true	false	unknown
flerap.com	139.45.195.254	true	false	unknown
tzegilo.com	104.21.11.245	true	false	unknown
ActivationEdge-activation-212358690.eu-west-1.elb.amazonaws.com	34.248.126.201	true	false	unknown
hianime.to	188.114.97.3	true	true	unknown
d1ogq2f3ibpb2g.cloudfront.net	18.239.69.61	true	false	unknown
ext-lb-aws-prod.ccgateway.net	52.91.215.149	true	false	unknown
ml314.com	34.117.77.79	true	false	unknown
sr7pv7n5x.com	212.117.190.201	true	false	unknown
s-part-0032.t-0009.t-msedge.net	13.107.246.60	true	false	unknown
pixel-origin.mathtag.com	216.200.232.249	true	false	unknown
yonmewon.com	139.45.197.236	true	false	unknown
pugm-amsfpairbc.pubmnet.com	198.47.127.19	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown
rtb.gumgum.com	54.246.152.167	true	false	unknown
ps.eyeota.net	3.120.214.218	true	false	unknown
idsync.rlcdn.com	35.244.174.68	true	false	unknown
rtb.adentifi.com	54.158.57.128	true	false	unknown
cswjpnmveybweu.com	139.45.197.156	true	false	unknown
m.ib-ibi.com	69.169.86.39	true	false	unknown
sync.srv.stackadapt.com	3.224.31.74	true	false	unknown
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	54.247.166.172	true	false	unknown
thrtle.com	35.172.4.198	true	false	unknown
stackpath.bootstrapcdn.com	104.18.11.207	true	false	unknown
pixel.tapad.com	34.111.113.62	true	false	unknown
raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com	54.154.205.232	true	false	unknown
pippio.com	107.178.254.65	true	false	unknown
datatechonert.com	185.49.145.45	true	false	unknown
my.rtmark.net	139.45.195.8	true	false	unknown
map.go.affec.tv	63.32.51.127	true	false	unknown
wejeestuze.net	139.45.197.245	true	false	unknown
global.ib-ibi.com	69.169.86.38	true	false	unknown
fleraprt.com	139.45.195.254	true	false	unknown
d3oiwf0xhhk8m1.cloudfront.net	143.204.98.51	true	false	unknown
count-server.sharethis.com	13.32.121.95	true	false	unknown
rc-ext-geo.rlcdn.com	35.244.174.68	true	false	unknown
load-euw1.exelator.com	54.78.254.47	true	false	unknown
ib.anycast.adnxs.com	37.252.171.53	true	false	unknown
buttons-config.sharethis.com	unknown	unknown	false	unknown
px.owneriq.net	unknown	unknown	false	unknown
secure.adnxs.com	unknown	unknown	false	unknown
ib.mookie1.com	unknown	unknown	false	unknown
platform-cdn.sharethis.com	unknown	unknown	false	unknown
use.fontawesome.com	unknown	unknown	false	unknown
audience.synocdn.com	unknown	unknown	false	unknown
ce.lijit.com	unknown	unknown	false	unknown
px.ads.linkedin.com	unknown	unknown	false	unknown
d.turn.com	unknown	unknown	false	unknown
cms.analytics.yahoo.com	unknown	unknown	false	unknown
c.cintnetworks.com	unknown	unknown	false	unknown
sync-tm.everesttech.net	unknown	unknown	false	unknown
pixel.mathtag.com	unknown	unknown	false	unknown
rc.rlcdn.com	unknown	unknown	false	unknown
sync.sharethis.com	unknown	unknown	false	unknown
t.sharethis.com	unknown	unknown	false	unknown
image6.pubmatic.com	unknown	unknown	false	unknown
ups.analytics.yahoo.com	unknown	unknown	false	unknown
loadus.exelator.com	unknown	unknown	false	unknown
eus-api.ccgateway.net	unknown	unknown	false	unknown
aa.agkn.com	unknown	unknown	false	unknown
dpm.demdex.net	unknown	unknown	false	unknown
i.liadm.com	unknown	unknown	false	unknown
tags.bluekai.com	unknown	unknown	false	unknown
api5137.d41.co	unknown	unknown	false	unknown
l.sharethis.com	unknown	unknown	false	unknown
ib.adnxs.com	unknown	unknown	false	unknown
match.360yield.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Reputation
https://platform-cdn.sharethis.com/img/telegram.svg	false	unknown
https://ps.eyeota.net/pixel?pid=m4omg6v&t=gif&call=2&gdpr=0&gdpr_consent=	false	unknown
https://sync.sharethis.com/yahoo?uid=y-wHfU9zNE2oMC8vMk6seyXBIbdf4zqByC0xc-~A&gdpr=0	false	unknown
https://pixel.mathtag.com/sync/img?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.sharethis.com%2Fmediamath%3Fuid%3D%5BMM_UUID%5D	false	unknown
https://aa.agkn.com/adscores/r.pixel?sid=9212270798&puid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent=	false	unknown
https://sync.sharethis.com/panorama?uid=80ae3bc6e6f791d6378b72b3aa4b185ca02c260e3c61b5fce4f63442e6647f90&stid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D	false	unknown
https://vaigreevouta.xyz/favicon.ico	false	unknown
https://id5-sync.com/c/121/121/2/1.gif?puid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent=&us_privacy=	false	unknown
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1	false	unknown
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=600901&dpuuid=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.sharethis.com%2Fadobe%3Fuid%3D%24%7BDD_UUID%7D%26_rand%3D1730156815489	false	unknown
https://hianime.to/sw.js?v=0.5	false	unknown
https://ws.rqtrk.eu/pull?pid=2583191d-9d1a-483f-97ec-86ebd89e7576&tr=1&g=1&return-unstable=true&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.sharethis.com%2Froqad%3Fuid%3D%24BROWSER_ID%26gdpr%3D0%26gdpr_consent%3D	false	unknown
https://pixel.onaudience.com/?partner=138&gdpr=0&gdpr_consent=&mapped=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D	false	unknown
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlgwVnZnUGdOemRsUWpTZjNIQU1YTUtIa3lka3dvU19iRV93djAxUmNJbDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=m4omg6v&&referrer_pid=m4omg6v	false	unknown
https://hianime.to/css/home.css?v=0.9	false	unknown
https://pixel.onaudience.com/?partner=147&mapped=2151bf18-6c47-42a6-8c06-55bf537d1c41&icm&gdpr=0&gdpr_consent=&cver	false	unknown
https://id5-sync.com/c/121/441/1/2.gif?puid=e_3cc2536b-0cc2-439f-8439-ce65af800cec&gdpr=0&gdpr_consent=	false	unknown
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2326&gdpr=0&gdpr_consent=&partner_device_id=ZGqAAmcgGPYAAAAMeC0AAw%3D%3D	false	unknown
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc1MDM5MzI3NS90LzA/url/https%3A%2F%2Fsync.sharethis.com%2Fnexxen%3Fuid%3D%24!%7BTURN_UUID%7D%26gdpr%3D0%26gdpr_consent%3D	false	unknown
https://hianime.to/images/anw-min.webp?v=0.1	false	unknown
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b7802705-ac8a-4306-a852-40f1f5ab70aa%252C%252C&gdpr=0&gdpr_consent=	false	unknown
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm	false	unknown
https://ml314.com/csync.ashx?fp=64a59d0cf7f5a63d7772e8d8071bed921fe43a8528d34dbaa139825925164c34f4cb09cee1a4f8eb&person_id=3648035269061902378&eid=50082	false	unknown
https://l.sharethis.com/pview?event=pview&hostname=hianime.to&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fhianime.to%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Watch%20Anime%20Online%2C%20Free%20Anime%20Streaming%20Online%20on%20HiAnime.to%20Anime%20Website&cms=unknown&publisher=64a3d891df473b0019d1b0da&sop=true&version=st_sop.js&lang=en&description=HiAnime%20is%20a%20Free%20anime%20streaming%20website%20which%20you%20can%20watch%20English%20Subbed%20and%20Dubbed%20Anime%20online%20with%20No%20Account%20and%20Daily%20update.%20WATCH%20NOW!&ua=%22Google%20Chrome%22%3Bv%3D%22117%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22117%22&ua_mobile=false&ua_platform=Windows&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22117.0.5938.132%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22117.0.5938.132%22&ua_platform_version=10.0.0&uuid=a1ef854f-118b-457c-af69-f7096a1264b4	false	unknown
https://hianime.to/images/icons-192.png	false	unknown
https://platform-cdn.sharethis.com/img/reddit.svg	false	unknown
https://sync.srv.stackadapt.com/sync?nid=throtle	false	unknown
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=	false	unknown
https://map.go.affec.tv/map/an/2495590272282165975?ch=6720191c9d63b30001c8c1b5&chc=st%7Cim&redirect_url=&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=	false	unknown
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F121%2F441%2F1%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=	false	unknown
https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=HBpOvYyFUsVHlARWgw9h85te8bw&_t=1730156807	false	unknown
https://platform-cdn.sharethis.com/img/facebook.svg	false	unknown
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0ODAzNTI2OTA2MTkwMjM3OBAAGg0I_bGAuQYSBQjoBxAAQgBKAA	false	unknown
https://sync.sharethis.com/adnxs?uid=2495590272282165975&gdpr=0&gdpr_consent=	false	unknown
https://my.rtmark.net/img.gif?f=merge&userId=w6wr476743lz937223226b3o5npvk856&z=6118780&p_rid=e36faf16-626f-4710-a8d3-1150547b3f27&p_src=sf	false	unknown
https://id5-sync.com/k/155.gif?puid=AAEJRE7OQDIAABXuPvAYYA&id5AccountNum=155&numCascadesAllowed=9	false	unknown
https://my.rtmark.net/gid.js?userId=w6wr476743lz937223226b3o5npvk856	false	unknown
https://tzegilo.com/stattag.js	false	unknown
https://platform-api.sharethis.com/panorama.js	false	unknown
https://wejeestuze.net/5/6534229	false	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://stats.g.doubleclick.net/g/collect	chromecache_236.2.dr, chromecache_229.2.dr	false	URL Reputation: safe	unknown
https://www.slideshare.net/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://del.icio.us/save?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://platform-api.sharethis.com/navistone.js	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://www.quora.com/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://www.airbnb.com/rooms/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://ampcid.google.com/v1/publisher:getClientId	chromecache_187.2.dr, chromecache_186.2.dr	false	URL Reputation: safe	unknown
https://use.fontawesome.com/releases/v5.3.1/css/all.css	chromecache_205.2.dr	false		unknown
https://www.fark.com/submit?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://pinboard.in/add?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://www.dexerto.com/entertainment/top-10-most-viewed-twitch-clips-of-all-time-2-310900	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://fontawesome.com	chromecache_232.2.dr	false	URL Reputation: safe	unknown
https://giphy.com/posts/how-to-embed-giphy-gifs-on-your-website	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://github.com/twbs/bootstrap/graphs/contributors)	chromecache_201.2.dr, chromecache_158.2.dr	false		unknown
https://hianime.to/search?keyword=	chromecache_205.2.dr	false		unknown
https://foursquare.com/v/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
http://www.douban.com/recommend/?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://www.tumblr.com/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://open.spotify.com/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://sharethis.com/platform/share-buttons?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://trello.com/add-card?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://electricbikereview.com/gocycle/gs/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
http://wordpress.com/wp-admin/press-this.php?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://foursquare.com/intent/venue/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://stats.g.doubleclick.net/j/collect	chromecache_186.2.dr	false	URL Reputation: safe	unknown
https://www.snapchat.com/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://vimeo.com/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://www.instagram.com/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://ok.ru/	chromecache_203.2.dr, chromecache_220.2.dr	false	URL Reputation: safe	unknown
https://platform-api.sharethis.com	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://www.blogger.com/blog-this.g?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://developers.gfycat.com/iframe/#gfycat-iframe	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://schema.org	chromecache_205.2.dr	false	URL Reputation: safe	unknown
https://datasphere-sbsvc.sharethis.com?n=	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://t.me/share/url?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://www.youtube.com/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://share.flipboard.com/bookmarklet/popout?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://t.sharethis.com/1/k/t.dhj?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://www.weibo.com/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
http://widget.renren.com/dialog/share?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://gdpr-api.sharethis.com/cmp.js	chromecache_220.2.dr	false		unknown
http://www.plurk.com/?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://www.linkedin.com/shareArticle?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://github.com/twbs/bootstrap/blob/master/LICENSE)	chromecache_201.2.dr, chromecache_155.2.dr, chromecache_158.2.dr	false		unknown
http://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://sync.sharethis.com/powr/hem?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
http://service.weibo.com/share/share.php?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://www.meetup.com/members/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://twitter.com/intent/tweet?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://hianime.to/images/icons-512.png	chromecache_174.2.dr	false		unknown
https://dribbble.com/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://api.qrserver.com/v1/create-qr-code/?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://discord.gg/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://platform-api.sharethis.com/js/sharethis.js#property=64a3d891df473b0019d1b0da&product=inline-	chromecache_205.2.dr	false		unknown
https://mail.google.com/mail/?view=cm&	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://stackoverflow.com/a/9493060/2688027	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://web.whatsapp.com/send?	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://secure.actblue.com/donate/ms_blm_homepage_2019	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://embed.ly/code?url=http%3A%2F%2Fgoogle.com	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown
https://www.xing.com/profile/	chromecache_203.2.dr, chromecache_220.2.dr	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.68	www.google.com	United States	15169	GOOGLEUS	false
54.158.57.128	rtb.adentifi.com	United States	14618	AMAZON-AESUS	false
212.117.190.201	sr7pv7n5x.com	Luxembourg	5577	ROOTLU	false
54.154.205.232	raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
63.32.51.127	map.go.affec.tv	United States	16509	AMAZON-02US	false
35.170.217.152	vici-asg-prod-alb-2112236320.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
13.32.121.95	count-server.sharethis.com	United States	16509	AMAZON-02US	false
54.246.152.167	rtb.gumgum.com	United States	16509	AMAZON-02US	false
139.45.197.156	cswjpnmveybweu.com	Netherlands	9002	RETN-ASEU	false
52.91.215.149	ext-lb-aws-prod.ccgateway.net	United States	14618	AMAZON-AESUS	false
69.169.86.38	global.ib-ibi.com	United States	29838	AMCUS	false
69.169.86.39	m.ib-ibi.com	United States	29838	AMCUS	false
143.204.98.51	d3oiwf0xhhk8m1.cloudfront.net	United States	16509	AMAZON-02US	false
65.9.66.11	unknown	United States	16509	AMAZON-02US	false
108.128.89.118	unknown	United States	16509	AMAZON-02US	false
34.248.126.201	ActivationEdge-activation-212358690.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
162.19.138.82	id5-sync.com	United States	209	CENTURYLINK-US-LEGACY-QWESTUS	false
37.252.171.53	ib.anycast.adnxs.com	European Union	29990	ASN-APPNEXUS	false
18.239.94.91	unknown	United States	16509	AMAZON-02US	false
34.117.77.79	ml314.com	United States	139070	GOOGLE-AS-APGoogleAsiaPacificPteLtdSG	false
18.239.69.61	d1ogq2f3ibpb2g.cloudfront.net	United States	16509	AMAZON-02US	false
18.245.86.101	segments.company-target.com	United States	16509	AMAZON-02US	false
172.67.193.52	unknown	United States	13335	CLOUDFLARENETUS	false
37.48.68.71	unknown	Netherlands	60781	LEASEWEB-NL-AMS-01NetherlandsNL	false
52.49.89.142	unknown	United States	16509	AMAZON-02US	false
54.38.113.3	pixel.onaudience.com	France	16276	OVHFR	false
65.9.66.81	d2znr2yi078d75.cloudfront.net	United States	16509	AMAZON-02US	false
3.120.214.218	ps.eyeota.net	United States	16509	AMAZON-02US	false
107.178.254.65	pippio.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
188.114.97.3	hianime.to	European Union	13335	CLOUDFLARENETUS	true
198.47.127.19	pugm-amsfpairbc.pubmnet.com	United States	62713	AS-PUBMATICUS	false
52.57.150.20	unknown	United States	16509	AMAZON-02US	false
64.58.232.180	unknown	United States	13649	ASN-VINSUS	false
52.59.126.110	httplogserver-lb.global.unified-prod.sharethis.net	United States	16509	AMAZON-02US	false
3.123.146.158	unknown	United States	16509	AMAZON-02US	false
35.244.174.68	id.rlcdn.com	United States	15169	GOOGLEUS	false
3.224.31.74	sync.srv.stackadapt.com	United States	14618	AMAZON-AESUS	false
52.223.40.198	match.adsrvr.org	United States	8987	AMAZONEXPANSIONGB	false
104.18.10.207	unknown	United States	13335	CLOUDFLARENETUS	false
54.174.123.73	idaas-ext.cph.liveintent.com	United States	14618	AMAZON-AESUS	false
139.45.195.8	my.rtmark.net	Netherlands	9002	RETN-ASEU	false
54.78.254.47	load-euw1.exelator.com	United States	16509	AMAZON-02US	false
35.244.159.8	us-u.openx.net	United States	15169	GOOGLEUS	false
87.248.119.251	dcs-ups.g03.yahoodns.net	United Kingdom	203220	YAHOO-DEBDE	false
46.228.164.13	d-ams1.turn.com	United Kingdom	56396	TURNGB	false
54.74.251.229	match.prod.bidr.io	United States	16509	AMAZON-02US	false
185.89.210.82	unknown	Germany	29990	ASN-APPNEXUS	false
34.36.216.150	pixel-sync.sitescout.com	United States	2686	ATGS-MMD-ASUS	false
57.129.18.105	ws.rqtrk.eu	Belgium	2686	ATGS-MMD-ASUS	false
108.156.22.110	platform-api.sharethis.com	United States	16509	AMAZON-02US	false
216.200.232.249	pixel-origin.mathtag.com	United States	30419	MEDIAMATH-INCUS	false
139.45.197.245	wejeestuze.net	Netherlands	9002	RETN-ASEU	false
34.111.113.62	pixel.tapad.com	United States	15169	GOOGLEUS	false
139.45.195.254	flerap.com	Netherlands	9002	RETN-ASEU	false
104.18.11.207	maxcdn.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
185.49.145.45	datatechonert.com	Netherlands	35415	WEBZILLANL	false
142.250.181.226	cm.g.doubleclick.net	United States	15169	GOOGLEUS	false
139.45.197.236	yonmewon.com	Netherlands	9002	RETN-ASEU	false
54.171.207.38	euw-ice.360yield.com	United States	16509	AMAZON-02US	false
54.194.72.83	bcp.crwdcntrl.net	United States	16509	AMAZON-02US	false
188.114.96.3	vaigreevouta.xyz	European Union	13335	CLOUDFLARENETUS	true
35.172.4.198	thrtle.com	United States	14618	AMAZON-AESUS	false
162.19.138.117	unknown	United States	209	CENTURYLINK-US-LEGACY-QWESTUS	false
18.245.86.9	unknown	United States	16509	AMAZON-02US	false
104.21.11.245	tzegilo.com	United States	13335	CLOUDFLARENETUS	false
54.247.166.172	dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false

Private

IP
192.168.2.4
192.168.2.23

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1544176
Start date and time:	2024-10-29 00:05:27 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 25s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://hianime.to
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.troj.win@24/165@197/69
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.163, 216.58.206.46, 64.233.167.84, 34.104.35.123, 142.250.185.104, 172.67.142.245, 104.21.27.152, 142.250.185.234, 142.250.185.202, 142.250.185.67, 172.217.16.206, 142.250.186.170, 142.250.186.40, 95.101.111.153, 95.101.111.156, 142.250.185.174, 4.245.163.56, 93.184.221.240, 13.85.23.206, 192.229.221.95, 13.107.42.14, 104.102.48.115, 2.23.197.190, 51.140.146.131, 151.101.66.49, 151.101.130.49, 151.101.194.49, 151.101.2.49, 142.250.185.163
Excluded domains from analysis (whitelisted): tags.bluekai.com.edgekey.net, e11294.g.akamaiedge.net, slscr.update.microsoft.com, otelrules.afd.azureedge.net, clientservices.googleapis.com, use.fontawesome.com.cdn.cloudflare.net, wu.azureedge.net, l-0005.l-msedge.net, e9126.x.akamaiedge.net, clients2.google.com, ocsp.digicert.com, 6.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.0.0.0.0.3.0.1.3.0.6.2.ip6.arpa, www.googletagmanager.com, cert1.a1.atm.aqfer.net.edgekey.net, e167121.b.akamaiedge.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, glb.cws.prod.dcat.dsp.trafficmanager.net, ocsp.edge.digicert.com, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, wu-b-net.trafficmanager.net, www.google-analytics.com, glb.sls.prod.dcat.dsp.trafficmanager.net, www-linkedin-com.l-0005.l-msedge.net, collector-main.trafficmanager.net, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, ajax.googleapis.com, fonts.gstatic.com, ctldl.windowsupdate.com.delivery.microsoft.com, otelrule
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://hianime.to

Simulations

Behavior and APIs

Time	Type	Description
23:06:10	Task Scheduler	Run new task: {E911A9E6-7023-42D3-9A63-341170EBEBBF} path:

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2345)
Category:	downloaded
Size (bytes):	213543
Entropy (8bit):	5.534079353855194
Encrypted:	false
SSDEEP:	3072:LVwwniaF5LF6J6o0Kcb28/XJTTt3IPwXr1oJXGhtkMto3jyed:ga/ReeqwXpoJXGhy/jPd
MD5:	EA8ED263C2554491B588EFE4A9547713
SHA1:	82ADFF60C1A295CA37BCC2A613BEF004A486ECFB
SHA-256:	ACB789215D1B392F57E6FE264F20560719599B98CB497FE6B5FA83A476FFCE53
SHA-512:	3852DD375D03D5A941A361CAAD9E83E04A419FF18888EC9805A844DDD5DB35ED136BE4A639E97A500A3AC0FAECEB4CF5F35B8068B325ADB1CCBDCF55A5916300
Malicious:	false
Reputation:	low
URL:	https://www.googletagmanager.com/gtag/js?id=UA-304498478-1&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__cid"}],. "tags":[{"function":"__rep","once_per_event":true,"vtp_containerId":["macro",1],"tag_id":1}],. "predicates":[{"function":"_eq","arg0":["macro",0],"arg1":"gtm.js"}],. "rules":[[["if",0],["add",0]]].},."runtime":[ [50,"__cid",[46,"a"],[36,[17,[13,[41,"$0"],[3,"$0",["require","getContainerVersion"]],["$0"]],"containerId"]]]. ,[50,"__e",[46,"a"],[36,[13,[41,"$0"],[3,"$0",["require","internal.getEventData"]],["$0","event"]]]]. .].,"entities":{."__cid":{"2":true,"4":true,"3":true}.,."__e":{"2":true,"4":true}...}.,"blob":{"1":"1"}.,"permissions":{."__cid":{"read_container_data":{}}.,."__e":{"read_event_data":{"eventDataAccess":"specific","keyPatterns":["event"]}}...}....,"security_groups":{."google":[."__cid".,."__e"..]...}....};.....var h,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{d

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Oct 29, 2024 00:06:31.620311975 CET	192.168.2.4	1.1.1.1	c272	(Port unreachable)	Destination Unreachable
Oct 29, 2024 00:06:44.803519011 CET	192.168.2.4	1.1.1.1	c231	(Port unreachable)	Destination Unreachable
Oct 29, 2024 00:06:49.197333097 CET	192.168.2.4	1.1.1.1	c23b	(Port unreachable)	Destination Unreachable
Oct 29, 2024 00:07:07.064152002 CET	192.168.2.4	1.1.1.1	c28e	(Port unreachable)	Destination Unreachable
Oct 29, 2024 00:07:08.999397993 CET	192.168.2.4	1.1.1.1	c262	(Port unreachable)	Destination Unreachable

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:26 UTC	653	OUT	GET / HTTP/1.1 Host: hianime.to Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:26 UTC	1076	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 23:06:26 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-DNS-Prefetch-Control: on Expect-CT: max-age=0 Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-XSS-Protection: 1; mode=block Vary: Accept-Encoding cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y54PlMsdWXLl65jw6VTs6Nr%2F4HKD2smRIdBrGZrG5YiDDtKVkvSEHgkNYhMFi9f19Re4k1FjLBt3KZvMVMgvvbVsOLrOvdg3VcJlWvpf6qLchhv6FeZM%2FfphiHVy"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8d9e9389ea57138e-ATL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=19732&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2821&recv_bytes=1231&delivery_rate=146536&cwnd=32&unsent_bytes=0&cid=47e2979e2d974f55&ts=567&x=0"
2024-10-28 23:06:26 UTC	293	IN	Data Raw: 32 30 36 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 74 63 68 20 41 6e 69 6d 65 20 4f 6e 6c 69 6e 65 2c 20 46 72 65 65 20 41 6e 69 6d 65 20 53 74 72 65 61 6d 69 6e 67 20 4f 6e 6c 69 6e 65 20 6f 6e 20 48 69 41 6e 69 6d 65 2e 74 6f 20 41 6e 69 6d 65 20 57 65 62 73 69 74 65 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 64 65 78 2c 66 6f 6c 6c 6f 77 22 2f 3e 0a Data Ascii: 2068<!DOCTYPE html><html lang="en"><head> <title>Watch Anime Online, Free Anime Streaming Online on HiAnime.to Anime Website</title><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><meta name="robots" content="index,follow"/>
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 6e 74 65 6e 74 3d 22 65 6e 22 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 48 69 41 6e 69 6d 65 20 69 73 20 61 20 46 72 65 65 20 61 6e 69 6d 65 20 73 74 72 65 61 6d 69 6e 67 20 77 65 62 73 69 74 65 20 77 68 69 63 68 20 79 6f 75 20 63 61 6e 20 77 61 74 63 68 20 45 6e 67 6c 69 73 68 20 53 75 62 62 65 64 20 61 6e 64 20 44 75 62 62 65 64 20 41 6e 69 6d 65 20 6f 6e 6c 69 6e 65 20 77 69 74 68 20 4e 6f 20 41 63 63 6f 75 6e 74 20 61 6e 64 20 44 61 69 6c 79 20 75 70 64 61 74 65 2e 20 57 41 54 43 48 20 4e 4f 57 21 22 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 61 6e 69 6d 65 20 74 6f 20 77 61 74 63 68 2c 20 77 61 74 63 68 20 61 6e 69 6d 65 2c Data Ascii: ntent="en"/><meta name="description" content="HiAnime is a Free anime streaming website which you can watch English Subbed and Dubbed Anime online with No Account and Daily update. WATCH NOW!"/><meta name="keywords" content="anime to watch, watch anime,
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 3d 22 2f 66 61 76 69 63 6f 6e 2d 33 32 78 33 32 2e 70 6e 67 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2d 31 36 78 31 36 2e 70 6e 67 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 6d 61 73 6b 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 73 61 66 61 72 69 2d 70 69 6e 6e 65 64 2d 74 61 62 2e 73 76 67 22 20 63 6f 6c 6f 72 3d 22 23 66 66 62 61 64 65 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6d 73 61 70 70 6c 69 63 61 74 69 6f 6e 2d 54 69 6c 65 43 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 64 61 35 33 32 63 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 73 69 7a 65 73 3d 22 31 Data Ascii: ="/favicon-32x32.png"><link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png"><link rel="mask-icon" href="/images/safari-pinned-tab.svg" color="#ffbade"><meta name="msapplication-TileColor" content="#da532c"><link rel="icon" sizes="1
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 0a 3c 64 69 76 20 69 64 3d 22 78 77 72 61 70 70 65 72 22 3e 0a 20 20 20 20 3c 21 2d 2d 42 65 67 69 6e 3a 20 48 65 61 64 65 72 2d 2d 3e 0a 20 20 20 20 3c 64 69 76 20 69 64 3d 22 78 68 65 61 64 65 72 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 22 78 68 65 61 64 65 72 5f 62 72 6f 77 73 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 2d 62 74 6e 22 3e 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 62 61 72 73 20 6d 72 2d 32 22 3e 3c 2f 69 3e 4d 65 6e 75 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c Data Ascii: <div id="xwrapper"> ...Begin: Header--> <div id="xheader"> <div class="container"> <div id="xheader_browser"> <div class="header-btn"><i class="fas fa-bars mr-2"></i>Menu</div> </div> <
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 67 65 73 2f 6c 6f 67 6f 2e 70 6e 67 3f 76 3d 30 2e 31 22 20 74 69 74 6c 65 3d 22 48 69 41 6e 69 6d 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6c 65 61 72 66 69 78 22 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 22 78 73 65 61 72 63 68 22 20 63 6c 61 73 73 3d 22 68 6f 6d 65 2d 73 65 61 72 63 68 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 63 6f 6e 74 65 6e 74 Data Ascii: ges/logo.png?v=0.1" title="HiAnime"> </a> <div class="clearfix"></div> </div> <div id="xsearch" class="home-search"> <div class="search-content
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6c 61 73 73 3d 22 69 74 65 6d 22 3e 4d 79 20 48 65 72 6f 20 41 63 61 64 65 6d 69 61 20 53 65 61 73 6f 6e 20 37 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 2f 73 65 61 72 63 68 3f 6b 65 79 77 6f 72 64 3d 42 6c 75 65 25 32 30 4c 6f 63 6b 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6c 61 73 73 3d 22 69 74 65 6d 22 3e 42 6c 75 65 20 4c 6f 63 6b 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 Data Ascii: class="item">My Hero Academia Season 7</a> <a href="/search?keyword=Blue%20Lock" class="item">Blue Lock</a>
2024-10-28 23:06:26 UTC	1166	IN	Data Raw: 73 73 3d 22 69 74 65 6d 22 3e 53 68 61 6e 67 72 69 2d 4c 61 20 46 72 6f 6e 74 69 65 72 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6c 65 61 72 66 69 78 22 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 22 61 63 74 69 6f 6e 2d 62 75 74 74 6f 6e 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 2f 68 6f 6d 65 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 62 74 6e 2d Data Ascii: ss="item">Shangri-La Frontier</a> </div> <div class="clearfix"></div> <div id="action-button"> <a href="/home" class="btn btn-
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 32 32 61 31 0d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 77 62 2d 32 63 6f 6c 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 77 62 2d 6c 65 66 74 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 20 63 6c 61 73 73 3d 22 6d 77 2d 68 65 61 64 69 6e 67 22 3e 48 69 41 6e 69 6d 65 2e 74 6f 20 2d 20 54 68 65 20 62 65 73 74 20 73 69 74 65 20 74 6f 20 77 61 74 63 68 20 61 6e 69 6d 65 20 6f 6e 6c 69 6e 65 20 66 6f 72 20 46 72 65 65 3c 2f 68 31 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 44 6f 20 79 6f 75 20 6b 6e 6f 77 20 74 68 61 74 20 61 63 63 6f 72 64 69 6e 67 20 74 6f Data Ascii: 22a1 <div class="mwb-2col"> <div class="mwb-left"> <h1 class="mw-heading">HiAnime.to - The best site to watch anime online for Free</h1> <p>Do you know that according to
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 72 20 63 6f 73 74 20 61 6e 64 20 77 65 20 6b 65 65 70 20 73 63 61 6e 6e 69 6e 67 20 74 68 65 20 61 64 73 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 32 34 2f 37 20 74 6f 20 6d 61 6b 65 20 73 75 72 65 20 61 6c 6c 20 61 72 65 20 63 6c 65 61 6e 2c 20 49 66 20 79 6f 75 20 66 69 6e 64 20 61 6e 79 20 61 64 73 20 74 68 61 74 20 69 73 20 73 75 73 70 69 63 69 6f 75 73 2c 20 70 6c 65 61 73 65 20 66 6f 72 77 61 72 64 20 75 73 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 65 20 69 6e 66 6f 20 61 6e 64 20 77 65 20 77 69 6c 6c 20 72 65 6d 6f 76 65 20 69 74 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 32 3e 33 2f 20 53 6f 20 77 68 Data Ascii: r cost and we keep scanning the ads 24/7 to make sure all are clean, If you find any ads that is suspicious, please forward us the info and we will remove it.</p> <h2>3/ So wh
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 73 74 72 6f 6e 67 3e 51 75 61 6c 69 74 79 2f 52 65 73 6f 6c 75 74 69 6f 6e 3a 3c 2f 73 74 72 6f 6e 67 3e 20 41 6c 6c 20 74 69 74 6c 65 73 20 61 72 65 20 69 6e 20 65 78 63 65 6c 6c 65 6e 74 20 72 65 73 6f 6c 75 74 69 6f 6e 2c 20 74 68 65 20 62 65 73 74 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 71 75 61 6c 69 74 79 20 70 6f 73 73 69 62 6c 65 2e 20 48 69 41 6e 69 6d 65 2e 74 6f 20 61 6c 73 6f 20 68 61 73 20 61 20 71 75 61 6c 69 74 79 20 73 65 74 74 69 6e 67 20 66 75 6e 63 74 69 6f 6e 20 74 6f 20 6d 61 6b 65 20 73 75 72 65 20 6f 75 Data Ascii: </li> <li><strong>Quality/Resolution:</strong> All titles are in excellent resolution, the best quality possible. HiAnime.to also has a quality setting function to make sure ou

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:26 UTC	537	OUT	GET /css/home.css?v=0.9 HTTP/1.1 Host: hianime.to Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:26 UTC	1200	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 23:06:26 GMT Content-Type: text/css; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-DNS-Prefetch-Control: on Expect-CT: max-age=0 Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Last-Modified: Wed, 28 Feb 2024 00:38:32 GMT ETag: W/"3bc1-18ded2613ed" Vary: Accept-Encoding CF-Cache-Status: HIT Age: 1040773 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d89ZM79WZEabgCmwyqcBYb5paU9Yl2ZFQl4fcjskW6%2BmWFO8EoP3tqMLBWPSu46DlMf2Ai%2BrIpY3BN4m0m37oyITdNxAMC1lKLBCxvurUE8wbDtnCSXgfw4s07If"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8d9e938d2e8d1807-ATL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=17556&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2821&recv_bytes=1115&delivery_rate=163652&cwnd=32&unsent_bytes=0&cid=ca6b62658ef95638&ts=893&x=0"
2024-10-28 23:06:26 UTC	169	IN	Data Raw: 33 62 63 31 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 50 6f 70 70 69 6e 73 3a 77 67 68 74 40 33 30 30 3b 34 30 30 3b 35 30 30 3b 36 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 2f 2a 20 43 53 53 20 44 6f 63 75 6d 65 6e 74 20 2a 2f 0a 68 74 6d 6c 7b 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 7d 0a 62 6f 64 79 7b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 72 Data Ascii: 3bc1@import url('https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap');/* CSS Document */html{position: relative;}body{ background: r
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 67 62 28 33 32 2c 33 31 2c 34 39 29 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 50 6f 70 70 69 6e 73 22 2c 20 41 72 69 61 6c 3b 20 63 6f 6c 6f 72 3a 20 23 63 63 63 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 65 6d 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 20 6e 6f 6e 65 3b 7d 0a 61 7b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b 20 2d 6d 6f 7a 2d 6f 75 74 6c 69 6e 65 3a 20 6e 6f 6e 65 3b 20 63 6f 6c 6f 72 3a 20 23 61 61 61 7d 0a 61 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 20 23 66 66 62 61 64 65 3b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 Data Ascii: gb(32,31,49); font-family: "Poppins", Arial; color: #ccc; font-size: 14px; line-height: 1.4em; font-weight: 400; padding: 0; margin: 0; -webkit-text-size-adjust: none;}a{outline:none; -moz-outline: none; color: #aaa}a:hover{color: #ffbade; text-decorati
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 7d 0a 23 78 68 65 61 64 65 72 5f 6d 65 6e 75 20 75 6c 2e 68 65 61 64 65 72 5f 6d 65 6e 75 2d 6c 69 73 74 20 2e 6e 61 76 2d 69 74 65 6d 3e 61 7b 20 68 65 69 67 68 74 3a 20 36 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 36 30 70 78 3b 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 35 30 30 3b 20 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 20 31 70 78 3b 7d 0a 23 78 68 65 61 64 65 72 5f 6d 65 6e 75 20 75 6c 2e 68 65 61 64 65 72 5f 6d 65 6e 75 2d 6c 69 73 74 20 2e 6e 61 76 2d 69 74 65 6d 3e 61 3a 68 6f 76 65 72 Data Ascii: on: relative;}#xheader_menu ul.header_menu-list .nav-item>a{ height: 60px; line-height: 60px; display: block; margin: 0; padding: 0; color: #fff; font-size: 14px; font-weight: 500; letter-spacing: 1px;}#xheader_menu ul.header_menu-list .nav-item>a:hover
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 72 2d 67 72 61 64 69 65 6e 74 28 39 30 64 65 67 2c 20 72 67 62 61 28 34 33 2c 34 32 2c 36 30 2c 31 29 20 30 25 2c 20 72 67 62 61 28 34 33 2c 34 32 2c 36 30 2c 30 29 20 31 30 30 25 29 3b 20 7d 0a 23 6d 77 2d 74 6f 70 20 2e 6d 77 74 2d 63 6f 6e 74 65 6e 74 20 2e 6d 77 74 2d 69 63 6f 6e 20 69 6d 67 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 20 6f 62 6a 65 63 74 2d 66 69 74 3a 20 63 6f 76 65 72 3b 20 6f 70 61 63 69 74 79 3a 20 2e 35 3b 7d 0a 23 6d 77 2d 74 6f 70 20 2e 6d 77 68 2d 6c 6f 67 6f 7b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 33 30 70 78 3b 7d 0a 23 6d 77 2d 74 6f 70 20 2e 6d 77 68 2d 6c 6f 67 6f 20 2e 6d 77 68 2d 6c 6f 67 6f 2d 64 69 76 7b 20 64 Data Ascii: r-gradient(90deg, rgba(43,42,60,1) 0%, rgba(43,42,60,0) 100%); }#mw-top .mwt-content .mwt-icon img{width: 100%; height: 100%; position: absolute; object-fit: cover; opacity: .5;}#mw-top .mwh-logo{ margin-bottom: 30px;}#mw-top .mwh-logo .mwh-logo-div{ d
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 64 65 72 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 20 6d 61 78 2d 77 69 64 74 68 3a 20 32 36 30 70 78 3b 7d 0a 23 78 73 65 61 72 63 68 2e 68 6f 6d 65 2d 73 65 61 72 63 68 7b 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 20 21 69 6d 70 6f 72 74 61 6e 74 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 20 77 69 64 74 68 3a 20 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 20 74 6f 70 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 20 6c 65 66 74 3a 20 61 75 Data Ascii: der: none !important; box-shadow: none !important; max-width: 260px;}#xsearch.home-search{display: block !important; margin: 0; padding: 0 !important; width: 100%; background: none !important; position: relative !important; top: auto !important; left: au
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 65 66 74 20 70 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 65 6d 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 7d 0a 2e 6d 77 2d 62 6f 64 79 20 2e 6d 77 62 2d 6c 65 66 74 20 75 6c 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 35 70 78 3b 7d 0a 2e 6d 77 2d 62 6f 64 79 20 2e 6d 77 62 2d 6c 65 66 74 20 75 6c 20 6c 69 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 7d 0a 2e 6d 77 2d 62 6f 64 79 20 2e 6d 77 62 2d 6c 65 66 74 20 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 35 65 6d 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 2e 35 65 6d 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 65 6d 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 35 70 78 3b 20 63 Data Ascii: eft p{line-height: 1.4em; margin-bottom: 1em;}.mw-body .mwb-left ul{padding-left: 15px;}.mw-body .mwb-left ul li{margin-bottom: 1em;}.mw-body .mwb-left h2{font-size: 1.5em; margin-top: 1.5em; font-weight: 600; line-height: 1.4em; margin-bottom: 15px; c
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 2c 37 32 2c 30 2e 30 35 30 38 34 30 34 30 34 35 32 31 31 38 33 34 33 35 29 20 31 30 30 25 29 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 38 30 64 65 67 2c 20 72 67 62 61 28 36 35 2c 36 36 2c 37 32 2c 30 29 20 30 25 2c 20 72 67 62 61 28 36 35 2c 36 36 2c 37 32 2c 31 29 20 33 30 25 2c 20 72 67 62 61 28 36 35 2c 36 36 2c 37 32 2c 31 29 20 37 30 25 2c 20 72 67 62 61 28 36 35 2c 36 36 2c 37 32 2c 30 2e 30 35 30 38 34 30 34 30 34 35 32 31 31 38 33 34 33 35 29 20 31 30 30 25 29 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 38 30 64 65 67 2c 20 72 67 62 61 28 36 35 2c 36 36 2c 37 32 2c 30 29 20 30 25 2c 20 72 67 62 61 28 36 35 2c 36 36 2c Data Ascii: ,72,0.050840404521183435) 100%);background: -webkit-linear-gradient(180deg, rgba(65,66,72,0) 0%, rgba(65,66,72,1) 30%, rgba(65,66,72,1) 70%, rgba(65,66,72,0.050840404521183435) 100%);background: linear-gradient(180deg, rgba(65,66,72,0) 0%, rgba(65,66,
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 20 6d 61 78 2d 77 69 64 74 68 3a 20 31 38 30 70 78 3b 7d 0a 2e 6d 77 2d 6b 65 79 77 6f 72 64 73 20 2e 6d 77 6b 2d 69 74 65 6d 20 69 7b 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 32 70 78 3b 7d 0a 2e 6d 77 2d 6b 65 79 77 6f 72 64 73 20 2e 6d 77 6b 2d 69 74 65 6d 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 35 63 35 64 36 33 3b 7d 0a 2e 6d 77 2d 6b 65 79 77 6f 72 64 73 20 2e 6d 77 6b 2d 69 74 65 6d 20 2e 61 6e 69 6d 65 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 32 65 6d 3b 20 6d Data Ascii: overflow: hidden; max-width: 180px;}.mw-keywords .mwk-item i{display: inline; font-size: 11px; line-height: 12px;}.mw-keywords .mwk-item:hover{color: #fff; background: #5c5d63;}.mw-keywords .mwk-item .anime-title{font-size: 12px; line-height: 1.2em; m
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 3a 20 31 30 30 25 3b 7d 0a 09 23 78 68 65 61 64 65 72 5f 62 72 6f 77 73 65 72 7b 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 0a 09 23 78 68 65 61 64 65 72 5f 6d 65 6e 75 7b 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 20 6c 65 66 74 3a 20 31 35 70 78 3b 20 77 69 64 74 68 3a 20 61 75 74 6f 3b 20 74 6f 70 3a 20 36 30 70 78 3b 20 72 69 67 68 74 3a 20 31 35 70 78 3b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 72 67 62 61 28 31 31 2c 31 31 2c 31 31 2c 2e 39 38 29 3b 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 32 35 70 78 3b 20 68 65 69 67 68 74 3a 20 61 75 74 6f 3b 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 30 3b 20 7a 2d 69 6e 64 65 78 3a 20 39 39 3b 7d 0a 09 23 78 68 65 61 64 65 Data Ascii: : 100%;}#xheader_browser{display: inline-block}#xheader_menu{display: none; position: absolute; left: 15px; width: auto; top: 60px; right: 15px; background: rgba(11,11,11,.98); border-radius: 25px; height: auto; padding: 10px 0; z-index: 99;}#xheade
2024-10-28 23:06:26 UTC	1369	IN	Data Raw: 34 30 70 78 3b 7d 0a 09 23 78 73 65 61 72 63 68 2e 68 6f 6d 65 2d 73 65 61 72 63 68 20 2e 73 65 61 72 63 68 2d 69 6e 70 75 74 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 7d 0a 09 2e 78 68 61 73 68 74 61 67 20 2e 69 74 65 6d 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 32 70 78 3b 7d 0a 09 2e 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 20 2e 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 2d 62 6c 6f 63 6b 20 2e 73 62 62 2d 74 69 74 6c 65 7b 70 61 64 64 69 6e 67 3a 20 30 3b 20 62 6f 72 64 65 72 2d 6c 65 66 74 3a 20 6e 6f 6e 65 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 20 66 6c 6f 61 74 3a 20 6e 6f 6e 65 7d 0a 09 23 6d 77 2d 74 6f 70 20 2e 6d 77 74 2d 63 6f 6e 74 65 6e 74 7b 20 70 61 64 64 69 6e 67 3a 20 33 30 70 78 3b 20 62 6f 72 64 65 Data Ascii: 40px;}#xsearch.home-search .search-input{font-size: 14px;}.xhashtag .item{margin-bottom: 2px;}.share-buttons .share-buttons-block .sbb-title{padding: 0; border-left: none; margin-bottom: 10px; float: none}#mw-top .mwt-content{ padding: 30px; borde

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:27 UTC	552	OUT	GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1 Host: maxcdn.bootstrapcdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:27 UTC	966	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 23:06:27 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close CDN-PullZone: 252412 CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74 CDN-RequestCountryCode: US Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31919000 ETag: W/"67176c242e1bdc20603c878dee836df3" Last-Modified: Mon, 25 Jan 2021 22:04:06 GMT CDN-ProxyVer: 1.04 CDN-RequestPullSuccess: True CDN-RequestPullCode: 200 CDN-CachedAt: 10/04/2024 02:53:43 CDN-EdgeStorageId: 1029 timing-allow-origin: * cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff CDN-Status: 200 CDN-RequestTime: 0 CDN-RequestId: 245834812b0126cce0074d5f5d227a18 CDN-Cache: HIT CF-Cache-Status: HIT Age: 473156 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 8d9e93928d73463c-DFW alt-svc: h3=":443"; ma=86400
2024-10-28 23:06:27 UTC	403	IN	Data Raw: 37 62 65 64 0d 0a 2f 2a 21 0a 20 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 31 2e 33 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 38 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 67 72 61 70 68 73 2f 63 6f 6e 74 72 69 62 75 74 6f 72 73 29 0a 20 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 Data Ascii: 7bed/! Bootstrap v4.1.3 (https://getbootstrap.com/) * Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */!function(
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 66 69 6e 65 28 5b 22 65 78 70 6f 72 74 73 22 2c 22 6a 71 75 65 72 79 22 2c 22 70 6f 70 70 65 72 2e 6a 73 22 5d 2c 65 29 3a 65 28 74 2e 62 6f 6f 74 73 74 72 61 70 3d 7b 7d 2c 74 2e 6a 51 75 65 72 79 2c 74 2e 50 6f 70 70 65 72 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 68 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 69 28 74 2c 65 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 65 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 7b 76 61 72 20 69 3d 65 5b 6e 5d 3b 69 2e 65 6e 75 6d 65 72 61 62 6c 65 3d 69 2e 65 6e 75 6d 65 72 61 62 6c 65 7c 7c 21 31 2c 69 2e 63 6f 6e 66 69 67 75 72 61 62 6c 65 3d 21 30 2c 22 76 61 6c 75 65 22 69 6e 20 69 26 26 28 69 2e 77 72 69 74 61 62 6c 65 3d 21 30 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 Data Ascii: fine(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,h){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defi
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 2c 50 6e 2c 6a 6e 2c 48 6e 2c 4c 6e 2c 52 6e 2c 78 6e 2c 57 6e 2c 55 6e 2c 71 6e 2c 46 6e 3d 66 75 6e 63 74 69 6f 6e 28 69 29 7b 76 61 72 20 65 3d 22 74 72 61 6e 73 69 74 69 6f 6e 65 6e 64 22 3b 66 75 6e 63 74 69 6f 6e 20 74 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 2c 6e 3d 21 31 3b 72 65 74 75 72 6e 20 69 28 74 68 69 73 29 2e 6f 6e 65 28 6c 2e 54 52 41 4e 53 49 54 49 4f 4e 5f 45 4e 44 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 3d 21 30 7d 29 2c 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 7c 7c 6c 2e 74 72 69 67 67 65 72 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 28 65 29 7d 2c 74 29 2c 74 68 69 73 7d 76 61 72 20 6c 3d 7b 54 52 41 4e 53 49 54 49 4f 4e 5f 45 4e 44 3a 22 62 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 22 2c 67 65 74 55 49 44 Data Ascii: ,Pn,jn,Hn,Ln,Rn,xn,Wn,Un,qn,Fn=function(i){var e="transitionend";function t(t){var e=this,n=!1;return i(this).one(l.TRANSITION_END,function(){n=!0}),setTimeout(function(){n\|\|l.triggerTransitionEnd(e)},t),this}var l={TRANSITION_END:"bsTransitionEnd",getUID
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 61 6e 64 6c 65 72 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 7d 2c 6c 7d 28 65 29 2c 4b 6e 3d 28 6e 3d 22 61 6c 65 72 74 22 2c 61 3d 22 2e 22 2b 28 6f 3d 22 62 73 2e 61 6c 65 72 74 22 29 2c 63 3d 28 72 3d 65 29 2e 66 6e 5b 6e 5d 2c 75 3d 7b 43 4c 4f 53 45 3a 22 63 6c 6f 73 65 22 2b 61 2c 43 4c 4f 53 45 44 3a 22 63 6c 6f 73 65 64 22 2b 61 2c 43 4c 49 43 4b 5f 44 41 54 41 5f 41 50 49 3a 22 63 6c 69 63 6b 22 2b 61 2b 22 2e 64 61 74 61 2d 61 70 69 22 7d 2c 66 3d 22 61 6c 65 72 74 22 2c 64 3d 22 66 61 64 65 22 2c 67 3d 22 73 68 6f 77 22 2c 5f 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 69 28 74 29 7b 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 74 7d 76 61 72 20 74 3d 69 2e 70 72 6f 74 6f 74 79 70 65 3b 72 65 74 75 72 Data Ascii: andler.apply(this,arguments)}},l}(e),Kn=(n="alert",a="."+(o="bs.alert"),c=(r=e).fn[n],u={CLOSE:"close"+a,CLOSED:"closed"+a,CLICK_DATA_API:"click"+a+".data-api"},f="alert",d="fade",g="show",_=function(){function i(t){this._element=t}var t=i.prototype;retur
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 5f 2e 5f 68 61 6e 64 6c 65 44 69 73 6d 69 73 73 28 6e 65 77 20 5f 29 29 2c 72 2e 66 6e 5b 6e 5d 3d 5f 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2c 72 2e 66 6e 5b 6e 5d 2e 43 6f 6e 73 74 72 75 63 74 6f 72 3d 5f 2c 72 2e 66 6e 5b 6e 5d 2e 6e 6f 43 6f 6e 66 6c 69 63 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 2e 66 6e 5b 6e 5d 3d 63 2c 5f 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 7d 2c 5f 29 2c 4d 6e 3d 28 70 3d 22 62 75 74 74 6f 6e 22 2c 79 3d 22 2e 22 2b 28 76 3d 22 62 73 2e 62 75 74 74 6f 6e 22 29 2c 45 3d 22 2e 64 61 74 61 2d 61 70 69 22 2c 43 3d 28 6d 3d 65 29 2e 66 6e 5b 70 5d 2c 54 3d 22 61 63 74 69 76 65 22 2c 62 3d 22 62 74 6e 22 2c 49 3d 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 5e 3d 22 62 75 74 74 6f 6e 22 5d 27 Data Ascii: _._handleDismiss(new _)),r.fn[n]=_._jQueryInterface,r.fn[n].Constructor=_,r.fn[n].noConflict=function(){return r.fn[n]=c,_._jQueryInterface},_),Mn=(p="button",y="."+(v="bs.button"),E=".data-api",C=(m=e).fn[p],T="active",b="btn",I='[data-toggle^="button"]'
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 74 29 7b 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 76 61 72 20 65 3d 74 2e 74 61 72 67 65 74 3b 6d 28 65 29 2e 68 61 73 43 6c 61 73 73 28 62 29 7c 7c 28 65 3d 6d 28 65 29 2e 63 6c 6f 73 65 73 74 28 4e 29 29 2c 6b 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2e 63 61 6c 6c 28 6d 28 65 29 2c 22 74 6f 67 67 6c 65 22 29 7d 29 2e 6f 6e 28 4f 2e 46 4f 43 55 53 5f 42 4c 55 52 5f 44 41 54 41 5f 41 50 49 2c 49 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 6d 28 74 2e 74 61 72 67 65 74 29 2e 63 6c 6f 73 65 73 74 28 4e 29 5b 30 5d 3b 6d 28 65 29 2e 74 6f 67 67 6c 65 43 6c 61 73 73 28 53 2c 2f 5e 66 6f 63 75 73 28 69 6e 29 3f 24 2f 2e 74 65 73 74 28 74 2e 74 79 70 65 29 29 7d 29 2c 6d 2e 66 6e 5b 70 5d 3d 6b 2e 5f 6a 51 75 65 72 79 49 Data Ascii: t){t.preventDefault();var e=t.target;m(e).hasClass(b)\|\|(e=m(e).closest(N)),k._jQueryInterface.call(m(e),"toggle")}).on(O.FOCUS_BLUR_DATA_API,I,function(t){var e=m(t.target).closest(N)[0];m(e).toggleClass(S,/^focus(in)?$/.test(t.type))}),m.fn[p]=k._jQueryI
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 6e 74 29 2c 74 68 69 73 2e 5f 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 73 28 29 7d 76 61 72 20 74 3d 6f 2e 70 72 6f 74 6f 74 79 70 65 3b 72 65 74 75 72 6e 20 74 2e 6e 65 78 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 69 73 53 6c 69 64 69 6e 67 7c 7c 74 68 69 73 2e 5f 73 6c 69 64 65 28 71 29 7d 2c 74 2e 6e 65 78 74 57 68 65 6e 56 69 73 69 62 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 21 64 6f 63 75 6d 65 6e 74 2e 68 69 64 64 65 6e 26 26 50 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 69 73 28 22 3a 76 69 73 69 62 6c 65 22 29 26 26 22 68 69 64 64 65 6e 22 21 3d 3d 50 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 63 73 73 28 22 76 69 73 69 62 69 6c 69 74 Data Ascii: his._element.querySelector(nt),this._addEventListeners()}var t=o.prototype;return t.next=function(){this._isSliding\|\|this._slide(q)},t.nextWhenVisible=function(){!document.hidden&&P(this._element).is(":visible")&&"hidden"!==P(this._element).css("visibilit
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 3d 6c 28 7b 7d 2c 57 2c 74 29 2c 46 6e 2e 74 79 70 65 43 68 65 63 6b 43 6f 6e 66 69 67 28 6a 2c 74 2c 55 29 2c 74 7d 2c 74 2e 5f 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 3b 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 6b 65 79 62 6f 61 72 64 26 26 50 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 6f 6e 28 51 2e 4b 45 59 44 4f 57 4e 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 2e 5f 6b 65 79 64 6f 77 6e 28 74 29 7d 29 2c 22 68 6f 76 65 72 22 3d 3d 3d 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 70 61 75 73 65 26 26 28 50 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 6f 6e 28 51 2e 4d 4f 55 53 45 45 4e 54 45 52 Data Ascii: =function(t){return t=l({},W,t),Fn.typeCheckConfig(j,t,U),t},t._addEventListeners=function(){var e=this;this._config.keyboard&&P(this._element).on(Q.KEYDOWN,function(t){return e._keydown(t)}),"hover"===this._config.pause&&(P(this._element).on(Q.MOUSEENTER
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 65 6d 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 29 7b 76 61 72 20 65 3d 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 24 29 29 3b 50 28 65 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 56 29 3b 76 61 72 20 6e 3d 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 2e 63 68 69 6c 64 72 65 6e 5b 74 68 69 73 2e 5f 67 65 74 49 74 65 6d 49 6e 64 65 78 28 74 29 5d 3b 6e 26 26 50 28 6e 29 2e 61 64 64 43 6c 61 73 73 28 56 29 7d 7d 2c 74 2e 5f 73 6c 69 64 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 6e 2c 69 2c 72 2c 6f 3d 74 68 69 73 2c Data Ascii: ement=function(t){if(this._indicatorsElement){var e=[].slice.call(this._indicatorsElement.querySelectorAll($));P(e).removeClass(V);var n=this._indicatorsElement.children[this._getItemIndex(t)];n&&P(n).addClass(V)}},t._slide=function(t,e){var n,i,r,o=this,
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 74 2e 74 6f 28 69 29 3b 65 6c 73 65 20 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 6e 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 74 5b 6e 5d 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 27 4e 6f 20 6d 65 74 68 6f 64 20 6e 61 6d 65 64 20 22 27 2b 6e 2b 27 22 27 29 3b 74 5b 6e 5d 28 29 7d 65 6c 73 65 20 65 2e 69 6e 74 65 72 76 61 6c 26 26 28 74 2e 70 61 75 73 65 28 29 2c 74 2e 63 79 63 6c 65 28 29 29 7d 29 7d 2c 6f 2e 5f 64 61 74 61 41 70 69 43 6c 69 63 6b 48 61 6e 64 6c 65 72 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 46 6e 2e 67 65 74 53 65 6c 65 63 74 6f 72 46 72 6f 6d 45 6c 65 6d 65 6e 74 28 74 68 69 73 29 3b 69 66 28 65 29 7b 76 61 72 20 6e 3d 50 28 65 29 5b 30 5d 3b 69 66 Data Ascii: t.to(i);else if("string"==typeof n){if("undefined"==typeof t[n])throw new TypeError('No method named "'+n+'"');t[n]()}else e.interval&&(t.pause(),t.cycle())})},o._dataApiClickHandler=function(t){var e=Fn.getSelectorFromElement(this);if(e){var n=P(e)[0];if

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:27 UTC	571	OUT	GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1 Host: stackpath.bootstrapcdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:27 UTC	974	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 23:06:27 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Encoding CDN-PullZone: 252412 CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74 CDN-RequestCountryCode: US Access-Control-Allow-Origin: * Cache-Control: public, max-age=31919000 ETag: W/"7cc40c199d128af6b01e74a28c5900b0" Last-Modified: Mon, 25 Jan 2021 22:04:09 GMT CDN-ProxyVer: 1.04 CDN-RequestPullSuccess: True CDN-RequestPullCode: 200 CDN-CachedAt: 09/24/2024 10:29:18 CDN-EdgeStorageId: 845 timing-allow-origin: * cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff CDN-Status: 200 CDN-RequestTime: 0 CDN-RequestId: 900f0a67cd0956ac87eea9414021a4ce CDN-Cache: HIT CF-Cache-Status: HIT Age: 445896 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 8d9e93929f94eaac-DFW alt-svc: h3=":443"; ma=86400
2024-10-28 23:06:27 UTC	395	IN	Data Raw: 37 62 65 34 0d 0a 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 34 2e 31 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 39 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 39 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 2a 2f 3a 72 6f 6f 74 7b 2d 2d 62 6c 75 65 3a 23 30 30 37 62 66 66 3b 2d 2d 69 6e 64 69 67 6f 3a 23 36 36 31 Data Ascii: 7be4/! Bootstrap v4.4.1 (https://getbootstrap.com/) * Copyright 2011-2019 The Bootstrap Authors * Copyright 2011-2019 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */:root{--blue:#007bff;--indigo:#661
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 66 66 3b 2d 2d 67 72 61 79 3a 23 36 63 37 35 37 64 3b 2d 2d 67 72 61 79 2d 64 61 72 6b 3a 23 33 34 33 61 34 30 3b 2d 2d 70 72 69 6d 61 72 79 3a 23 30 30 37 62 66 66 3b 2d 2d 73 65 63 6f 6e 64 61 72 79 3a 23 36 63 37 35 37 64 3b 2d 2d 73 75 63 63 65 73 73 3a 23 32 38 61 37 34 35 3b 2d 2d 69 6e 66 6f 3a 23 31 37 61 32 62 38 3b 2d 2d 77 61 72 6e 69 6e 67 3a 23 66 66 63 31 30 37 3b 2d 2d 64 61 6e 67 65 72 3a 23 64 63 33 35 34 35 3b 2d 2d 6c 69 67 68 74 3a 23 66 38 66 39 66 61 3b 2d 2d 64 61 72 6b 3a 23 33 34 33 61 34 30 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 78 73 3a 30 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 73 6d 3a 35 37 36 70 78 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 6d 64 3a 37 36 38 70 78 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 6c 67 3a 39 39 Data Ascii: ff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:99
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 3a 75 6e 64 65 72 6c 69 6e 65 3b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 20 64 6f 74 74 65 64 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 20 64 6f 74 74 65 64 3b 63 75 72 73 6f 72 3a 68 65 6c 70 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 30 3b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 2d 73 6b 69 70 2d 69 6e 6b 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 2d 73 6b 69 70 2d 69 6e 6b 3a 6e 6f 6e 65 7d 61 64 64 72 65 73 73 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 64 6c 2c 6f 6c 2c 75 6c 7b Data Ascii: :underline;-webkit-text-decoration:underline dotted;text-decoration:underline dotted;cursor:help;border-bottom:0;-webkit-text-decoration-skip-ink:none;text-decoration-skip-ink:none}address{margin-bottom:1rem;font-style:normal;line-height:inherit}dl,ol,ul{
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 6e 2c 69 6e 70 75 74 2c 6f 70 74 67 72 6f 75 70 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 7b 6f 76 65 72 66 6c 6f 77 3a 76 69 73 69 62 6c 65 7d 62 75 74 74 6f 6e 2c 73 65 6c 65 63 74 7b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 6e 6f 6e 65 7d 73 65 6c 65 63 74 7b 77 6f 72 64 2d 77 72 61 70 3a 6e 6f 72 6d 61 6c 7d 5b 74 79 70 65 3d 62 75 74 74 6f 6e 5d 2c 5b 74 79 70 65 3d 72 65 73 65 74 5d 2c 5b 74 79 70 65 3d 73 75 62 6d 69 74 5d 2c 62 75 74 74 6f 6e 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a Data Ascii: n,input,optgroup,select,textarea{margin:0;font-family:inherit;font-size:inherit;line-height:inherit}button,input{overflow:visible}button,select{text-transform:none}select{word-wrap:normal}[type=button],[type=reset],[type=submit],button{-webkit-appearance:
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 79 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 68 31 2c 2e 68 32 2c 2e 68 33 2c 2e 68 34 2c 2e 68 35 2c 2e 68 36 2c 68 31 2c 68 32 2c 68 33 2c 68 34 2c 68 35 2c 68 36 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2e 35 72 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 7d 2e 68 31 2c 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 35 72 65 6d 7d 2e 68 32 2c 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 72 65 6d 7d 2e 68 33 2c 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 35 72 65 6d 7d 2e 68 34 2c 68 34 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 35 72 65 6d 7d 2e 68 35 2c 68 35 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 35 72 65 6d 7d 2e 68 36 2c 68 36 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 72 65 6d 7d 2e 6c Data Ascii: y:none!important}.h1,.h2,.h3,.h4,.h5,.h6,h1,h2,h3,h4,h5,h6{margin-bottom:.5rem;font-weight:500;line-height:1.2}.h1,h1{font-size:2.5rem}.h2,h2{font-size:2rem}.h3,h3{font-size:1.75rem}.h4,h4{font-size:1.5rem}.h5,h5{font-size:1.25rem}.h6,h6{font-size:1rem}.l
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 6f 72 3a 23 36 63 37 35 37 64 7d 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 38 37 2e 35 25 3b 63 6f 6c 6f 72 3a 23 65 38 33 65 38 63 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 7d 61 3e 63 6f 64 65 7b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 7d 6b 62 64 7b 70 61 64 64 69 6e 67 3a 2e 32 72 65 6d 20 2e 34 72 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 38 37 2e 35 25 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 31 32 35 32 39 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 2e 32 72 65 6d 7d 6b 62 64 20 6b 62 64 7b 70 61 64 64 69 6e 67 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 30 25 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 70 72 65 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6f 6e 74 Data Ascii: or:#6c757d}code{font-size:87.5%;color:#e83e8c;word-wrap:break-word}a>code{color:inherit}kbd{padding:.2rem .4rem;font-size:87.5%;color:#fff;background-color:#212529;border-radius:.2rem}kbd kbd{padding:0;font-size:100%;font-weight:700}pre{display:block;font
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 73 3e 2e 63 6f 6c 2c 2e 6e 6f 2d 67 75 74 74 65 72 73 3e 5b 63 6c 61 73 73 2a 3d 63 6f 6c 2d 5d 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 7d 2e 63 6f 6c 2c 2e 63 6f 6c 2d 31 2c 2e 63 6f 6c 2d 31 30 2c 2e 63 6f 6c 2d 31 31 2c 2e 63 6f 6c 2d 31 32 2c 2e 63 6f 6c 2d 32 2c 2e 63 6f 6c 2d 33 2c 2e 63 6f 6c 2d 34 2c 2e 63 6f 6c 2d 35 2c 2e 63 6f 6c 2d 36 2c 2e 63 6f 6c 2d 37 2c 2e 63 6f 6c 2d 38 2c 2e 63 6f 6c 2d 39 2c 2e 63 6f 6c 2d 61 75 74 6f 2c 2e 63 6f 6c 2d 6c 67 2c 2e 63 6f 6c 2d 6c 67 2d 31 2c 2e 63 6f 6c 2d 6c 67 2d 31 30 2c 2e 63 6f 6c 2d 6c 67 2d 31 31 2c 2e 63 6f 6c 2d 6c 67 2d 31 32 2c 2e 63 6f 6c 2d 6c 67 2d 32 2c 2e 63 6f 6c 2d 6c 67 2d 33 2c 2e 63 6f 6c 2d 6c 67 2d 34 2c 2e 63 6f 6c 2d 6c 67 2d Data Ascii: s>.col,.no-gutters>[class*=col-]{padding-right:0;padding-left:0}.col,.col-1,.col-10,.col-11,.col-12,.col-2,.col-3,.col-4,.col-5,.col-6,.col-7,.col-8,.col-9,.col-auto,.col-lg,.col-lg-1,.col-lg-10,.col-lg-11,.col-lg-12,.col-lg-2,.col-lg-3,.col-lg-4,.col-lg-
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 73 2d 66 6c 65 78 3a 30 20 30 20 38 2e 33 33 33 33 33 33 25 3b 66 6c 65 78 3a 30 20 30 20 38 2e 33 33 33 33 33 33 25 3b 6d 61 78 2d 77 69 64 74 68 3a 38 2e 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 32 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 31 36 2e 36 36 36 36 36 37 25 3b 66 6c 65 78 3a 30 20 30 20 31 36 2e 36 36 36 36 36 37 25 3b 6d 61 78 2d 77 69 64 74 68 3a 31 36 2e 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 33 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 32 35 25 3b 66 6c 65 78 3a 30 20 30 20 32 35 25 3b 6d 61 78 2d 77 69 64 74 68 3a 32 35 25 7d 2e 63 6f 6c 2d 34 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 33 33 2e 33 33 33 33 33 33 25 3b 66 6c 65 78 3a 30 20 30 20 33 33 2e 33 33 33 33 33 33 25 3b 6d 61 78 2d 77 69 64 74 68 3a 33 33 2e 33 33 33 33 33 33 25 7d Data Ascii: s-flex:0 0 8.333333%;flex:0 0 8.333333%;max-width:8.333333%}.col-2{-ms-flex:0 0 16.666667%;flex:0 0 16.666667%;max-width:16.666667%}.col-3{-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.col-4{-ms-flex:0 0 33.333333%;flex:0 0 33.333333%;max-width:33.333333%}
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 2e 6f 66 66 73 65 74 2d 33 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 35 25 7d 2e 6f 66 66 73 65 74 2d 34 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 33 33 2e 33 33 33 33 33 33 25 7d 2e 6f 66 66 73 65 74 2d 35 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 34 31 2e 36 36 36 36 36 37 25 7d 2e 6f 66 66 73 65 74 2d 36 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 30 25 7d 2e 6f 66 66 73 65 74 2d 37 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 38 2e 33 33 33 33 33 33 25 7d 2e 6f 66 66 73 65 74 2d 38 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 36 36 2e 36 36 36 36 36 37 25 7d 2e 6f 66 66 73 65 74 2d 39 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 37 35 25 7d 2e 6f 66 66 73 65 74 2d 31 30 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 33 2e 33 33 33 33 33 33 25 7d 2e 6f 66 66 73 65 74 2d 31 31 7b Data Ascii: .offset-3{margin-left:25%}.offset-4{margin-left:33.333333%}.offset-5{margin-left:41.666667%}.offset-6{margin-left:50%}.offset-7{margin-left:58.333333%}.offset-8{margin-left:66.666667%}.offset-9{margin-left:75%}.offset-10{margin-left:83.333333%}.offset-11{
2024-10-28 23:06:27 UTC	1369	IN	Data Raw: 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 36 36 2e 36 36 36 36 36 37 25 3b 66 6c 65 78 3a 30 20 30 20 36 36 2e 36 36 36 36 36 37 25 3b 6d 61 78 2d 77 69 64 74 68 3a 36 36 2e 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 73 6d 2d 39 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 37 35 25 3b 66 6c 65 78 3a 30 20 30 20 37 35 25 3b 6d 61 78 2d 77 69 64 74 68 3a 37 35 25 7d 2e 63 6f 6c 2d 73 6d 2d 31 30 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 38 33 2e 33 33 33 33 33 33 25 3b 66 6c 65 78 3a 30 20 30 20 38 33 2e 33 33 33 33 33 33 25 3b 6d 61 78 2d 77 69 64 74 68 3a 38 33 2e 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 73 6d 2d 31 31 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 39 31 2e 36 36 36 36 36 37 25 3b 66 6c 65 78 3a 30 20 30 20 39 31 2e 36 36 36 36 36 37 25 3b 6d 61 78 2d 77 Data Ascii: -ms-flex:0 0 66.666667%;flex:0 0 66.666667%;max-width:66.666667%}.col-sm-9{-ms-flex:0 0 75%;flex:0 0 75%;max-width:75%}.col-sm-10{-ms-flex:0 0 83.333333%;flex:0 0 83.333333%;max-width:83.333333%}.col-sm-11{-ms-flex:0 0 91.666667%;flex:0 0 91.666667%;max-w

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:27 UTC	535	OUT	GET /js/sharethis.js HTTP/1.1 Host: platform-api.sharethis.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:27 UTC	599	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Content-Length: 210640 Connection: close Edge-control: cache-maxage=60m,downstream-ttl=60m X-Frame-Options: SAMEORIGIN Date: Mon, 28 Oct 2024 23:04:05 GMT Cache-Control: max-age=600, public ETag: W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 2e0b0e777d576ee595b61a5d3b296990.cloudfront.net (CloudFront) X-Amz-Cf-Pop: HEL51-P1 X-Amz-Cf-Id: PhSO9n_UqEjC1_zcQ9Q8nF6sShX66fNDPaoEUzNr_XFmRgyjTkjrag== Age: 206 Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-10-28 23:06:27 UTC	15785	IN	Data Raw: 69 66 20 28 21 44 61 74 65 2e 6e 6f 77 29 20 7b 0a 20 20 44 61 74 65 2e 6e 6f 77 20 3d 20 66 75 6e 63 74 69 6f 6e 20 6e 6f 77 28 29 20 7b 0a 20 20 20 20 72 65 74 75 72 6e 20 6e 65 77 20 44 61 74 65 28 29 2e 67 65 74 54 69 6d 65 28 29 3b 0a 20 20 7d 3b 0a 7d 0a 0a 28 66 75 6e 63 74 69 6f 6e 28 66 75 6e 63 4e 61 6d 65 2c 20 62 61 73 65 4f 62 6a 29 20 7b 0a 20 20 22 75 73 65 20 73 74 72 69 63 74 22 3b 0a 0a 20 20 2f 2f 20 54 68 65 20 70 75 62 6c 69 63 20 66 75 6e 63 74 69 6f 6e 20 6e 61 6d 65 20 64 65 66 61 75 6c 74 73 20 74 6f 20 77 69 6e 64 6f 77 2e 64 6f 63 52 65 61 64 79 0a 20 20 2f 2f 20 62 75 74 20 79 6f 75 20 63 61 6e 20 6d 6f 64 69 66 79 20 74 68 65 20 6c 61 73 74 20 6c 69 6e 65 20 6f 66 20 74 68 69 73 20 66 75 6e 63 74 69 6f 6e 20 74 6f 20 70 61 73 Data Ascii: if (!Date.now) { Date.now = function now() { return new Date().getTime(); };}(function(funcName, baseObj) { "use strict"; // The public function name defaults to window.docReady // but you can modify the last line of this function to pas
2024-10-28 23:06:27 UTC	16384	IN	Data Raw: 20 3d 20 5b 24 65 6c 2e 63 6c 61 73 73 4e 61 6d 65 2c 20 24 65 6c 2e 69 64 5d 3b 0a 20 20 20 20 66 6f 72 20 28 69 20 3d 20 30 2c 20 6c 65 6e 20 3d 20 72 65 66 2e 6c 65 6e 67 74 68 3b 20 69 20 3c 20 6c 65 6e 3b 20 69 2b 2b 29 20 7b 0a 20 20 20 20 20 20 73 74 72 20 3d 20 72 65 66 5b 69 5d 3b 0a 20 20 20 20 20 20 69 66 20 28 74 79 70 65 6f 66 20 73 74 72 20 21 3d 3d 20 27 73 74 72 69 6e 67 27 29 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6e 74 69 6e 75 65 3b 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 69 66 20 28 72 65 2e 74 65 73 74 28 28 73 74 72 20 7c 7c 20 27 27 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 29 20 7b 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 7d 0a 20 20 20 20 72 65 74 75 72 6e 20 Data Ascii: = [$el.className, $el.id]; for (i = 0, len = ref.length; i < len; i++) { str = ref[i]; if (typeof str !== 'string') { continue; } if (re.test((str \|\| '').toLowerCase())) { return true; } } return
2024-10-28 23:06:28 UTC	16384	IN	Data Raw: 22 20 2b 20 28 73 74 2e 71 73 28 70 61 72 61 6d 73 29 29 3b 0a 20 20 20 20 7d 0a 20 20 20 20 69 6d 67 20 3d 20 6e 65 77 20 49 6d 61 67 65 28 31 2c 20 31 29 3b 0a 20 20 20 20 69 6d 67 2e 73 72 63 20 3d 20 72 65 73 6f 75 72 63 65 3b 0a 20 20 20 20 69 6d 67 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0a 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 6e 65 78 74 20 3d 3d 3d 20 22 66 75 6e 63 74 69 6f 6e 22 20 3f 20 6e 65 78 74 28 74 72 75 65 29 20 3a 20 76 6f 69 64 20 30 3b 0a 20 20 20 20 7d 3b 0a 20 20 20 20 72 65 74 75 72 6e 20 69 6d 67 2e 6f 6e 65 72 72 6f 72 20 3d 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0a 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 6e 65 78 74 20 3d 3d 3d 20 22 66 75 6e 63 74 69 6f 6e 22 Data Ascii: " + (st.qs(params)); } img = new Image(1, 1); img.src = resource; img.onload = function() { return typeof next === "function" ? next(true) : void 0; }; return img.onerror = function() { return typeof next === "function"
2024-10-28 23:06:28 UTC	16384	IN	Data Raw: 77 2e 5f 5f 73 68 61 72 65 74 68 69 73 5f 5f 0a 0a 20 20 73 74 2e 43 75 73 74 6f 6d 43 6f 6c 6f 72 20 3d 20 63 6c 61 73 73 20 43 75 73 74 6f 6d 43 6f 6c 6f 72 20 7b 0a 20 20 20 20 63 6f 6e 73 74 72 75 63 74 6f 72 28 72 2c 20 67 2c 20 62 29 20 7b 0a 20 20 20 20 20 20 74 68 69 73 2e 73 65 74 28 72 2c 20 67 2c 20 62 29 3b 0a 20 20 20 20 7d 0a 20 20 20 20 0a 20 20 20 20 74 6f 53 74 72 69 6e 67 28 29 20 7b 0a 20 20 20 20 20 20 72 65 74 75 72 6e 20 60 72 67 62 28 24 7b 4d 61 74 68 2e 72 6f 75 6e 64 28 74 68 69 73 2e 72 29 7d 2c 20 24 7b 4d 61 74 68 2e 72 6f 75 6e 64 28 74 68 69 73 2e 67 29 7d 2c 20 24 7b 4d 61 74 68 2e 72 6f 75 6e 64 28 74 68 69 73 2e 62 29 7d 29 60 3b 0a 20 20 20 20 7d 0a 20 20 0a 20 20 20 20 73 65 74 28 72 2c 20 67 2c 20 62 29 20 7b 0a 20 20 Data Ascii: w.__sharethis__ st.CustomColor = class CustomColor { constructor(r, g, b) { this.set(r, g, b); } toString() { return `rgb(${Math.round(this.r)}, ${Math.round(this.g)}, ${Math.round(this.b)})`; } set(r, g, b) {
2024-10-28 23:06:28 UTC	16384	IN	Data Raw: 76 69 64 65 6f 27 2c 0a 20 20 20 20 27 2e 74 77 69 74 74 65 72 2d 77 69 64 67 65 74 27 2c 0a 20 20 20 20 27 65 6d 62 65 64 27 2c 0a 20 20 20 20 27 69 66 72 61 6d 65 27 2c 0a 20 20 20 20 27 5b 63 6c 61 73 73 5e 3d 22 50 49 4e 22 5d 27 0a 20 20 5d 3b 0a 0a 20 20 76 61 72 20 63 6f 6e 66 69 67 20 3d 20 5b 0a 20 20 20 20 7b 20 74 79 70 65 3a 20 22 61 75 64 69 6f 22 2c 20 75 72 6c 3a 20 22 61 6e 63 68 6f 72 2e 66 6d 22 20 7d 2c 0a 20 20 20 20 7b 20 74 79 70 65 3a 20 22 61 75 64 69 6f 22 2c 20 75 72 6c 3a 20 22 6f 70 65 6e 2e 73 70 6f 74 69 66 79 2e 63 6f 6d 2f 65 6d 62 65 64 22 20 7d 2c 0a 20 20 20 20 7b 20 74 79 70 65 3a 20 22 61 75 64 69 6f 22 2c 20 75 72 6c 3a 20 22 70 6c 61 79 65 72 2e 6d 65 67 61 70 68 6f 6e 65 2e 66 6d 22 20 7d 2c 0a 20 20 20 20 7b 20 74 Data Ascii: video', '.twitter-widget', 'embed', 'iframe', '[class^="PIN"]' ]; var config = [ { type: "audio", url: "anchor.fm" }, { type: "audio", url: "open.spotify.com/embed" }, { type: "audio", url: "player.megaphone.fm" }, { t
2024-10-28 23:06:28 UTC	16384	IN	Data Raw: 49 43 4f 4e 53 5f 57 48 49 54 45 20 3d 20 7b 0a 20 20 20 20 61 69 72 62 6e 62 3a 20 69 6d 67 28 27 61 69 72 62 6e 62 2d 77 68 69 74 65 2e 73 76 67 27 29 2c 0a 20 20 20 20 61 6d 61 7a 6f 6e 3a 20 69 6d 67 28 27 61 6d 61 7a 6f 6e 2d 77 68 69 74 65 2e 73 76 67 27 29 2c 0a 20 20 20 20 62 61 6e 64 63 61 6d 70 3a 20 69 6d 67 28 27 62 61 6e 64 63 61 6d 70 2d 77 68 69 74 65 2e 73 76 67 27 29 2c 0a 20 20 20 20 62 65 68 61 6e 63 65 3a 20 69 6d 67 28 27 62 65 68 61 6e 63 65 2d 77 68 69 74 65 2e 73 76 67 27 29 2c 0a 20 20 20 20 62 6c 6f 67 67 65 72 3a 20 69 6d 67 28 27 62 6c 6f 67 67 65 72 2d 77 68 69 74 65 2e 73 76 67 27 29 2c 0a 20 20 20 20 62 6c 6d 3a 20 69 6d 67 28 27 62 6c 6d 2d 77 68 69 74 65 2e 73 76 67 27 29 2c 0a 20 20 20 20 62 69 74 62 75 63 6b 65 74 3a 20 Data Ascii: ICONS_WHITE = { airbnb: img('airbnb-white.svg'), amazon: img('amazon-white.svg'), bandcamp: img('bandcamp-white.svg'), behance: img('behance-white.svg'), blogger: img('blogger-white.svg'), blm: img('blm-white.svg'), bitbucket:
2024-10-28 23:06:28 UTC	16384	IN	Data Raw: 70 6f 69 6e 74 65 72 3b 5c 6e 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 36 70 78 3b 5c 6e 20 20 68 65 69 67 68 74 3a 20 35 36 70 78 3b 5c 6e 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 38 70 78 3b 5c 6e 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 5c 6e 20 20 70 6f 73 69 74 69 6f 6e 3a 20 66 69 78 65 64 3b 5c 6e 20 20 72 69 67 68 74 3a 20 31 34 70 78 3b 5c 6e 20 20 77 69 64 74 68 3a 20 35 36 70 78 3b 5c 6e 20 20 7a 2d 69 6e 64 65 78 3a 20 34 30 3b 5c 6e 7d 22 3b 0a 20 20 20 20 73 74 2e 63 73 73 28 6d 6f 62 69 6c 65 5f 63 73 73 29 3b 0a 20 20 20 20 68 74 6d 6c 20 3d 20 22 3c 64 69 76 20 63 6c 61 73 73 3d 27 73 74 2d 62 61 63 6b 64 72 6f 70 27 3e 3c 2f 64 69 76 3e 22 3b 0a 20 20 20 20 68 74 6d 6c 20 2b 3d 20 22 3c 64 69 76 20 63 6c 61 73 73 3d 27 73 Data Ascii: pointer;\n font-size: 36px;\n height: 56px;\n line-height: 28px;\n padding: 10px;\n position: fixed;\n right: 14px;\n width: 56px;\n z-index: 40;\n}"; st.css(mobile_css); html = "<div class='st-backdrop'></div>"; html += "<div class='s
2024-10-28 23:06:28 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 20 3d 20 22 73 74 5f 73 61 6d 65 73 69 74 65 3d 31 3b 53 61 6d 65 53 69 74 65 3d 4e 6f 6e 65 3b 53 65 63 75 72 65 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 5f 5f 73 74 64 6f 73 5f 5f 2e 64 61 74 61 2e 70 61 72 73 65 43 6f 6f 6b 69 65 28 22 73 74 5f 73 61 6d 65 73 69 74 65 22 2c 20 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 29 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 73 61 6d 65 73 69 74 65 5f 73 65 63 75 72 65 20 3d 20 22 53 61 6d 65 53 69 74 65 3d 4e 6f 6e 65 3b 53 65 63 75 72 65 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 20 3d 20 22 73 74 5f 73 61 6d 65 73 69 74 65 3d 31 3b 6d 61 78 2d 61 67 65 3d Data Ascii: document.cookie = "st_samesite=1;SameSite=None;Secure"; if (__stdos__.data.parseCookie("st_samesite", document.cookie)) { samesite_secure = "SameSite=None;Secure" document.cookie = "st_samesite=1;max-age=
2024-10-28 23:06:28 UTC	16384	IN	Data Raw: 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 20 26 26 20 73 74 6c 69 62 20 21 3d 3d 20 6e 75 6c 6c 20 26 26 20 73 74 6c 69 62 2e 6f 6e 73 63 72 69 70 74 6c 6f 61 64 3b 0a 0a 20 20 69 66 20 28 21 73 74 5f 70 76 69 65 77 5f 6c 6f 67 67 65 64 20 26 26 20 21 5f 5f 73 74 64 6f 73 5f 5f 2e 6f 6e 73 63 72 69 70 74 6c 6f 61 64 20 26 26 20 64 6f 63 75 6d 65 6e 74 2e 55 52 4c 2e 69 6e 64 65 78 4f 66 28 22 65 64 67 65 2e 73 68 61 72 65 74 68 69 73 2e 63 6f 6d 22 29 20 3d 3d 20 2d 31 29 20 7b 0a 20 20 20 20 20 20 5f 5f 73 74 64 6f 73 5f 5f 2e 64 61 74 61 2e 69 6e 69 74 28 29 3b 0a 20 20 20 20 20 20 5f 5f 73 74 64 6f 73 5f 5f 2e 64 61 74 61 2e 73 65 74 28 22 63 6d 73 22 2c 20 5f 73 74 2e 63 6d 73 2c 20 22 70 61 67 65 49 6e 66 6f 22 29 3b 0a 20 20 20 20 20 20 5f 5f 73 74 Data Ascii: == 'undefined' && stlib !== null && stlib.onscriptload; if (!st_pview_logged && !__stdos__.onscriptload && document.URL.indexOf("edge.sharethis.com") == -1) { __stdos__.data.init(); __stdos__.data.set("cms", _st.cms, "pageInfo"); __st
2024-10-28 23:06:28 UTC	16384	IN	Data Raw: 65 73 74 72 69 63 74 69 6f 6e 73 3a 20 70 75 62 6c 69 73 68 65 72 5f 72 65 73 74 72 69 63 74 69 6f 6e 73 2c 0a 20 20 20 20 20 20 70 75 72 70 6f 73 65 73 3a 20 70 75 62 6c 69 73 68 65 72 5f 70 75 72 70 6f 73 65 73 2c 0a 20 20 20 20 20 20 74 65 78 74 5f 63 6f 6c 6f 72 3a 20 74 65 78 74 5f 63 6f 6c 6f 72 2c 0a 20 20 20 20 20 20 70 72 65 76 69 65 77 3a 20 70 72 65 76 69 65 77 0a 20 20 20 20 7d 3b 0a 20 20 20 20 69 66 20 28 64 69 73 70 6c 61 79 20 3d 3d 3d 20 22 61 6c 77 61 79 73 22 29 20 7b 0a 20 20 20 20 20 20 72 65 74 75 72 6e 20 73 74 2e 6a 73 28 22 68 74 74 70 73 3a 2f 2f 67 64 70 72 2d 61 70 69 2e 73 68 61 72 65 74 68 69 73 2e 63 6f 6d 2f 63 6d 70 2d 76 32 2e 6a 73 22 29 3b 0a 20 20 20 20 7d 20 65 6c 73 65 20 69 66 20 28 64 69 73 70 6c 61 79 20 3d 3d 3d Data Ascii: estrictions: publisher_restrictions, purposes: publisher_purposes, text_color: text_color, preview: preview }; if (display === "always") { return st.js("https://gdpr-api.sharethis.com/cmp-v2.js"); } else if (display ===

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:27 UTC	590	OUT	GET /images/anw-min.webp?v=0.1 HTTP/1.1 Host: hianime.to Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:28 UTC	1185	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 23:06:28 GMT Content-Type: image/webp Content-Length: 98206 Connection: close X-DNS-Prefetch-Control: on Expect-CT: max-age=0 Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Last-Modified: Wed, 28 Feb 2024 00:38:35 GMT ETag: W/"17f9e-18ded262247" CF-Cache-Status: HIT Age: 58653 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=97SncKB%2B0osIIQ0rLC5Dm35XHPWoX8p3HK5lpMAWe0Rt3%2Flzsn0Ei%2BMIVwG4B6Fxu73UlypS2sETT1X1%2FVpFtmO9kguUmNNyra94Hl3zSxQAQ0d8MMErcoThbDxP"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8d9e9394ff666c3c-DFW alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1201&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2823&recv_bytes=1168&delivery_rate=2366013&cwnd=251&unsent_bytes=0&cid=2d569b857403f456&ts=191&x=0"
2024-10-28 23:06:28 UTC	184	IN	Data Raw: 52 49 46 46 96 7f 01 00 57 45 42 50 56 50 38 58 0a 00 00 00 14 00 00 00 42 04 00 cf 02 00 41 4c 50 48 9e 04 00 00 09 a0 a0 6a 5b 18 bd fa 77 da ad dd 8d 45 e5 3a a9 4d 41 52 32 48 06 9d e8 26 5e 9e 37 22 1c 29 90 1b 36 53 90 11 5a f5 05 d2 46 e7 ff 7e fd e8 c7 2f fc 30 08 09 42 42 b9 05 84 95 8c 8c 10 42 88 10 c2 55 8d 8c d0 c7 b0 29 08 f9 11 10 46 96 90 1d 61 08 29 04 08 49 02 84 cc b4 1d cd c7 2c f8 51 c8 82 5f f4 31 b4 43 42 1e 23 b3 23 ec 63 6c 06 f2 10 10 9e 4c 21 0b 7e 46 c6 2f 0d 42 24 f5 92 90 94 42 9c 4a 28 c4 ec 88 42 c2 12 10 ee 42 21 Data Ascii: RIFFWEBPVP8XBALPHj[wE:MAR2H&^7")6SZF~/0BBBU)Fa)I,Q_1CB##clL!~F/B$BJ(BB!
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 03 29 46 c6 3c 1e 42 d8 bb 80 30 13 84 a4 46 a6 71 83 10 b3 a3 f3 94 90 07 42 0a d1 c8 8c c5 4a 48 db 14 10 fa 6e 64 1a 29 e4 93 e0 10 12 ca 2d 20 ac 64 64 84 14 62 33 00 21 5c d5 c7 98 c7 63 08 10 22 c9 8f 80 30 b2 84 ec 08 43 48 21 40 48 12 20 64 a6 ed 68 3e 66 c1 8f 42 16 fc a2 8f a1 1d 12 f2 50 c8 8e 30 84 84 0d 42 92 3c 04 84 27 43 48 21 1a 19 bf 34 08 91 d4 4b 42 52 1f e3 54 62 64 cc 8e d2 12 10 ee 62 64 84 14 72 2b 1e 84 b0 77 01 61 6a 48 a3 fd 37 8f 97 53 f3 78 09 69 3b 4f 08 79 36 23 f3 15 2c 08 09 69 0a 08 7d 37 32 8d 14 f2 57 10 42 b9 05 84 95 20 44 48 21 c1 c8 0c a4 5c 95 42 cc e3 8d cc 61 12 10 22 c9 8f 80 30 32 84 14 82 91 31 3b 82 10 c9 d1 20 e4 31 32 03 29 d1 c7 d0 0e 09 79 28 64 47 18 42 c2 06 21 49 1e 02 c2 93 21 a4 10 8d 8c 5f 1a 84 50 Data Ascii: )F<B0FqBJHnd)- ddb3!\c"0CH!@H dh>fBP0B<'CH!4KBRTbdbdr+wajH7Sxi;Oy6#,i}72WB DH!\Ba"021; 12)y(dGB!I!_P
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: ab 77 b3 ba f1 45 8a ea 0b 98 8d 11 43 8a 13 97 97 23 d2 fc 7f 20 22 9a a0 76 fd 71 c6 4b b5 f0 be 87 91 1e a6 cb e4 67 82 d6 41 a4 16 d0 87 65 15 40 bc 24 06 fd ce bc 8c cb 68 fd f2 85 74 59 7d fa 7b 07 20 09 f7 a5 50 48 0b 79 c3 36 3b d1 80 fd 36 8a 0f bc e5 59 b3 b3 5d 8a 33 72 e1 b4 24 cd 8c 9a c1 21 cf f5 0e e5 c4 df c2 8d ff 24 90 12 95 93 d3 4d 4f a2 7c 0a cc bc c1 95 ac 20 c4 ba 0a a9 3d 8b 6a e0 bb 91 b0 08 8a 4a 54 02 20 6d 2c 6f 05 53 4b f5 c1 3c 74 75 77 48 71 2b e7 65 99 03 e4 97 b7 fd c5 35 16 dd 84 a5 de 3b ac 5f d3 85 89 d7 55 3a 2c e3 d8 7d 4a b9 0f c3 c5 e3 73 98 9f ec e2 cb 28 62 e2 b7 83 83 38 ea b6 50 78 a6 32 5a 26 02 9d 00 9e 8f b0 2d 16 11 cc 34 16 56 61 82 fa 80 36 60 dd 35 cf e7 07 93 ed 87 09 64 97 59 f7 7c f5 2a 4f ba 79 f5 95 Data Ascii: wEC# "vqKgAe@$htY}{ PHy6;6Y]3r$!$MO\| =jJT m,oSK<tuwHq+e5;_U:,}Js(b8Px2Z&-4Va6`5dY\|*Oy
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 2b 82 c7 a2 c9 f2 7c de 95 45 77 00 59 0c 0a c1 04 3c fa 64 01 ee 51 4a e1 27 c9 5c ef 24 24 8c 5a da 73 f1 47 f9 97 8b f5 96 84 dc 0c 54 99 b5 83 db d4 b4 bb 07 5e cd 6f 56 d9 ca 36 8e 46 f9 4e f1 00 95 f8 b3 d0 5a 46 b0 59 29 86 9b ad dd 40 2e 8e 5d bd f2 37 bb 44 65 50 e0 c0 49 2b 97 5c c8 09 40 ae 85 c5 37 0f 63 ee 70 a6 17 3e b4 7d d5 f6 28 51 6a c2 77 1c fe 94 1e 0a 97 41 e0 5e ab 80 6a c8 a0 3b 1c 03 1b d5 28 ad 2a 16 89 3c 64 e4 82 64 b0 b7 08 d6 90 3a 68 6f 35 98 06 db 71 b0 f6 d0 e0 f4 60 b1 8f 3b 45 1e 17 93 71 4e 9d b4 f6 63 fd d3 d5 5c 24 1d 88 e1 e8 e8 4e f4 12 9d bd 22 b3 6d 45 dc cd a0 a6 a1 b2 2d 72 a1 15 dc ea 36 bb 3a 22 cc a2 bb 72 a7 97 b1 3c 3c 7f 8e 9c a7 30 69 da a5 1b f3 03 b6 d7 85 42 6b c6 a4 9d f9 d8 bf 63 57 ba ce 93 1e 6a b0 Data Ascii: +\|EwY<dQJ'\$$ZsGT^oV6FNZFY)@.]7DePI+\@7cp>}(QjwA^j;(*<dd:ho5q`;EqNc\$N"mE-r6:"r<<0iBkcWj
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 76 c2 16 75 f7 ac 8d 5d 1a 6a 89 b0 7d ae 92 ac 42 8e 6a 31 76 b4 9a 0d 25 ee de ef 94 d1 e3 c6 b9 67 5e c6 01 7a d3 b3 85 06 7e f9 11 b4 a7 78 54 5b b6 c6 e3 c5 2f 6d fd 1a 31 db b1 3d 43 22 2e 34 e6 5c df f0 70 9d e8 a1 21 55 f7 66 6d b0 c1 97 98 28 fc 98 cf dc 23 4f 0c 61 7c de 12 01 1f a0 66 82 3f 38 46 9a 58 3a 18 bf da 94 47 d1 b9 af 78 2b 97 6c 4f 19 55 71 cd 2a 53 6d 7a 08 53 7f 09 55 25 49 ed d8 4f 8a 87 91 9c f8 ee d8 ce c6 3f cb 47 f6 8f 64 5f b0 a1 28 55 34 2e a0 46 f5 b5 24 21 14 45 ba 94 99 c2 f2 7f d9 8c f9 30 c6 f6 d9 43 29 e1 3c 39 d7 9e c9 64 43 24 b6 da 79 56 79 ed 60 f0 ee 85 5d 32 25 be b3 97 3d 6e 6b db 68 e3 f8 e9 53 6a 9a c9 6b b5 4c c2 69 9b 46 9b 0c 1f 86 94 87 d1 cf 25 a9 6b 4a 0e 7e d5 ac 2b 3c d8 7e 57 97 3a ab 35 1e 91 58 af Data Ascii: vu]j}Bj1v%g^z~xT[/m1=C".4\p!Ufm(#Oa\|f?8FX:Gx+lOUq*SmzSU%IO?Gd_(U4.F$!E0C)<9dC$yVy`]2%=nkhSjkLiF%kJ~+<~W:5X
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: b2 8f ae db 4e 24 48 dc 8c 46 cb ad 00 e3 42 53 e4 1b 07 1f a4 45 59 4c 10 a1 79 15 8e fa 05 bc 68 5f 33 01 aa a5 b3 38 b8 90 56 27 0c c8 68 e7 e1 1b 94 02 7f 40 26 fc 5a 26 9c c4 c9 1f 4e cd 7c 99 17 82 a1 c6 44 aa 7b 55 8c 6e a9 c1 0c e3 bc 41 fa ec a5 e6 51 31 a3 ac ff 8c 69 ba 14 1f 4e 6e d0 66 da cf 12 cb b2 94 22 cb df 51 6e cb 53 fd fd 88 9e 23 86 5f b5 21 17 db c3 0a 41 3e 7e 2d f4 5a 41 4b 52 4e 35 73 fa d3 60 8a 78 55 6d 26 d1 47 f7 c6 d1 f3 1a 7b 58 c7 60 f7 7d d2 a4 c3 78 c0 6b eb 82 11 df 51 4c 26 77 12 ad 31 b0 c3 66 a7 96 5a 96 79 13 fe dc c2 64 19 fa fa a3 96 43 32 fb ea 98 64 2c c2 eb d8 2f b6 54 14 32 17 b9 d4 65 3f 14 11 28 45 e9 5d 67 26 23 cb 60 9a 9e 2c 78 ee 2d 22 8d 8b a0 c8 81 c0 e5 48 b6 f0 d2 a5 aa 20 d9 a1 b6 66 9a 23 8a c8 04 Data Ascii: N$HFBSEYLyh_38V'h@&Z&N\|D{UnAQ1iNnf"QnS#_!A>~-ZAKRN5s`xUm&G{X`}xkQL&w1fZydC2d,/T2e?(E]g&#`,x-"H f#
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 52 92 c9 d6 0f 1d 99 41 9e 0a eb 50 50 be b7 92 65 a2 a6 c5 a9 bf 25 fd 8e 19 b8 5f 35 ee 3a 75 c9 b9 ec 97 59 86 a5 9b 6b 3e 1e d1 24 21 0e be 6c 05 f6 ad 2a 3b b4 60 c9 ff 60 a8 f6 0f 18 61 50 67 96 f5 1e ba 6b bc ca 61 9d fc 5f 2b a1 a6 1d 88 76 c9 2d 2d 83 0e 27 b6 0e 55 00 ad b2 9f 34 26 91 9c 72 56 10 fd 52 71 a2 08 ed 2b dc 45 2c 05 3c 99 b5 00 85 e2 c0 47 5e 46 30 d4 ac 72 68 b0 64 71 5e c4 55 e2 a5 ed 6e 21 7a 26 81 e8 2d 3c a3 1a 32 3a f5 aa 56 71 c9 d9 7d 8a f7 b1 4e d1 36 0d 88 d2 bb 9e 4c 95 ea 43 ee b4 14 90 8e b6 82 87 e9 99 82 f1 20 a2 dc d2 fe c9 1c 5c d2 af db a2 9c f7 94 ac 31 65 0f 0c 90 2c 38 18 37 2c 15 6e 62 6c ad 3f 7e 46 48 8b d8 db 4f 29 64 7a 98 46 76 11 f1 98 0c 8f 68 05 ae ca 77 f7 75 ee 31 60 f8 35 2d 94 81 50 54 f2 75 0e 64 Data Ascii: RAPPe%_5:uYk>$!l*;``aPgka_+v--'U4&rVRq+E,<G^F0rhdq^Un!z&-<2:Vq}N6LC \1e,87,nbl?~FHO)dzFvhwu1`5-PTud
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 1f ff 9a af 4f fc af b8 f3 cb 15 c0 03 c3 13 b7 f2 67 6e 6d eb 3c 1f 3a 75 e3 36 3c 09 a4 2f 84 d7 26 00 d3 6b 4d 3f 4a 62 93 24 30 14 44 ad 34 33 a9 69 fe 83 e8 71 62 e2 0e ff 17 51 fe 29 d3 56 4e 9b 37 f9 97 a5 ca 4d 6a 0b ff 98 7e 44 be d9 79 9a be 5b fa 68 83 2e 28 62 17 4f 3d 41 2e df ad db f5 84 eb ef 58 63 e9 dd eb dd 82 51 15 53 d6 bc 04 02 d6 b9 7c d6 8a 70 b9 d1 fa 1c e8 e8 1a 5b b5 fa 09 d9 53 02 f2 db 24 11 22 d7 8c 8f f1 1f a8 10 c1 6f 39 55 1a 2d 17 9c fa 16 76 53 38 79 88 05 58 91 54 87 37 bf 96 bd d6 6c 56 eb c8 e6 75 63 31 1c b0 04 74 98 11 56 e4 c4 c3 04 6c 6d 42 87 88 f8 25 e6 5c 74 89 11 6b ad 5a 87 77 1b de e5 8e ee 8a 07 0d d4 7c 0f b7 dd 86 ff 9d 3b 81 ba 10 97 fe 36 8d bf 4c c6 4c b6 09 b2 9f c2 7a f6 06 8f 23 e3 54 8b ce 2c eb 8a Data Ascii: Ognm<:u6</&kM?Jb$0D43iqbQ)VN7Mj~Dy[h.(bO=A.XcQS\|p[S$"o9U-vS8yXT7lVuc1tVlmB%\tkZw\|;6LLz#T,
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 79 d4 24 14 ee ff 6e e2 2b ff bd 78 81 86 7e 0f 5e eb 5b 20 e6 53 d3 17 71 f1 ff f1 5e 03 5d 3d 01 98 7e 2b 60 96 b7 d8 ef 7f 2e d5 11 e0 05 30 12 61 4c 15 5e ff 71 ed 1b 37 8c 32 05 20 2e 3a d0 07 89 b9 55 8d 90 f4 4b f2 bd 7e 54 f5 d3 bb 9a 30 fc 86 ef df 77 27 18 42 c0 88 25 37 53 45 57 d8 01 f4 fa 25 ff f9 2c 85 b0 ed 87 2d eb 28 00 62 04 51 a4 dd e5 da d6 c7 9c e8 fd 62 c1 c3 6f 40 e1 e5 99 cf 5c 53 5d 41 72 d7 62 17 ea 48 5c b8 48 5e 49 34 dd a9 5c 1d 8d aa 31 bb 8c 80 65 87 22 f8 d0 14 c5 c3 04 fa 28 d9 f5 a2 aa c4 e8 8a 60 9a 98 16 e3 0a f6 dc 61 85 49 2a c3 92 14 d7 53 42 69 df b9 a9 78 61 00 ee 6a 9f fa 67 15 0a 54 d5 54 de 76 35 7b 4a be 7b 7b ef ed e0 0b 0c 58 82 f2 87 87 03 12 c4 00 77 d6 95 c8 46 27 9b d1 b1 be 9d ec f5 c4 44 63 9a 4c d7 42 Data Ascii: y$n+x~^[ Sq^]=~+`.0aL^q72 .:UK~T0w'B%7SEW%,-(bQbo@\S]ArbH\H^I4\1e"(`aI*SBixajgTTv5{J{{XwF'DcLB
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 1c 10 07 be 88 cf 74 37 4a 4f 3f 3a 68 68 ae 47 82 fb 33 71 4d 50 ee 18 1a 97 06 78 00 ff f8 01 c4 35 0c b2 2b 95 71 dc 0a 59 53 22 90 10 fd fa ac 9d db ec a1 58 38 05 5b 75 b2 77 9b 5c c4 45 4a 5a 0c ac ad 47 e4 d2 b2 a1 ef 3a 94 34 11 d3 a3 e4 9e cc 28 43 3d 1a 18 cb 84 62 b3 3f 1d 92 27 aa f5 91 67 57 23 ce 27 7a f8 1b 9e 0d 5e 42 c2 d4 14 86 ba 63 4f bf 5e c2 79 c5 2d 50 ec 2d 57 10 da fb 5e 47 f6 f2 a5 5d 82 9c e2 67 87 1f 3a cc 1e 84 76 ab 95 32 05 bc 9c 30 96 09 08 f2 7a 71 8d b1 68 3a ee 19 ca f2 e4 f2 68 70 f1 f9 82 b4 b4 45 4d ae 43 b8 77 f1 e3 bf ed 9a 52 76 a2 e8 db ad d2 7e 59 1b 3c 32 d8 77 12 ce 10 67 a5 70 c5 c5 65 a2 bc 69 af 21 47 f7 9c 1a e0 e0 59 4b f5 a7 3b d4 03 a5 59 2d ec 45 fc 5a 6f 8f 88 76 e3 81 ba df a3 3a 8e f7 57 d0 ef 84 97 Data Ascii: t7JO?:hhG3qMPx5+qYS"X8[uw\EJZG:4(C=b?'gW#'z^BcO^y-P-W^G]g:v20zqh:hpEMCwRv~Y<2wgpei!GYK;Y-EZov:W

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:27 UTC	586	OUT	GET /images/logo.png?v=0.1 HTTP/1.1 Host: hianime.to Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:28 UTC	1180	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 23:06:28 GMT Content-Type: image/png Content-Length: 11692 Connection: close X-DNS-Prefetch-Control: on Expect-CT: max-age=0 Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Last-Modified: Mon, 26 Feb 2024 18:23:07 GMT ETag: W/"2dac-18de6a80586" CF-Cache-Status: HIT Age: 307971 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gSjlVzCxwqxrIpHWOFaFKcwHABYNN9a0TWUgVEbHG8CMlXi6Mzc7MZpbtBEOZQE61jzdj%2BDiHmX4oPJpSUT%2BTmoWuZ9jhUDGfb9bTOTGFI5P1guwghtTvRJDUAVr"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8d9e9395099e2e7b-DFW alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1477&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2823&recv_bytes=1164&delivery_rate=1938420&cwnd=250&unsent_bytes=0&cid=decdd596d5fe09bd&ts=207&x=0"
2024-10-28 23:06:28 UTC	189	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 37 00 00 00 c8 08 06 00 00 00 d5 fd 1f 8b 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 29 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 Data Ascii: PNGIHDR7tEXtSoftwareAdobe ImageReadyqe<)iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/"
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 39 2e 31 2d 63 30 30 31 20 37 39 2e 31 34 36 32 38 39 39 37 37 37 2c 20 32 30 32 33 2f 30 36 2f 32 35 2d 32 33 3a 35 37 3a 31 34 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e Data Ascii: x:xmptk="Adobe XMP Core 9.1-c001 79.1462899777, 2023/06/25-23:57:14 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 40 dc c6 0d 3b 37 00 90 07 5b 38 4c d3 66 d5 6a 75 2e aa 06 00 30 6e a0 ec c4 ec 96 36 8e ea 03 80 2c 91 01 61 61 9f bf e3 30 69 5d 13 5f ae 72 00 00 18 37 90 0b 31 ef dc 60 dc 00 40 d6 f4 26 6d 00 00 18 37 80 71 53 0f 70 4b 03 80 ac 59 c4 71 da 7a 50 3d 00 80 71 03 65 27 66 b7 34 02 0a 00 40 d6 74 75 9c b6 85 a8 1e 00 c0 b8 81 b2 13 eb ce cd 47 95 c6 86 4f a9 3e 00 c8 18 cf 0b 42 53 a8 1e 00 c0 b8 01 8c 9b 38 e1 bc 0d 00 e4 c1 64 c7 69 e3 12 4f 00 c0 b8 a1 08 4a 4f ac 6e 69 6f 53 75 00 90 03 4d 8e d3 f6 32 d5 03 00 18 37 50 76 62 dd b9 19 4f d5 01 40 d6 54 2a 15 0b 64 f2 81 c3 a4 4d 97 c6 50 43 00 80 71 03 18 37 71 c2 ce 0d 00 e4 c5 03 0e d3 f4 84 0c af 8f a9 1a 00 c0 b8 81 b2 13 ab 5b 1a 3b 37 00 90 17 43 48 13 00 00 c6 0d f8 04 b7 34 00 80 b6 1b 12 93 Data Ascii: @;7[8Lfju.0n6,aa0i]_r71`@&m7qSpKYqzP=qe'f4@tuGO>BS8diOJOnioSuM27PvbO@T*dMPCq7q[;7CH4
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: f5 54 9f 15 25 30 ef c4 5c a1 02 d9 b7 8d 03 94 19 34 c7 d4 b8 12 6b 85 7d 64 06 28 4f 4f 45 d3 41 86 36 6d a2 c7 43 91 24 77 81 32 5c e2 a9 76 6e ab 2e 07 49 7b 4a 4b e6 90 84 c7 a5 4b a4 6b d4 96 3f e9 40 3e 6c 15 6f e1 1c 8b f2 01 a5 bf 7f 1d eb e9 66 3d 76 cc 31 7f 93 94 bf 6e 1d cc 43 56 3b df 5f 7b ad f4 98 74 9d 74 b5 f2 f0 7e a4 fd b4 7f f8 b8 e7 c9 7e 2a bf cb eb 94 3f 6b 5b ff cd 39 7f 67 b7 77 81 42 e9 b7 05 dc 6d 42 fb de 36 69 bb 9b 7a 7b b1 71 ef 9f a1 7d 0f f3 6c e8 a8 8c 96 0d e5 b3 57 92 ed 42 f1 3b c1 70 be d6 fa 90 ca 68 06 e6 4a ab ea cb 76 cc 1b a5 dd a4 1f d4 d2 00 ad 41 7d de 22 dd 20 0d cf bb cd 77 8a a8 42 cd 10 db 3f 49 b7 c7 06 3a 35 6c 92 30 90 8e 56 5a 07 4b dd 23 29 de 58 dc d2 26 15 d9 b0 09 6d 7c 27 69 b8 fe f3 45 e9 a8 9c Data Ascii: T%0\4k}d(OOEA6mC$w2\vn.I{JKKk?@>lof=v1nCV;_{tt~~*?k[9gwBmB6iz{q}lWB;phJvA}" wB?I:5l0VZK#)X&m\|'iE
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 0a ab 50 1e 88 21 62 5a 74 01 05 42 34 34 bb b5 ba 0c 91 9f 2c 12 d0 a9 8c d3 b9 1a 36 c3 a5 95 0b 9c 4d 3b 68 fc 77 0c 9c 52 b6 6f fb 56 da ee f7 ea 05 cf ea e9 76 b7 58 3b ca a7 7f f8 d6 2c 53 82 e6 60 1e 10 97 28 cf 73 45 d8 8e e7 92 2c 62 a5 05 14 9a 8f 9e fd ff 98 ab be ed 5e 1e 54 14 e3 c6 ac ef bf 27 c5 3c 63 33 27 56 0e 1f 6a 0f 2b 10 31 b8 a5 45 b5 73 a3 7a dd 34 7c 8c cb 74 18 fa 78 e5 fb 30 c6 e9 cc db 9a ed 06 5b 88 d7 15 4b 90 5d fb 6e d9 0a f7 36 d4 7c 69 da b7 dd af 75 5b 09 0c 9b 99 fc 46 79 1e d0 86 f2 d9 32 f4 ff ae 25 6a 16 e6 96 78 51 4c 3b 38 4a ab 5d 24 6b 67 6e 7f 4d af 9e 25 9d 43 9d 9e d2 d1 7a f5 60 dc ec 2c 95 f9 23 65 11 e1 8e 75 90 0e ef 6e 69 93 2a 8d 0d 53 22 1a c4 36 08 83 58 19 2f bd 34 97 81 4d 18 a7 33 6b 6b b6 7a 79 bd Data Ascii: P!bZtB44,6M;hwRoVvX;,S`(sE,b^T'<c3'Vj+1Esz4\|tx0[K]n6\|iu[Fy2%jxQL;8J]$kgnM%Cz`,#euni*S"6X/4M3kkzy
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: ce e3 30 ef 8b 2b 8d ab 28 bd 2f 66 f0 ae c9 8e db 80 b7 33 37 31 ee da 98 7b ce 63 d2 e3 d2 4b c9 57 6e 9c 9f 86 71 60 81 30 79 ed 2d 7d 47 ea 27 ad 99 c4 b3 45 0d ad 1f 4f 6f 91 6e 90 86 69 6c 99 d8 86 8f f8 4a 61 a2 60 81 34 fa 44 90 d7 6d 2d a4 be f2 38 9d 6a 2f 2d 6f 26 e9 4a 75 53 f8 f3 e4 30 e6 d9 b8 66 97 02 2e 92 a4 5e 1c 0d a1 4d 2f 51 c2 32 7a 5f 1a 99 a4 5e 31 f6 5d 98 10 be 17 36 4f 5a 30 c8 ca a8 97 b4 4e 12 df c2 de 8f ea 69 dc 88 a3 42 19 79 62 98 74 ac c6 be 27 6b 30 5f b6 c5 e5 93 35 96 9e a9 e7 c1 61 be bc b0 a3 bc f6 57 da d6 f9 66 5e bd 1b 37 af 48 3b 2b d1 cf d4 e3 c7 f5 bb 9f eb 71 9a 0a 66 58 f8 d8 7b bc 88 71 13 29 0b e3 c6 b3 5b 9a 1b e3 46 6d c5 26 fc 1b 44 32 a8 db 2a cc 90 24 bd 50 ec 5e b5 f7 cf da 98 d7 ee 7a ec 26 fd 54 da Data Ascii: 0+(/f371{cKWnq`0y-}G'EOonilJa`4Dm-8j/-o&JuS0f.^M/Q2z_^1]6OZ0NiBybt'k0_5aWf^7H;+qfX{q)[Fm&D2*$P^z&T
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: e3 e6 62 87 83 c4 60 27 e9 c8 ea 66 70 8f 6e 69 5e 76 6e fa 3b 2b 17 db 8e f6 e4 3a f9 5b 69 38 73 af 5c b1 f0 b7 5e a2 3d 5a 28 72 2f 0b 13 0d 34 8d c2 60 e1 cc 73 6f 57 e1 5c f0 e9 4e cb c8 c2 f7 3f e1 a0 8c 6c 3e 71 b4 a3 72 a9 e5 22 c7 56 39 e7 e5 09 95 ef bf 3c 35 ba 60 68 5d 9e 73 32 3a 27 61 21 da 8b 71 63 b7 64 df ee 70 90 b0 8b 3d 3d b8 6a f5 c8 e8 3d 1e dd d2 72 3f 73 13 ce db f4 75 54 26 e6 7a 74 be a7 4a 0a 03 db be d2 47 cc bf 72 c1 a2 a3 fd d1 51 7b b0 55 ed b3 9c 24 67 09 9a 47 21 b0 28 90 97 3a 4a 8f b9 7f 4e 70 56 46 e6 7d 71 aa a3 f4 58 80 11 2f 1e 39 4b d5 68 3e 30 77 92 ff 62 e7 79 4e fb e8 0d 0e d2 b0 91 27 e3 c6 6e 4f 77 17 86 38 f8 8f ff db 41 52 e6 cf 70 60 c4 b8 f9 36 b6 9d bd 88 93 f2 30 97 83 c3 f3 76 3d 9a 4d 7f 79 43 8f 3f 30 Data Ascii: b`'fpni^vn;+:[i8s\^=Z(r/4`soW\N?l>qr"V9<5`h]s2:'a!qcdp==j=r?suT&ztJGrQ{U$gG!(:JNpVF}qX/9Kh>0wbyN'nOw8ARp`60v=MyC?0
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 31 a3 65 1b 69 27 69 3b 69 b1 f6 fe 94 7e cb 26 ea 43 a4 1b 65 e8 8c c1 b8 99 23 eb 45 68 dc ac 47 af 01 00 00 8c 1b c8 10 76 6e a0 55 46 cd 12 7a 1c 2a 1d d2 01 83 a6 39 95 30 f1 35 9d a2 df bf 5f cf 41 d2 ed 32 74 aa ce b2 ff 8e 93 74 d8 0e d9 c5 91 35 9d f5 e9 3d 00 00 50 10 c6 e7 fc fe a7 a5 7d a9 86 39 d7 13 c6 0d b4 64 d4 98 6b d9 d1 d2 71 49 ea 66 56 2f b6 0c 7a 44 ef 3c 46 06 ce a3 8e 8a 61 ac 34 3d c9 ff ae 99 1f 44 d5 76 aa d5 c5 f5 58 8b 5e 04 00 00 05 a1 29 e7 f7 77 a9 54 2a 4f 51 0d 73 86 80 02 30 3b c3 a6 9f 1e cf 48 27 d5 d9 b0 69 4e df 60 e0 9c 23 cd e7 a1 1c 34 90 7c 11 0c 9c bc 59 46 06 43 4c c6 c2 b6 49 ba 43 07 00 00 50 14 e3 26 4f ef 12 9b 07 70 a9 37 c6 0d b4 c3 a8 a9 48 bf d7 1f 1f 90 7a e5 94 8c 5f 48 a3 94 8e de 8e 06 34 0f ec 1e Data Ascii: 1ei'i;i~&Ce#EhGvnUFz905_A2tt5=P}9dkqIfV/zD<Fa4=DvX^)wTOQs0;H'iN`#4\|YFCLICP&Op7Hz_H4
2024-10-28 23:06:28 UTC	1369	IN	Data Raw: 00 00 80 8e cd 07 34 1d a8 9a db f6 10 a7 49 dc 24 c8 0c 17 bb 0b e6 59 e9 75 e9 43 c9 ee ef b3 33 3a 76 6f a0 79 79 f4 4e d2 7b 6b 16 8c a4 f8 6f 52 f9 3f 8f 71 03 c6 5c 05 ca 4b 9e ed f7 34 69 9f 82 95 27 00 00 00 b4 0d db bd 79 44 ea eb 3c 9d 76 6e 76 f3 a0 d8 f9 42 1a 30 bb ff 93 80 02 e5 a3 4a 11 74 9c 4a a5 f2 8a 1e 17 53 12 00 00 00 a5 9e 0f d8 bc ea 08 69 06 a5 91 19 17 aa dc 5f c6 b8 81 99 4c 2b 50 5e 3e c9 f9 fd 7f 90 a6 d0 a4 00 00 00 4a 6d e0 3c 69 13 6e 4a 22 13 2c 82 eb 09 2d fd 05 8c 9b f2 f1 5e 81 f2 92 6b 48 66 3b 7b 93 cc e6 30 1b 00 00 00 94 0a 9b 70 8f a3 18 ea ce af 34 ff 9a 84 71 03 cd 19 47 5e 6a ca 19 d2 18 9a 15 00 00 40 79 d1 84 db 16 5c 09 34 54 5f ae 57 39 5f 3f a7 bf 84 71 53 3e 2c 1e f8 c7 05 c9 cb 2b 0e 06 b3 a9 7a 1c 46 b3 Data Ascii: 4I$YuC3:voyyN{koR?q\K4i'yD<vnvB0JtJSi_L+P^>Jm<inJ",-^kHf;{0p4qG^j@y\4T_W9_?qS>,+zF
2024-10-28 23:06:28 UTC	551	IN	Data Raw: 2d f5 94 16 95 e6 97 e6 49 d2 ed d4 cf 24 0b 35 6d 87 ce 5f 92 9e 91 46 48 a3 cb b4 43 d3 46 23 c7 06 b2 bf e8 b9 65 18 c8 ec 1e a2 45 32 4c c6 e8 60 74 fe cd 56 8f a8 15 00 00 80 5c e7 06 b6 13 72 97 49 f3 03 9b 63 6d 2b 6d 9f a4 e1 a4 97 ca 39 79 36 af b3 23 0c 43 bc 5c 09 31 37 4d 06 da 69 e8 d8 f9 98 3b 82 a0 f6 03 99 6d df 0e 33 69 20 3b 48 cf cd c3 20 d6 3f 18 94 73 d5 f0 75 e6 0a 37 3c bc ef 4e bd fb d5 1a fe b6 9d dd 9a 2f c7 a2 7c bd ce bf 9f f7 ae ee 67 11 34 67 0b 9a 91 b7 87 c0 c4 3a b6 af 22 7b 3f 7c e6 20 7f 8f 45 d0 c6 f3 1e 07 5e 8f a0 8c 86 e7 fc fe 18 c6 ca d6 ce 0f a6 e8 71 53 50 a2 39 c2 6a 7a 6c 21 6d 10 e6 07 ab 24 1d f3 ac 69 89 2f 24 f3 e4 78 44 32 af 9e 07 94 9e b1 ee ca 88 69 24 40 5c 68 20 5b 50 8f d5 25 1b d0 2c 20 c1 72 49 ba Data Ascii: -I$5m_FHCF#eE2L`tV\rIcm+m9y6#C\17Mi;m3i ;H ?su7<N/\|g4g:"{?\| E^qSP9jzl!m$i/$xD2i$@\h [P%, rI

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:29 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-28 23:06:29 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=136099 Date: Mon, 28 Oct 2024 23:06:29 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:29 UTC	552	OUT	GET /js/64a3d891df473b0019d1b0da.js HTTP/1.1 Host: buttons-config.sharethis.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:30 UTC	618	IN	HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 587 Connection: close Last-Modified: Tue, 04 Jul 2023 08:34:42 GMT x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 Date: Mon, 28 Oct 2024 23:06:31 GMT Cache-Control: public, max-age=60 ETag: "dbc2ee2cff3f39d02ff8ebaa01510791" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-C1 X-Amz-Cf-Id: aSpbS6wvMFkQaV_hKjw12Tovid6sRUeYSiSK1638L-Rok4jYfDCo5A== Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-10-28 23:06:30 UTC	587	IN	Data Raw: 77 69 6e 64 6f 77 2e 5f 5f 73 68 61 72 65 74 68 69 73 5f 5f 2e 69 6e 69 74 28 7b 22 74 73 22 3a 31 36 38 38 34 35 39 36 38 31 36 37 38 2c 22 69 6e 6c 69 6e 65 2d 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 22 3a 7b 22 61 6c 69 67 6e 6d 65 6e 74 22 3a 22 63 65 6e 74 65 72 22 2c 22 62 61 63 6b 67 72 6f 75 6e 64 5f 63 6f 6c 6f 72 22 3a 22 23 42 35 38 31 41 33 22 2c 22 63 6f 6c 6f 72 22 3a 22 73 6f 63 69 61 6c 22 2c 22 65 6e 61 62 6c 65 64 22 3a 74 72 75 65 2c 22 66 6f 6e 74 5f 73 69 7a 65 22 3a 31 32 2c 22 68 61 73 5f 73 70 61 63 69 6e 67 22 3a 74 72 75 65 2c 22 69 73 5f 73 73 62 22 3a 66 61 6c 73 65 2c 22 6c 61 62 65 6c 73 22 3a 22 63 74 61 22 2c 22 6c 61 6e 67 75 61 67 65 22 3a 22 65 6e 22 2c 22 6d 69 6e 5f 63 6f 75 6e 74 22 3a 31 30 2c 22 6e 65 74 77 6f 72 6b Data Ascii: window.__sharethis__.init({"ts":1688459681678,"inline-share-buttons":{"alignment":"center","background_color":"#B581A3","color":"social","enabled":true,"font_size":12,"has_spacing":true,"is_ssb":false,"labels":"cta","language":"en","min_count":10,"network

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:30 UTC	502	OUT	HEAD / HTTP/1.1 Host: hianime.to Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:30 UTC	1051	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 23:06:30 GMT Content-Type: text/html; charset=utf-8 Connection: close X-DNS-Prefetch-Control: on Expect-CT: max-age=0 Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-XSS-Protection: 1; mode=block Vary: Accept-Encoding cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2UvXQh6ELLkbWrcghlHccK2OIXxoQuh7NUWc%2FwYlxMUTdtQ6ep9XQfAelGYw2lATPgdY4AT%2FS6bs05zk1ZUBh0uJyYNmOxlGCcxo3%2BWyqFqffCrGWP58IzsrCg3"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8d9e93a26843c871-DFW alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1131&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2821&recv_bytes=1080&delivery_rate=2518260&cwnd=154&unsent_bytes=0&cid=b73b4ad314ca06fa&ts=383&x=0"

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:30 UTC	1483	OUT	GET /pview?event=pview&hostname=hianime.to&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fhianime.to%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Watch%20Anime%20Online%2C%20Free%20Anime%20Streaming%20Online%20on%20HiAnime.to%20Anime%20Website&cms=unknown&publisher=64a3d891df473b0019d1b0da&sop=true&version=st_sop.js&lang=en&description=HiAnime%20is%20a%20Free%20anime%20streaming%20website%20which%20you%20can%20watch%20English%20Subbed%20and%20Dubbed%20Anime%20online%20with%20No%20Account%20and%20Daily%20update.%20WATCH%20NOW!&ua=%22Google%20Chrome%22%3Bv%3D%22117%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22117%22&ua_mobile=false&ua_platform=Windows&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22117.0.5938.132%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22117.0.5938.132%22&ua_platform_version=10.0.0&uuid=a1ef854f-118b-457c-af69-f7096a1264b4 HTTP/1.1 Host: l.sharethis.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://hianime.to Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:30 UTC	1752	IN	HTTP/1.1 301 Moved Permanently Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: * Access-Control-Allow-Origin: https://hianime.to Access-Control-Expose-Headers: stid Access-Control-Max-Age: 1728000 Cache-Control: no-cache, no-store, must-revalidate Content-Type: text/html; charset=utf-8 Date: Mon, 28 Oct 2024 23:06:30 GMT Location: /sc?event=pview&hostname=hianime.to&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fhianime.to%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Watch%20Anime%20Online%2C%20Free%20Anime%20Streaming%20Online%20on%20HiAnime.to%20Anime%20Website&cms=unknown&publisher=64a3d891df473b0019d1b0da&sop=true&version=st_sop.js&lang=en&description=HiAnime%20is%20a%20Free%20anime%20streaming%20website%20which%20you%20can%20watch%20English%20Subbed%20and%20Dubbed%20Anime%20online%20with%20No%20Account%20and%20Daily%20update.%20WATCH%20NOW!&ua=%22Google%20Chrome%22%3Bv%3D%22117%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22117%22&ua_mobile=false&ua_platform=Windows&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22117.0.5938.132%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22117.0.5938.132%22&ua_platform_version=10.0.0&uuid=a1ef854f-118b-457c-af69-f7096a1264b4&samesite=None Set-Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; Path=/; Domain=sharethis.com; Expires=Tue, 28 Oct 2025 23:06:30 GMT; Secure; SameSite=None Set-Cookie: __stidv=2; Path=/; Domain=sharethis.com; Expires=Tue, 28 Oct 2025 23:06:30 GMT; Secure; SameSite=None Stid: ZGqAAmcgGPYAAAAMeC0AAw== Strict-Transport-Security: max-age=63072000; includeSubDomains; X-Robots-Tag: noindex, nofollow Content-Length: 1085 Connection: Close
2024-10-28 23:06:30 UTC	1085	IN	Data Raw: 3c 61 20 68 72 65 66 3d 22 2f 73 63 3f 65 76 65 6e 74 3d 70 76 69 65 77 26 61 6d 70 3b 68 6f 73 74 6e 61 6d 65 3d 68 69 61 6e 69 6d 65 2e 74 6f 26 61 6d 70 3b 6c 6f 63 61 74 69 6f 6e 3d 25 32 46 26 61 6d 70 3b 70 72 6f 64 75 63 74 3d 69 6e 6c 69 6e 65 2d 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 26 61 6d 70 3b 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 68 69 61 6e 69 6d 65 2e 74 6f 25 32 46 26 61 6d 70 3b 73 6f 75 72 63 65 3d 70 6c 61 74 66 6f 72 6d 26 61 6d 70 3b 66 63 6d 70 3d 66 61 6c 73 65 26 61 6d 70 3b 66 63 6d 70 76 32 3d 66 61 6c 73 65 26 61 6d 70 3b 68 61 73 5f 73 65 67 6d 65 6e 74 69 6f 3d 66 61 6c 73 65 26 61 6d 70 3b 74 69 74 6c 65 3d 57 61 74 63 68 25 32 30 41 6e 69 6d 65 25 32 30 4f 6e 6c 69 6e 65 25 32 43 25 32 30 46 72 65 65 25 32 Data Ascii: <a href="/sc?event=pview&hostname=hianime.to&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fhianime.to%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Watch%20Anime%20Online%2C%20Free%2

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:30 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-28 23:06:30 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=136152 Date: Mon, 28 Oct 2024 23:06:30 GMT Content-Length: 55 Connection: close X-CID: 2
2024-10-28 23:06:30 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:30 UTC	449	OUT	GET /images/logo.png?v=0.1 HTTP/1.1 Host: hianime.to Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: _ga_R34F2GCSBW=GS1.1.1730156788.1.0.1730156788.0.0.0; _ga=GA1.1.525988088.1730156788
2024-10-28 23:06:31 UTC	1186	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 23:06:30 GMT Content-Type: image/png Content-Length: 11692 Connection: close X-DNS-Prefetch-Control: on Expect-CT: max-age=0 Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Last-Modified: Mon, 26 Feb 2024 18:23:07 GMT ETag: W/"2dac-18de6a80586" CF-Cache-Status: HIT Age: 307973 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3zQLbsM5Pp3ysKHKK1U9ZhvkVVCGZXMbXb23jmVoAnNbC9Lb%2F2%2Fn9GmEB5Se1KAdX5tG54Bg01eDaYgICFyLL%2FqEh5PPdsSaJ1JSAo%2Bgb%2FqJiJzZryh7Oo3iZoQe"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8d9e93a75a862ca2-DFW alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1435&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2821&recv_bytes=1027&delivery_rate=1993117&cwnd=251&unsent_bytes=0&cid=2db2e36d43cd35c1&ts=152&x=0"
2024-10-28 23:06:31 UTC	183	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 37 00 00 00 c8 08 06 00 00 00 d5 fd 1f 8b 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 29 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a Data Ascii: PNGIHDR7tEXtSoftwareAdobe ImageReadyqe<)iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:
2024-10-28 23:06:31 UTC	1369	IN	Data Raw: 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 39 2e 31 2d 63 30 30 31 20 37 39 2e 31 34 36 32 38 39 39 37 37 37 2c 20 32 30 32 33 2f 30 36 2f 32 35 2d 32 33 3a 35 37 3a 31 34 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f Data Ascii: meta/" x:xmptk="Adobe XMP Core 9.1-c001 79.1462899777, 2023/06/25-23:57:14 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/
2024-10-28 23:06:31 UTC	1369	IN	Data Raw: 46 b5 00 00 60 dc 40 dc c6 0d 3b 37 00 90 07 5b 38 4c d3 66 d5 6a 75 2e aa 06 00 30 6e a0 ec c4 ec 96 36 8e ea 03 80 2c 91 01 61 61 9f bf e3 30 69 5d 13 5f ae 72 00 00 18 37 90 0b 31 ef dc 60 dc 00 40 d6 f4 26 6d 00 00 18 37 80 71 53 0f 70 4b 03 80 ac 59 c4 71 da 7a 50 3d 00 80 71 03 65 27 66 b7 34 02 0a 00 40 d6 74 75 9c b6 85 a8 1e 00 c0 b8 81 b2 13 eb ce cd 47 95 c6 86 4f a9 3e 00 c8 18 cf 0b 42 53 a8 1e 00 c0 b8 01 8c 9b 38 e1 bc 0d 00 e4 c1 64 c7 69 e3 12 4f 00 c0 b8 a1 08 4a 4f ac 6e 69 6f 53 75 00 90 03 4d 8e d3 f6 32 d5 03 00 18 37 50 76 62 dd b9 19 4f d5 01 40 d6 54 2a 15 0b 64 f2 81 c3 a4 4d 97 c6 50 43 00 80 71 03 18 37 71 c2 ce 0d 00 e4 c5 03 0e d3 f4 84 0c af 8f a9 1a 00 c0 b8 81 b2 13 ab 5b 1a 3b 37 00 90 17 43 48 13 00 00 c6 0d f8 04 b7 34 Data Ascii: F`@;7[8Lfju.0n6,aa0i]_r71`@&m7qSpKYqzP=qe'f4@tuGO>BS8diOJOnioSuM27PvbO@T*dMPCq7q[;7CH4
2024-10-28 23:06:31 UTC	1369	IN	Data Raw: 32 8c e7 d6 e6 9f f5 54 9f 15 25 30 ef c4 5c a1 02 d9 b7 8d 03 94 19 34 c7 d4 b8 12 6b 85 7d 64 06 28 4f 4f 45 d3 41 86 36 6d a2 c7 43 91 24 77 81 32 5c e2 a9 76 6e ab 2e 07 49 7b 4a 4b e6 90 84 c7 a5 4b a4 6b d4 96 3f e9 40 3e 6c 15 6f e1 1c 8b f2 01 a5 bf 7f 1d eb e9 66 3d 76 cc 31 7f 93 94 bf 6e 1d cc 43 56 3b df 5f 7b ad f4 98 74 9d 74 b5 f2 f0 7e a4 fd b4 7f f8 b8 e7 c9 7e 2a bf cb eb 94 3f 6b 5b ff cd 39 7f 67 b7 77 81 42 e9 b7 05 dc 6d 42 fb de 36 69 bb 9b 7a 7b b1 71 ef 9f a1 7d 0f f3 6c e8 a8 8c 96 0d e5 b3 57 92 ed 42 f1 3b c1 70 be d6 fa 90 ca 68 06 e6 4a ab ea cb 76 cc 1b a5 dd a4 1f d4 d2 00 ad 41 7d de 22 dd 20 0d cf bb cd 77 8a a8 42 cd 10 db 3f 49 b7 c7 06 3a 35 6c 92 30 90 8e 56 5a 07 4b dd 23 29 de 58 dc d2 26 15 d9 b0 09 6d 7c 27 69 b8 Data Ascii: 2T%0\4k}d(OOEA6mC$w2\vn.I{JKKk?@>lof=v1nCV;_{tt~~*?k[9gwBmB6iz{q}lWB;phJvA}" wB?I:5l0VZK#)X&m\|'i
2024-10-28 23:06:31 UTC	1369	IN	Data Raw: 8e cd ac 56 21 ee 0a ab 50 1e 88 21 62 5a 74 01 05 42 34 34 bb b5 ba 0c 91 9f 2c 12 d0 a9 8c d3 b9 1a 36 c3 a5 95 0b 9c 4d 3b 68 fc 77 0c 9c 52 b6 6f fb 56 da ee f7 ea 05 cf ea e9 76 b7 58 3b ca a7 7f f8 d6 2c 53 82 e6 60 1e 10 97 28 cf 73 45 d8 8e e7 92 2c 62 a5 05 14 9a 8f 9e fd ff 98 ab be ed 5e 1e 54 14 e3 c6 ac ef bf 27 c5 3c 63 33 27 56 0e 1f 6a 0f 2b 10 31 b8 a5 45 b5 73 a3 7a dd 34 7c 8c cb 74 18 fa 78 e5 fb 30 c6 e9 cc db 9a ed 06 5b 88 d7 15 4b 90 5d fb 6e d9 0a f7 36 d4 7c 69 da b7 dd af 75 5b 09 0c 9b 99 fc 46 79 1e d0 86 f2 d9 32 f4 ff ae 25 6a 16 e6 96 78 51 4c 3b 38 4a ab 5d 24 6b 67 6e 7f 4d af 9e 25 9d 43 9d 9e d2 d1 7a f5 60 dc ec 2c 95 f9 23 65 11 e1 8e 75 90 0e ef 6e 69 93 2a 8d 0d 53 22 1a c4 36 08 83 58 19 2f bd 34 97 81 4d 18 a7 33 Data Ascii: V!P!bZtB44,6M;hwRoVvX;,S`(sE,b^T'<c3'Vj+1Esz4\|tx0[K]n6\|iu[Fy2%jxQL;8J]$kgnM%Cz`,#euni*S"6X/4M3
2024-10-28 23:06:31 UTC	1369	IN	Data Raw: c3 77 74 92 6e 27 ce e3 30 ef 8b 2b 8d ab 28 bd 2f 66 f0 ae c9 8e db 80 b7 33 37 31 ee da 98 7b ce 63 d2 e3 d2 4b c9 57 6e 9c 9f 86 71 60 81 30 79 ed 2d 7d 47 ea 27 ad 99 c4 b3 45 0d ad 1f 4f 6f 91 6e 90 86 69 6c 99 d8 86 8f f8 4a 61 a2 60 81 34 fa 44 90 d7 6d 2d a4 be f2 38 9d 6a 2f 2d 6f 26 e9 4a 75 53 f8 f3 e4 30 e6 d9 b8 66 97 02 2e 92 a4 5e 1c 0d a1 4d 2f 51 c2 32 7a 5f 1a 99 a4 5e 31 f6 5d 98 10 be 17 36 4f 5a 30 c8 ca a8 97 b4 4e 12 df c2 de 8f ea 69 dc 88 a3 42 19 79 62 98 74 ac c6 be 27 6b 30 5f b6 c5 e5 93 35 96 9e a9 e7 c1 61 be bc b0 a3 bc f6 57 da d6 f9 66 5e bd 1b 37 af 48 3b 2b d1 cf d4 e3 c7 f5 bb 9f eb 71 9a 0a 66 58 f8 d8 7b bc 88 71 13 29 0b e3 c6 b3 5b 9a 1b e3 46 6d c5 26 fc 1b 44 32 a8 db 2a cc 90 24 bd 50 ec 5e b5 f7 cf da 98 d7 ee Data Ascii: wtn'0+(/f371{cKWnq`0y-}G'EOonilJa`4Dm-8j/-o&JuS0f.^M/Q2z_^1]6OZ0NiBybt'k0_5aWf^7H;+qfX{q)[Fm&D2*$P^
2024-10-28 23:06:31 UTC	1369	IN	Data Raw: f7 95 e1 b9 90 37 e3 e6 62 87 83 c4 60 27 e9 c8 ea 66 70 8f 6e 69 5e 76 6e fa 3b 2b 17 db 8e f6 e4 3a f9 5b 69 38 73 af 5c b1 f0 b7 5e a2 3d 5a 28 72 2f 0b 13 0d 34 8d c2 60 e1 cc 73 6f 57 e1 5c f0 e9 4e cb c8 c2 f7 3f e1 a0 8c 6c 3e 71 b4 a3 72 a9 e5 22 c7 56 39 e7 e5 09 95 ef bf 3c 35 ba 60 68 5d 9e 73 32 3a 27 61 21 da 8b 71 63 b7 64 df ee 70 90 b0 8b 3d 3d b8 6a f5 c8 e8 3d 1e dd d2 72 3f 73 13 ce db f4 75 54 26 e6 7a 74 be a7 4a 0a 03 db be d2 47 cc bf 72 c1 a2 a3 fd d1 51 7b b0 55 ed b3 9c 24 67 09 9a 47 21 b0 28 90 97 3a 4a 8f b9 7f 4e 70 56 46 e6 7d 71 aa a3 f4 58 80 11 2f 1e 39 4b d5 68 3e 30 77 92 ff 62 e7 79 4e fb e8 0d 0e d2 b0 91 27 e3 c6 6e 4f 77 17 86 38 f8 8f ff db 41 52 e6 cf 70 60 c4 b8 f9 36 b6 9d bd 88 93 f2 30 97 83 c3 f3 76 3d 9a 4d Data Ascii: 7b`'fpni^vn;+:[i8s\^=Z(r/4`soW\N?l>qr"V9<5`h]s2:'a!qcdp==j=r?suT&ztJGrQ{U$gG!(:JNpVF}qX/9Kh>0wbyN'nOw8ARp`60v=M
2024-10-28 23:06:31 UTC	1369	IN	Data Raw: 3c c6 0d b4 c5 98 31 a3 65 1b 69 27 69 3b 69 b1 f6 fe 94 7e cb 26 ea 43 a4 1b 65 e8 8c c1 b8 99 23 eb 45 68 dc ac 47 af 01 00 00 8c 1b c8 10 76 6e a0 55 46 cd 12 7a 1c 2a 1d d2 01 83 a6 39 95 30 f1 35 9d a2 df bf 5f cf 41 d2 ed 32 74 aa ce b2 ff 8e 93 74 d8 0e d9 c5 91 35 9d f5 e9 3d 00 00 50 10 c6 e7 fc fe a7 a5 7d a9 86 39 d7 13 c6 0d b4 64 d4 98 6b d9 d1 d2 71 49 ea 66 56 2f b6 0c 7a 44 ef 3c 46 06 ce a3 8e 8a 61 ac 34 3d c9 ff ae 99 1f 44 d5 76 aa d5 c5 f5 58 8b 5e 04 00 00 05 a1 29 e7 f7 77 a9 54 2a 4f 51 0d 73 86 80 02 30 3b c3 a6 9f 1e cf 48 27 d5 d9 b0 69 4e df 60 e0 9c 23 cd e7 a1 1c 34 90 7c 11 0c 9c bc 59 46 06 43 4c c6 c2 b6 49 ba 43 07 00 00 50 14 e3 26 4f ef 12 9b 07 70 a9 37 c6 0d b4 c3 a8 a9 48 bf d7 1f 1f 90 7a e5 94 8c 5f 48 a3 94 8e de Data Ascii: <1ei'i;i~&Ce#EhGvnUFz905_A2tt5=P}9dkqIfV/zD<Fa4=DvX^)wTOQs0;H'iN`#4\|YFCLICP&Op7Hz_H
2024-10-28 23:06:31 UTC	1369	IN	Data Raw: 67 25 71 87 d3 06 00 00 80 8e cd 07 34 1d a8 9a db f6 10 a7 49 dc 24 c8 0c 17 bb 0b e6 59 e9 75 e9 43 c9 ee ef b3 33 3a 76 6f a0 79 79 f4 4e d2 7b 6b 16 8c a4 f8 6f 52 f9 3f 8f 71 03 c6 5c 05 ca 4b 9e ed f7 34 69 9f 82 95 27 00 00 00 b4 0d db bd 79 44 ea eb 3c 9d 76 6e 76 f3 a0 d8 f9 42 1a 30 bb ff 93 80 02 e5 a3 4a 11 74 9c 4a a5 f2 8a 1e 17 53 12 00 00 00 a5 9e 0f d8 bc ea 08 69 06 a5 91 19 17 aa dc 5f c6 b8 81 99 4c 2b 50 5e 3e c9 f9 fd 7f 90 a6 d0 a4 00 00 00 4a 6d e0 3c 69 13 6e 4a 22 13 2c 82 eb 09 2d fd 05 8c 9b f2 f1 5e 81 f2 92 6b 48 66 3b 7b 93 cc e6 30 1b 00 00 00 94 0a 9b 70 8f a3 18 ea ce af 34 ff 9a 84 71 03 cd 19 47 5e 6a ca 19 d2 18 9a 15 00 00 40 79 d1 84 db 16 5c 09 34 54 5f ae 57 39 5f 3f a7 bf 84 71 53 3e 2c 1e f8 c7 05 c9 cb 2b 0e 06 Data Ascii: g%q4I$YuC3:voyyN{koR?q\K4i'yD<vnvB0JtJSi_L+P^>Jm<inJ",-^kHf;{0p4qG^j@y\4T_W9_?qS>,+
2024-10-28 23:06:31 UTC	557	IN	Data Raw: 23 69 fd 30 09 ef 2d f5 94 16 95 e6 97 e6 49 d2 ed d4 cf 24 0b 35 6d 87 ce 5f 92 9e 91 46 48 a3 cb b4 43 d3 46 23 c7 06 b2 bf e8 b9 65 18 c8 ec 1e a2 45 32 4c c6 e8 60 74 fe cd 56 8f a8 15 00 00 80 5c e7 06 b6 13 72 97 49 f3 03 9b 63 6d 2b 6d 9f a4 e1 a4 97 ca 39 79 36 af b3 23 0c 43 bc 5c 09 31 37 4d 06 da 69 e8 d8 f9 98 3b 82 a0 f6 03 99 6d df 0e 33 69 20 3b 48 cf cd c3 20 d6 3f 18 94 73 d5 f0 75 e6 0a 37 3c bc ef 4e bd fb d5 1a fe b6 9d dd 9a 2f c7 a2 7c bd ce bf 9f f7 ae ee 67 11 34 67 0b 9a 91 b7 87 c0 c4 3a b6 af 22 7b 3f 7c e6 20 7f 8f 45 d0 c6 f3 1e 07 5e 8f a0 8c 86 e7 fc fe 18 c6 ca d6 ce 0f a6 e8 71 53 50 a2 39 c2 6a 7a 6c 21 6d 10 e6 07 ab 24 1d f3 ac 69 89 2f 24 f3 e4 78 44 32 af 9e 07 94 9e b1 ee ca 88 69 24 40 5c 68 20 5b 50 8f d5 25 1b d0 Data Ascii: #i0-I$5m_FHCF#eE2L`tV\rIcm+m9y6#C\17Mi;m3i ;H ?su7<N/\|g4g:"{?\| E^qSP9jzl!m$i/$xD2i$@\h [P%

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:31 UTC	1546	OUT	GET /sc?event=pview&hostname=hianime.to&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fhianime.to%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Watch%20Anime%20Online%2C%20Free%20Anime%20Streaming%20Online%20on%20HiAnime.to%20Anime%20Website&cms=unknown&publisher=64a3d891df473b0019d1b0da&sop=true&version=st_sop.js&lang=en&description=HiAnime%20is%20a%20Free%20anime%20streaming%20website%20which%20you%20can%20watch%20English%20Subbed%20and%20Dubbed%20Anime%20online%20with%20No%20Account%20and%20Daily%20update.%20WATCH%20NOW!&ua=%22Google%20Chrome%22%3Bv%3D%22117%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22117%22&ua_mobile=false&ua_platform=Windows&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22117.0.5938.132%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22117.0.5938.132%22&ua_platform_version=10.0.0&uuid=a1ef854f-118b-457c-af69-f7096a1264b4&samesite=None HTTP/1.1 Host: l.sharethis.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://hianime.to Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
2024-10-28 23:06:31 UTC	511	IN	HTTP/1.1 200 OK Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: * Access-Control-Allow-Origin: https://hianime.to Access-Control-Expose-Headers: stid Access-Control-Max-Age: 1728000 Cache-Control: no-cache, no-store, must-revalidate Content-Type: text/plain; charset=utf-8 Date: Mon, 28 Oct 2024 23:06:31 GMT Stid: ZGqAAmcgGPYAAAAMeC0AAw== Strict-Transport-Security: max-age=63072000; includeSubDomains; X-Robots-Tag: noindex, nofollow Content-Length: 176 Connection: Close
2024-10-28 23:06:31 UTC	176	IN	Data Raw: 7b 22 66 70 65 73 74 69 64 22 3a 22 2d 56 62 4c 63 74 4c 69 77 34 79 45 42 4b 54 42 46 6f 4e 4a 59 63 4a 5f 64 56 46 74 37 4b 58 65 4d 61 6c 34 43 55 68 58 42 77 61 77 77 6c 37 53 68 4d 57 74 79 61 5a 2d 7a 34 64 45 65 54 2d 4f 4f 5f 49 6a 34 51 22 2c 22 66 70 65 73 74 69 64 5f 6d 61 78 61 67 65 22 3a 33 31 35 33 35 39 39 39 2c 22 6c 6f 74 61 6d 65 22 3a 22 74 72 75 65 22 2c 22 73 74 61 74 75 73 22 3a 22 74 72 75 65 22 2c 22 73 74 69 64 22 3a 22 5a 47 71 41 41 6d 63 67 47 50 59 41 41 41 41 4d 65 43 30 41 41 77 3d 3d 22 7d Data Ascii: {"fpestid":"-VbLctLiw4yEBKTBFoNJYcJ_dVFt7KXeMal4CUhXBwawwl7ShMWtyaZ-z4dEeT-OO_Ij4Q","fpestid_maxage":31535999,"lotame":"true","status":"true","stid":"ZGqAAmcgGPYAAAAMeC0AAw=="}

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:31 UTC	648	OUT	GET /img/telegram.svg HTTP/1.1 Host: platform-cdn.sharethis.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
2024-10-28 23:06:32 UTC	581	IN	HTTP/1.1 200 OK Content-Type: image/svg+xml Content-Length: 858 Connection: close Last-Modified: Fri, 12 Aug 2022 01:07:51 GMT x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 Date: Mon, 28 Oct 2024 23:06:32 GMT ETag: "e3f5e90fa57764cd951db1b1bc688edd" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA50-C1 X-Amz-Cf-Id: zOCyDn71HU--ntDV2lUwcX_nQ2aXYChh13dzQ1DQsrpfvOOxcraJNw== Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-10-28 23:06:32 UTC	858	IN	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 0a 3c 21 2d 2d 20 47 65 6e 65 72 61 74 6f 72 3a 20 41 64 6f 62 65 20 49 6c 6c 75 73 74 72 61 74 6f 72 20 32 34 2e 30 2e 31 2c 20 53 56 47 20 45 78 70 6f 72 74 20 50 6c 75 67 2d 49 6e 20 2e 20 53 56 47 20 56 65 72 73 69 6f 6e 3a 20 36 2e 30 30 20 42 75 69 6c 64 20 30 29 20 20 2d 2d 3e 0a 3c 73 76 67 20 76 65 72 73 69 6f 6e 3d 22 31 2e 31 22 20 69 64 3d 22 57 61 72 73 74 77 61 5f 31 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 78 6d 6c 6e 73 3a 78 6c 69 6e 6b 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 6c 69 6e 6b 22 20 78 3d 22 30 70 78 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8" ?>... Generator: Adobe Illustrator 24.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg version="1.1" id="Warstwa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px"

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:31 UTC	647	OUT	GET /img/twitter.svg HTTP/1.1 Host: platform-cdn.sharethis.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
2024-10-28 23:06:31 UTC	584	IN	HTTP/1.1 200 OK Content-Type: image/svg+xml Content-Length: 368 Connection: close Last-Modified: Fri, 15 Sep 2023 16:58:49 GMT x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 Date: Mon, 28 Oct 2024 23:06:31 GMT ETag: "2deb3d5121d475d195577a70b0a91a0c" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA50-C1 X-Amz-Cf-Id: 2_VJZ92yTPt0i3jVhpToZOxml_ffmfC4t_VCko4w5X3hfeDD19z0rQ== Age: 143 Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-10-28 23:06:31 UTC	368	IN	Data Raw: 3c 73 76 67 20 77 69 64 74 68 3d 22 32 35 22 20 68 65 69 67 68 74 3d 22 32 35 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 32 35 20 32 35 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 0a 3c 72 65 63 74 20 77 69 64 74 68 3d 22 32 35 22 20 68 65 69 67 68 74 3d 22 32 35 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 31 34 2e 34 38 32 31 20 31 31 2e 36 32 31 38 4c 32 31 2e 30 33 38 39 20 34 48 31 39 2e 34 38 35 32 4c 31 33 2e 37 39 31 39 20 31 30 2e 36 31 37 39 4c 39 2e 32 34 34 36 37 20 34 48 34 4c 31 30 2e 38 37 36 33 20 31 34 2e 30 30 37 34 4c 34 20 32 32 48 35 2e 35 35 33 38 35 4c 31 31 2e 35 36 36 31 20 31 35 2e 30 31 31 33 4c 31 36 2e 33 36 38 33 20 32 32 Data Ascii: <svg width="25" height="25" viewBox="0 0 25 25" fill="none" xmlns="http://www.w3.org/2000/svg"><rect width="25" height="25" /><path d="M14.4821 11.6218L21.0389 4H19.4852L13.7919 10.6179L9.24467 4H4L10.8763 14.0074L4 22H5.55385L11.5661 15.0113L16.3683 22

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:31 UTC	648	OUT	GET /img/facebook.svg HTTP/1.1 Host: platform-cdn.sharethis.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
2024-10-28 23:06:31 UTC	604	IN	HTTP/1.1 200 OK Content-Type: image/svg+xml Content-Length: 301 Connection: close Date: Sat, 19 Oct 2024 02:53:38 GMT Last-Modified: Thu, 10 Oct 2019 01:20:12 GMT ETag: "c6e9be45643e197ce1db1d7e24a99adc" x-amz-server-side-encryption: AES256 Cache-Control: public, max-age=2592000 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA50-C1 X-Amz-Cf-Id: Zvtuy5JRDmKFrtYcWAKrbi8rO9XWWDf9negB8r4nAj3i8_emNYQ-Ug== Age: 850374 Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-10-28 23:06:31 UTC	301	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 66 69 6c 6c 3d 22 23 66 66 66 22 20 70 72 65 73 65 72 76 65 41 73 70 65 63 74 52 61 74 69 6f 3d 22 78 4d 69 64 59 4d 69 64 20 6d 65 65 74 22 20 68 65 69 67 68 74 3d 22 31 65 6d 22 20 77 69 64 74 68 3d 22 31 65 6d 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 34 30 20 34 30 22 3e 0a 20 20 3c 67 3e 0a 20 20 20 20 3c 70 61 74 68 20 64 3d 22 6d 32 31 2e 37 20 31 36 2e 37 68 35 76 35 68 2d 35 76 31 31 2e 36 68 2d 35 76 2d 31 31 2e 36 68 2d 35 76 2d 35 68 35 76 2d 32 2e 31 63 30 2d 32 20 30 2e 36 2d 34 2e 35 20 31 2e 38 2d 35 2e 39 20 31 2e 33 2d 31 2e 33 20 32 2e 38 2d 32 20 34 2e 37 2d 32 68 33 2e 35 76 35 68 2d 33 2e 35 63 2d 30 2e 39 20 30 Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" fill="#fff" preserveAspectRatio="xMidYMid meet" height="1em" width="1em" viewBox="0 0 40 40"> <g> <path d="m21.7 16.7h5v5h-5v11.6h-5v-11.6h-5v-5h5v-2.1c0-2 0.6-4.5 1.8-5.9 1.3-1.3 2.8-2 4.7-2h3.5v5h-3.5c-0.9 0

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:31 UTC	646	OUT	GET /img/reddit.svg HTTP/1.1 Host: platform-cdn.sharethis.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
2024-10-28 23:06:31 UTC	604	IN	HTTP/1.1 200 OK Content-Type: image/svg+xml Content-Length: 910 Connection: close Date: Fri, 18 Oct 2024 07:50:01 GMT Last-Modified: Thu, 10 Oct 2019 01:20:13 GMT ETag: "78d796ca648d8a5e665b48ed0217c56a" x-amz-server-side-encryption: AES256 Cache-Control: public, max-age=2592000 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA50-C1 X-Amz-Cf-Id: VBv7VhMDuIiZbeFgbU_48S8AGR_DR0C6FSkWbXDqqs0Xt9sBVsgVYw== Age: 918990 Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-10-28 23:06:31 UTC	910	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 66 69 6c 6c 3d 22 23 66 66 66 22 20 70 72 65 73 65 72 76 65 41 73 70 65 63 74 52 61 74 69 6f 3d 22 78 4d 69 64 59 4d 69 64 20 6d 65 65 74 22 20 68 65 69 67 68 74 3d 22 31 65 6d 22 20 77 69 64 74 68 3d 22 31 65 6d 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 34 30 20 34 30 22 3e 0a 20 20 3c 67 3e 0a 20 20 20 20 3c 70 61 74 68 20 64 3d 22 6d 34 30 20 31 38 2e 39 71 30 20 31 2e 33 2d 30 2e 37 20 32 2e 33 74 2d 31 2e 37 20 31 2e 37 71 30 2e 32 20 31 20 30 2e 32 20 32 2e 31 20 30 20 33 2e 35 2d 32 2e 33 20 36 2e 34 74 2d 36 2e 35 20 34 2e 37 2d 39 20 31 2e 37 2d 38 2e 39 2d 31 2e 37 2d 36 2e 34 2d 34 2e 37 2d 32 2e 34 2d 36 2e 34 71 30 2d 31 Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" fill="#fff" preserveAspectRatio="xMidYMid meet" height="1em" width="1em" viewBox="0 0 40 40"> <g> <path d="m40 18.9q0 1.3-0.7 2.3t-1.7 1.7q0.2 1 0.2 2.1 0 3.5-2.3 6.4t-6.5 4.7-9 1.7-8.9-1.7-6.4-4.7-2.4-6.4q0-1

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:31 UTC	649	OUT	GET /img/sharethis.svg HTTP/1.1 Host: platform-cdn.sharethis.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
2024-10-28 23:06:31 UTC	604	IN	HTTP/1.1 200 OK Content-Type: image/svg+xml Content-Length: 514 Connection: close Date: Fri, 18 Oct 2024 05:29:15 GMT Last-Modified: Thu, 10 Oct 2019 01:20:13 GMT ETag: "deecdaa377907db5cc1722fc831670a1" x-amz-server-side-encryption: AES256 Cache-Control: public, max-age=2592000 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA50-C1 X-Amz-Cf-Id: mQn0LxYxyeM5_83XYqrfPqkLrPO7NYQDTYYIkV-krT-Wg8KnpzdhBA== Age: 927437 Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-10-28 23:06:31 UTC	514	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 66 69 6c 6c 3d 22 23 66 66 66 22 20 70 72 65 73 65 72 76 65 41 73 70 65 63 74 52 61 74 69 6f 3d 22 78 4d 69 64 59 4d 69 64 20 6d 65 65 74 22 20 68 65 69 67 68 74 3d 22 31 65 6d 22 20 77 69 64 74 68 3d 22 31 65 6d 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 34 30 20 34 30 22 3e 0a 20 20 3c 67 3e 0a 20 20 20 20 3c 70 61 74 68 20 64 3d 22 6d 33 30 20 32 36 2e 38 63 32 2e 37 20 30 20 34 2e 38 20 32 2e 32 20 34 2e 38 20 34 2e 38 73 2d 32 2e 31 20 35 2d 34 2e 38 20 35 2d 34 2e 38 2d 32 2e 33 2d 34 2e 38 2d 35 63 30 2d 30 2e 33 20 30 2d 30 2e 37 20 30 2d 31 2e 31 6c 2d 31 31 2e 38 2d 36 2e 38 63 2d 30 2e 39 20 30 2e 38 2d 32 2e 31 20 31 2e 33 Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" fill="#fff" preserveAspectRatio="xMidYMid meet" height="1em" width="1em" viewBox="0 0 40 40"> <g> <path d="m30 26.8c2.7 0 4.8 2.2 4.8 4.8s-2.1 5-4.8 5-4.8-2.3-4.8-5c0-0.3 0-0.7 0-1.1l-11.8-6.8c-0.9 0.8-2.1 1.3

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://hianime.to

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 139

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 143

Chrome Cache Entry: 144

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 150

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 157

Chrome Cache Entry: 158

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 162

Chrome Cache Entry: 163

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Windows Analysis Report
https://hianime.to

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:31 UTC	493	OUT	OPTIONS / HTTP/1.1 Host: cswjpnmveybweu.com Connection: keep-alive Accept: / Access-Control-Request-Method: HEAD Access-Control-Request-Headers: content-type Origin: https://hianime.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:31 UTC	480	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 28 Oct 2024 23:06:31 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 0 Connection: close Access-Control-Allow-Origin: https://hianime.to Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid Access-Control-Max-Age: 86400

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:31 UTC	646	OUT	GET /v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fhianime.to%2F HTTP/1.1 Host: count-server.sharethis.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
2024-10-28 23:06:32 UTC	501	IN	HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 820 Connection: close Date: Mon, 28 Oct 2024 23:06:32 GMT ETag: 6bde8a6b4e18c48f6260eda7e603287a Cache-Control: public, max-age=86400 Apigw-Requestid: AYjW0gPhoAMEJWA= X-Cache: Miss from cloudfront Via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P1 X-Amz-Cf-Id: HJosLoTafLPA9xeks1Y182LGQ8u59BNS5vpsZhVrDEA-IfgkqxpSzQ== Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-10-28 23:06:32 UTC	820	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 7b 77 69 6e 64 6f 77 2e 5f 5f 73 68 61 72 65 74 68 69 73 5f 5f 2e 63 62 28 7b 22 63 6c 69 63 6b 73 22 3a 7b 22 61 6c 6c 22 3a 33 37 35 35 36 32 2c 22 61 6d 61 7a 6f 6e 5f 77 69 73 68 6c 69 73 74 22 3a 31 38 2c 22 61 74 74 22 3a 31 31 39 36 2c 22 62 6c 6f 67 67 65 72 22 3a 33 37 2c 22 65 6d 61 69 6c 22 3a 31 37 33 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 36 36 38 34 30 2c 22 67 69 74 68 75 62 22 3a 33 38 34 38 2c 22 69 6e 73 74 61 67 72 61 6d 22 3a 31 35 30 30 39 37 2c 22 6c 69 6e 6b 65 64 69 6e 22 3a 31 35 2c 22 6c 69 76 65 6a 6f 75 72 6e 61 6c 22 3a 31 2c 22 6d 61 69 6c 5f 72 75 22 3a 31 2c 22 6d 65 73 73 65 6e 67 65 72 22 3a 35 35 38 2c 22 70 69 6e 74 65 72 65 73 74 22 3a 31 37 2c 22 71 75 6f 72 61 22 3a 31 32 37 2c 22 72 65 Data Ascii: (function(){window.__sharethis__.cb({"clicks":{"all":375562,"amazon_wishlist":18,"att":1196,"blogger":37,"email":173,"facebook":66840,"github":3848,"instagram":150097,"linkedin":15,"livejournal":1,"mail_ru":1,"messenger":558,"pinterest":17,"quora":127,"re

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:32 UTC	583	OUT	GET /panorama.js HTTP/1.1 Host: platform-api.sharethis.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
2024-10-28 23:06:32 UTC	606	IN	HTTP/1.1 200 OK Content-Type: application/javascript; charset=UTF-8 Content-Length: 39537 Connection: close Accept-Ranges: bytes Last-Modified: Wed, 16 Oct 2024 13:39:05 GMT X-Frame-Options: SAMEORIGIN Cache-Control: public, max-age=3600 Date: Mon, 28 Oct 2024 22:52:39 GMT ETag: W/"9a71-192958db4a8" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 4aba10f1ef4bda5f7c1b86a07ca64264.cloudfront.net (CloudFront) X-Amz-Cf-Pop: HEL51-P1 X-Amz-Cf-Id: k6aUeHD0hMEhZGBxzTVDJIyAXh4or0aaKpdQYyRSg3fH4qg_U5vvVA== Age: 833 Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-10-28 23:06:32 UTC	15778	IN	Data Raw: 76 61 72 20 6c 6f 74 61 6d 65 49 73 43 6f 6d 70 61 74 69 62 6c 65 20 3d 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 20 72 65 74 75 72 6e 20 28 20 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 6b 65 79 73 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 20 26 26 20 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 70 6f 73 74 4d 65 73 73 61 67 65 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 20 26 26 20 74 79 70 65 6f 66 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 20 26 26 20 74 79 70 65 6f 66 28 6e 65 77 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 28 29 2e 77 69 74 68 43 72 65 64 65 6e 74 69 61 6c 73 29 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 20 26 26 20 74 79 70 65 6f 66 20 63 6f 6e 73 6f 6c 65 20 21 3d 3d 20 27 Data Ascii: var lotameIsCompatible = function() { return ( typeof Object.keys !== 'undefined' && typeof window.postMessage !== 'undefined' && typeof XMLHttpRequest !== 'undefined' && typeof(new XMLHttpRequest().withCredentials) !== 'undefined' && typeof console !== '
2024-10-28 23:06:32 UTC	16384	IN	Data Raw: 68 69 73 2e 52 3d 74 68 69 73 2e 50 3d 74 68 69 73 2e 6a 3d 6e 75 6c 6c 3b 73 79 6e 63 31 36 36 32 31 5f 68 61 28 74 68 69 73 2c 61 2e 62 65 68 61 76 69 6f 72 49 64 73 29 3b 73 79 6e 63 31 36 36 32 31 5f 69 61 28 74 68 69 73 2c 61 2e 62 65 68 61 76 69 6f 72 73 29 3b 73 79 6e 63 31 36 36 32 31 5f 6a 61 28 74 68 69 73 2c 61 2e 72 75 6c 65 42 75 69 6c 64 65 72 29 3b 61 3d 61 2e 64 65 63 6c 61 72 65 64 49 64 3b 76 61 72 20 62 3b 69 66 28 62 3d 61 29 62 3d 21 31 2c 61 26 26 73 79 6e 63 31 36 36 32 31 5f 78 28 61 29 3f 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 61 2e 69 64 7c 7c 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 61 2e 74 79 70 65 3f 73 79 6e 63 31 36 36 32 31 5f 2e 65 72 72 6f 72 28 22 44 65 63 6c 61 72 65 64 20 Data Ascii: his.R=this.P=this.j=null;sync16621_ha(this,a.behaviorIds);sync16621_ia(this,a.behaviors);sync16621_ja(this,a.ruleBuilder);a=a.declaredId;var b;if(b=a)b=!1,a&&sync16621_x(a)?"undefined"===typeof a.id\|\|"undefined"===typeof a.type?sync16621_.error("Declared
2024-10-28 23:06:32 UTC	7375	IN	Data Raw: 62 2c 63 29 7b 63 3d 76 6f 69 64 20 30 3d 3d 3d 63 3f 73 79 6e 63 31 36 36 32 31 5f 43 3a 63 3b 73 79 6e 63 31 36 36 32 31 5f 39 28 61 29 2e 74 68 65 6e 28 66 75 6e 63 74 69 6f 6e 28 64 29 7b 64 3d 73 79 6e 63 31 36 36 32 31 5f 5f 28 73 79 6e 63 31 36 36 32 31 5f 5a 28 73 79 6e 63 31 36 36 32 31 5f 58 28 73 79 6e 63 31 36 36 32 31 5f 59 28 73 79 6e 63 31 36 36 32 31 5f 57 28 73 79 6e 63 31 36 36 32 31 5f 56 28 73 79 6e 63 31 36 36 32 31 5f 53 28 73 79 6e 63 31 36 36 32 31 5f 55 28 73 79 6e 63 31 36 36 32 31 5f 54 28 6e 65 77 20 73 79 6e 63 31 36 36 32 31 5f 52 2c 61 2e 66 2e 61 2e 62 63 70 43 6c 69 65 6e 74 29 2c 21 30 29 2c 21 31 29 2c 61 2e 73 74 6f 72 61 67 65 2e 4d 28 29 29 2c 64 29 2c 61 2e 47 2e 6f 29 2c 73 79 6e 63 31 36 36 32 31 5f 33 28 61 2e 47 Data Ascii: b,c){c=void 0===c?sync16621_C:c;sync16621_9(a).then(function(d){d=sync16621__(sync16621_Z(sync16621_X(sync16621_Y(sync16621_W(sync16621_V(sync16621_S(sync16621_U(sync16621_T(new sync16621_R,a.f.a.bcpClient),!0),!1),a.storage.M()),d),a.G.o),sync16621_3(a.G

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:32 UTC	428	OUT	GET / HTTP/1.1 Host: hianime.to Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: _ga_R34F2GCSBW=GS1.1.1730156788.1.0.1730156788.0.0.0; _ga=GA1.1.525988088.1730156788
2024-10-28 23:06:33 UTC	1083	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 23:06:32 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-DNS-Prefetch-Control: on Expect-CT: max-age=0 Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-XSS-Protection: 1; mode=block Vary: Accept-Encoding cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqdzehq12fOb9Cu07%2FGt87zW38vcqTFrI1iZKNXRY1faLM%2BBHHoQXGunGD9%2FM%2Bsj18WloWQqQWBLgmr7TdiBat00a9dRA%2BLfpyZvMMsE5NdAmG5Swbgj2u4PN39l"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8d9e93b2add16b8f-DFW alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1081&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2823&recv_bytes=1006&delivery_rate=2642335&cwnd=247&unsent_bytes=0&cid=093360a38362c48b&ts=360&x=0"
2024-10-28 23:06:33 UTC	286	IN	Data Raw: 32 30 36 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 74 63 68 20 41 6e 69 6d 65 20 4f 6e 6c 69 6e 65 2c 20 46 72 65 65 20 41 6e 69 6d 65 20 53 74 72 65 61 6d 69 6e 67 20 4f 6e 6c 69 6e 65 20 6f 6e 20 48 69 41 6e 69 6d 65 2e 74 6f 20 41 6e 69 6d 65 20 57 65 62 73 69 74 65 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 64 65 78 2c 66 6f 6c 6c 6f 77 22 2f 3e 0a Data Ascii: 2068<!DOCTYPE html><html lang="en"><head> <title>Watch Anime Online, Free Anime Streaming Online on HiAnime.to Anime Website</title><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><meta name="robots" content="index,follow"/>
2024-10-28 23:06:33 UTC	1369	IN	Data Raw: 61 67 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 22 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 48 69 41 6e 69 6d 65 20 69 73 20 61 20 46 72 65 65 20 61 6e 69 6d 65 20 73 74 72 65 61 6d 69 6e 67 20 77 65 62 73 69 74 65 20 77 68 69 63 68 20 79 6f 75 20 63 61 6e 20 77 61 74 63 68 20 45 6e 67 6c 69 73 68 20 53 75 62 62 65 64 20 61 6e 64 20 44 75 62 62 65 64 20 41 6e 69 6d 65 20 6f 6e 6c 69 6e 65 20 77 69 74 68 20 4e 6f 20 41 63 63 6f 75 6e 74 20 61 6e 64 20 44 61 69 6c 79 20 75 70 64 61 74 65 2e 20 57 41 54 43 48 20 4e 4f 57 21 22 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 61 6e 69 6d 65 20 74 6f 20 77 61 74 63 68 2c 20 77 61 74 63 68 Data Ascii: age" content="en"/><meta name="description" content="HiAnime is a Free anime streaming website which you can watch English Subbed and Dubbed Anime online with No Account and Daily update. WATCH NOW!"/><meta name="keywords" content="anime to watch, watch
2024-10-28 23:06:33 UTC	1369	IN	Data Raw: 32 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2d 33 32 78 33 32 2e 70 6e 67 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2d 31 36 78 31 36 2e 70 6e 67 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 6d 61 73 6b 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 73 61 66 61 72 69 2d 70 69 6e 6e 65 64 2d 74 61 62 2e 73 76 67 22 20 63 6f 6c 6f 72 3d 22 23 66 66 62 61 64 65 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6d 73 61 70 70 6c 69 63 61 74 69 6f 6e 2d 54 69 6c 65 43 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 64 61 35 33 32 63 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 73 Data Ascii: 2" href="/favicon-32x32.png"><link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png"><link rel="mask-icon" href="/images/safari-pinned-tab.svg" color="#ffbade"><meta name="msapplication-TileColor" content="#da532c"><link rel="icon" s
2024-10-28 23:06:33 UTC	1369	IN	Data Raw: 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 78 77 72 61 70 70 65 72 22 3e 0a 20 20 20 20 3c 21 2d 2d 42 65 67 69 6e 3a 20 48 65 61 64 65 72 2d 2d 3e 0a 20 20 20 20 3c 64 69 76 20 69 64 3d 22 78 68 65 61 64 65 72 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 22 78 68 65 61 64 65 72 5f 62 72 6f 77 73 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 2d 62 74 6e 22 3e 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 62 61 72 73 20 6d 72 2d 32 22 3e 3c 2f 69 3e 4d 65 6e 75 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 Data Ascii: <body><div id="xwrapper"> ...Begin: Header--> <div id="xheader"> <div class="container"> <div id="xheader_browser"> <div class="header-btn"><i class="fas fa-bars mr-2"></i>Menu</div> </div>
2024-10-28 23:06:33 UTC	1369	IN	Data Raw: 63 3d 22 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2e 70 6e 67 3f 76 3d 30 2e 31 22 20 74 69 74 6c 65 3d 22 48 69 41 6e 69 6d 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6c 65 61 72 66 69 78 22 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 22 78 73 65 61 72 63 68 22 20 63 6c 61 73 73 3d 22 68 6f 6d 65 2d 73 65 61 72 63 68 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d Data Ascii: c="/images/logo.png?v=0.1" title="HiAnime"> </a> <div class="clearfix"></div> </div> <div id="xsearch" class="home-search"> <div class="search-
2024-10-28 23:06:33 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6c 61 73 73 3d 22 69 74 65 6d 22 3e 4d 79 20 48 65 72 6f 20 41 63 61 64 65 6d 69 61 20 53 65 61 73 6f 6e 20 37 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 2f 73 65 61 72 63 68 3f 6b 65 79 77 6f 72 64 3d 42 6c 75 65 25 32 30 4c 6f 63 6b 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6c 61 73 73 3d 22 69 74 65 6d 22 3e 42 6c 75 65 20 4c 6f 63 6b 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: class="item">My Hero Academia Season 7</a> <a href="/search?keyword=Blue%20Lock" class="item">Blue Lock</a>
2024-10-28 23:06:33 UTC	1173	IN	Data Raw: 20 20 20 20 63 6c 61 73 73 3d 22 69 74 65 6d 22 3e 53 68 61 6e 67 72 69 2d 4c 61 20 46 72 6f 6e 74 69 65 72 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6c 65 61 72 66 69 78 22 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 22 61 63 74 69 6f 6e 2d 62 75 74 74 6f 6e 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 2f 68 6f 6d 65 22 20 63 6c 61 73 73 3d 22 62 Data Ascii: class="item">Shangri-La Frontier</a> </div> <div class="clearfix"></div> <div id="action-button"> <a href="/home" class="b
2024-10-28 23:06:33 UTC	1369	IN	Data Raw: 34 35 32 38 0d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 77 62 2d 32 63 6f 6c 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 77 62 2d 6c 65 66 74 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 20 63 6c 61 73 73 3d 22 6d 77 2d 68 65 61 64 69 6e 67 22 3e 48 69 41 6e 69 6d 65 2e 74 6f 20 2d 20 54 68 65 20 62 65 73 74 20 73 69 74 65 20 74 6f 20 77 61 74 63 68 20 61 6e 69 6d 65 20 6f 6e 6c 69 6e 65 20 66 6f 72 20 46 72 65 65 3c 2f 68 31 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 44 6f 20 79 6f 75 20 6b 6e 6f 77 20 74 68 61 74 20 61 63 63 6f 72 64 69 6e 67 20 74 6f Data Ascii: 4528 <div class="mwb-2col"> <div class="mwb-left"> <h1 class="mw-heading">HiAnime.to - The best site to watch anime online for Free</h1> <p>Do you know that according to
2024-10-28 23:06:33 UTC	1369	IN	Data Raw: 72 20 63 6f 73 74 20 61 6e 64 20 77 65 20 6b 65 65 70 20 73 63 61 6e 6e 69 6e 67 20 74 68 65 20 61 64 73 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 32 34 2f 37 20 74 6f 20 6d 61 6b 65 20 73 75 72 65 20 61 6c 6c 20 61 72 65 20 63 6c 65 61 6e 2c 20 49 66 20 79 6f 75 20 66 69 6e 64 20 61 6e 79 20 61 64 73 20 74 68 61 74 20 69 73 20 73 75 73 70 69 63 69 6f 75 73 2c 20 70 6c 65 61 73 65 20 66 6f 72 77 61 72 64 20 75 73 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 65 20 69 6e 66 6f 20 61 6e 64 20 77 65 20 77 69 6c 6c 20 72 65 6d 6f 76 65 20 69 74 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 32 3e 33 2f 20 53 6f 20 77 68 Data Ascii: r cost and we keep scanning the ads 24/7 to make sure all are clean, If you find any ads that is suspicious, please forward us the info and we will remove it.</p> <h2>3/ So wh
2024-10-28 23:06:33 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 73 74 72 6f 6e 67 3e 51 75 61 6c 69 74 79 2f 52 65 73 6f 6c 75 74 69 6f 6e 3a 3c 2f 73 74 72 6f 6e 67 3e 20 41 6c 6c 20 74 69 74 6c 65 73 20 61 72 65 20 69 6e 20 65 78 63 65 6c 6c 65 6e 74 20 72 65 73 6f 6c 75 74 69 6f 6e 2c 20 74 68 65 20 62 65 73 74 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 71 75 61 6c 69 74 79 20 70 6f 73 73 69 62 6c 65 2e 20 48 69 41 6e 69 6d 65 2e 74 6f 20 61 6c 73 6f 20 68 61 73 20 61 20 71 75 61 6c 69 74 79 20 73 65 74 74 69 6e 67 20 66 75 6e 63 74 69 6f 6e 20 74 6f 20 6d 61 6b 65 20 73 75 72 65 20 6f 75 Data Ascii: </li> <li><strong>Quality/Resolution:</strong> All titles are in excellent resolution, the best quality possible. HiAnime.to also has a quality setting function to make sure ou

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:32 UTC	1352	OUT	GET /sc?event=pview&hostname=hianime.to&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fhianime.to%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Watch%20Anime%20Online%2C%20Free%20Anime%20Streaming%20Online%20on%20HiAnime.to%20Anime%20Website&cms=unknown&publisher=64a3d891df473b0019d1b0da&sop=true&version=st_sop.js&lang=en&description=HiAnime%20is%20a%20Free%20anime%20streaming%20website%20which%20you%20can%20watch%20English%20Subbed%20and%20Dubbed%20Anime%20online%20with%20No%20Account%20and%20Daily%20update.%20WATCH%20NOW!&ua=%22Google%20Chrome%22%3Bv%3D%22117%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22117%22&ua_mobile=false&ua_platform=Windows&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22117.0.5938.132%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22117.0.5938.132%22&ua_platform_version=10.0.0&uuid=a1ef854f-118b-457c-af69-f7096a1264b4&samesite=None HTTP/1.1 Host: l.sharethis.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
2024-10-28 23:06:32 UTC	494	IN	HTTP/1.1 200 OK Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: * Access-Control-Allow-Origin: * Access-Control-Expose-Headers: stid Access-Control-Max-Age: 1728000 Cache-Control: no-cache, no-store, must-revalidate Content-Type: text/plain; charset=utf-8 Date: Mon, 28 Oct 2024 23:06:32 GMT Stid: ZGqAAmcgGPYAAAAMeC0AAw== Strict-Transport-Security: max-age=63072000; includeSubDomains; X-Robots-Tag: noindex, nofollow Content-Length: 176 Connection: Close
2024-10-28 23:06:32 UTC	176	IN	Data Raw: 7b 22 66 70 65 73 74 69 64 22 3a 22 38 52 49 70 59 47 66 57 46 55 6b 2d 56 2d 4e 35 34 66 2d 7a 48 4b 4f 67 4e 61 74 48 73 56 65 42 75 41 49 66 56 4c 66 46 6f 44 68 62 4d 31 39 61 4c 6c 4a 59 49 38 79 6e 68 30 79 70 55 55 6d 67 44 48 30 31 35 67 22 2c 22 66 70 65 73 74 69 64 5f 6d 61 78 61 67 65 22 3a 33 31 35 33 35 39 39 38 2c 22 6c 6f 74 61 6d 65 22 3a 22 74 72 75 65 22 2c 22 73 74 61 74 75 73 22 3a 22 74 72 75 65 22 2c 22 73 74 69 64 22 3a 22 5a 47 71 41 41 6d 63 67 47 50 59 41 41 41 41 4d 65 43 30 41 41 77 3d 3d 22 7d Data Ascii: {"fpestid":"8RIpYGfWFUk-V-N54f-zHKOgNatHsVeBuAIfVLfFoDhbM19aLlJYI8ynh0ypUUmgDH015g","fpestid_maxage":31535998,"lotame":"true","status":"true","stid":"ZGqAAmcgGPYAAAAMeC0AAw=="}

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:33 UTC	550	OUT	HEAD / HTTP/1.1 Host: cswjpnmveybweu.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Content-Type: text/html Accept-Language: en sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://hianime.to Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br
2024-10-28 23:06:33 UTC	721	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 28 Oct 2024 23:06:33 GMT Content-Type: text/html Connection: close Vary: Accept-Encoding X-Traceid2: 6637b73e7612f1f77495368b42683c6f Vary: Origin Access-Control-Allow-Origin: https://hianime.to Access-Control-Expose-Headers: Link, X-Application-Token, X-Application-Key, X-Tag, X-Auth-Token, X-DirectionPartner-Id, X-ZoneType-Id, X-Hostname Access-Control-Allow-Credentials: true Timing-Allow-Origin: * Expires: Tue, 11 Jan 1994 10:00:00 GMT Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0 Pragma: no-cache X-Application-Key: 9779aa0477R07hGcrlrrc02zjk Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:33 UTC	413	OUT	GET /panorama.js HTTP/1.1 Host: platform-api.sharethis.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __stid=ZGqAAmcgGPYAAAAMeC0AAw==; __stidv=2
2024-10-28 23:06:34 UTC	605	IN	HTTP/1.1 200 OK Content-Type: application/javascript; charset=UTF-8 Content-Length: 39537 Connection: close Accept-Ranges: bytes Last-Modified: Wed, 16 Oct 2024 13:39:05 GMT X-Frame-Options: SAMEORIGIN Date: Mon, 28 Oct 2024 23:06:34 GMT Cache-Control: public, max-age=3600 ETag: W/"9a71-192958db4a8" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 3f2f1c546e63f10a66abd1c978af36f6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: AMS1-P3 X-Amz-Cf-Id: 2_KkeuGpxAWaFSflL4rvJXCaRi129srHnpDFw-PPJt4K04PHrOjhcA== Age: 835 Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-10-28 23:06:34 UTC	16384	IN	Data Raw: 76 61 72 20 6c 6f 74 61 6d 65 49 73 43 6f 6d 70 61 74 69 62 6c 65 20 3d 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 20 72 65 74 75 72 6e 20 28 20 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 6b 65 79 73 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 20 26 26 20 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 70 6f 73 74 4d 65 73 73 61 67 65 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 20 26 26 20 74 79 70 65 6f 66 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 20 26 26 20 74 79 70 65 6f 66 28 6e 65 77 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 28 29 2e 77 69 74 68 43 72 65 64 65 6e 74 69 61 6c 73 29 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 20 26 26 20 74 79 70 65 6f 66 20 63 6f 6e 73 6f 6c 65 20 21 3d 3d 20 27 Data Ascii: var lotameIsCompatible = function() { return ( typeof Object.keys !== 'undefined' && typeof window.postMessage !== 'undefined' && typeof XMLHttpRequest !== 'undefined' && typeof(new XMLHttpRequest().withCredentials) !== 'undefined' && typeof console !== '
2024-10-28 23:06:34 UTC	16384	IN	Data Raw: 27 22 2b 61 2e 69 64 2b 22 27 22 29 3a 73 79 6e 63 31 36 36 32 31 5f 2e 65 72 72 6f 72 28 22 44 65 63 6c 61 72 65 64 20 49 44 20 6f 62 6a 65 63 74 20 74 79 70 65 20 6d 75 73 74 20 6f 6e 65 20 6f 66 20 22 2b 73 79 6e 63 31 36 36 32 31 5f 76 2e 6a 6f 69 6e 28 29 2b 22 2c 20 66 6f 75 6e 64 20 27 22 2b 61 2e 74 79 70 65 2b 22 27 22 29 3a 73 79 6e 63 31 36 36 32 31 5f 2e 65 72 72 6f 72 28 22 44 65 63 6c 61 72 65 64 20 49 44 20 73 68 6f 75 6c 64 20 62 65 20 61 6e 20 6f 62 6a 65 63 74 22 29 3b 62 26 26 28 74 68 69 73 2e 68 3d 61 29 7d 73 79 6e 63 31 36 36 32 31 5f 67 28 73 79 6e 63 31 36 36 32 31 5f 77 2c 73 79 6e 63 31 36 36 32 31 5f 74 29 3b 20 66 75 6e 63 74 69 6f 6e 20 73 79 6e 63 31 36 36 32 31 5f 68 61 28 61 2c 62 29 7b 62 26 26 28 41 72 72 61 79 2e 69 73 Data Ascii: '"+a.id+"'"):sync16621_.error("Declared ID object type must one of "+sync16621_v.join()+", found '"+a.type+"'"):sync16621_.error("Declared ID should be an object");b&&(this.h=a)}sync16621_g(sync16621_w,sync16621_t); function sync16621_ha(a,b){b&&(Array.is
2024-10-28 23:06:34 UTC	6769	IN	Data Raw: 20 30 3d 3d 3d 64 3f 22 64 61 74 61 22 3a 64 2c 63 29 2c 7b 6d 65 74 68 6f 64 3a 22 50 4f 53 54 22 2c 64 61 74 61 3a 62 2c 4a 61 3a 66 75 6e 63 74 69 6f 6e 28 68 29 7b 61 2e 48 61 3d 6e 65 77 20 73 79 6e 63 31 36 36 32 31 5f 4f 28 68 2c 61 2e 66 29 3b 66 28 61 2e 48 61 29 7d 2c 65 72 72 6f 72 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 67 29 7b 73 79 6e 63 31 36 36 32 31 5f 2e 65 72 72 6f 72 28 22 41 62 6f 72 74 69 6e 67 20 64 75 65 20 74 6f 20 65 72 72 6f 72 20 63 6f 6e 74 61 63 74 69 6e 67 20 4c 6f 74 61 6d 65 27 73 20 73 65 72 76 65 72 73 2e 20 45 72 72 6f 72 20 72 65 61 73 6f 6e 20 77 61 73 20 27 22 2b 28 76 6f 69 64 20 30 3d 3d 3d 67 3f 22 20 6e 6f 74 20 70 72 6f 76 69 64 65 64 22 3a 67 29 2b 22 27 2e 22 29 7d 7d 29 7d 20 73 79 6e 63 31 36 36 32 31 5f 47 61 Data Ascii: 0===d?"data":d,c),{method:"POST",data:b,Ja:function(h){a.Ha=new sync16621_O(h,a.f);f(a.Ha)},error:function(h,g){sync16621_.error("Aborting due to error contacting Lotame's servers. Error reason was '"+(void 0===g?" not provided":g)+"'.")}})} sync16621_Ga

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:34 UTC	602	OUT	POST /6/map HTTP/1.1 Host: bcp.crwdcntrl.net Connection: keep-alive Content-Length: 439 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: text/plain;charset=UTF-8 Accept: / Origin: https://hianime.to Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:34 UTC	439	OUT	Data Raw: 7b 22 72 22 3a 7b 22 72 69 64 22 3a 74 72 75 65 7d 2c 22 6d 22 3a 7b 22 64 63 63 22 3a 31 36 36 32 31 2c 22 73 72 63 22 3a 22 53 59 4e 43 4a 53 22 2c 22 63 68 22 3a 7b 22 62 72 61 6e 64 73 22 3a 5b 7b 22 62 72 61 6e 64 22 3a 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 31 31 37 22 7d 2c 7b 22 62 72 61 6e 64 22 3a 22 4e 6f 74 3b 41 3d 42 72 61 6e 64 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 38 22 7d 2c 7b 22 62 72 61 6e 64 22 3a 22 43 68 72 6f 6d 69 75 6d 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 31 31 37 22 7d 5d 2c 22 66 75 6c 6c 56 65 72 73 69 6f 6e 4c 69 73 74 22 3a 5b 7b 22 62 72 61 6e 64 22 3a 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 22 7d Data Ascii: {"r":{"rid":true},"m":{"dcc":16621,"src":"SYNCJS","ch":{"brands":[{"brand":"Google Chrome","version":"117"},{"brand":"Not;A=Brand","version":"8"},{"brand":"Chromium","version":"117"}],"fullVersionList":[{"brand":"Google Chrome","version":"117.0.5938.132"}
2024-10-28 23:06:34 UTC	642	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 23:06:34 GMT Content-Type: application/json;charset=utf-8 Content-Length: 235 Connection: close P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Cache-Control: no-cache Pragma: no-cache Expires: 0 X-Server: 10.45.24.94 Set-Cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 25-Jul-2025 23:07:00 GMT;SameSite=None;Secure Set-Cookie: _cc_id=4314c53bf0a50ee26fb672e299b0eb35;Path=/;Domain=crwdcntrl.net;Expires=Fri, 25-Jul-2025 23:07:00 GMT;SameSite=None;Secure Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: https://hianime.to Server: Jetty(9.4.38.v20210224)
2024-10-28 23:06:34 UTC	235	IN	Data Raw: 7b 22 70 69 64 22 3a 22 34 33 31 34 63 35 33 62 66 30 61 35 30 65 65 32 36 66 62 36 37 32 65 32 39 39 62 30 65 62 33 35 22 2c 22 63 22 3a 5b 7b 22 6b 22 3a 22 5f 63 63 5f 69 64 22 2c 22 76 22 3a 22 34 33 31 34 63 35 33 62 66 30 61 35 30 65 65 32 36 66 62 36 37 32 65 32 39 39 62 30 65 62 33 35 22 2c 22 65 22 3a 32 33 33 32 38 30 30 30 7d 5d 2c 22 69 64 73 22 3a 5b 7b 22 69 22 3a 22 38 30 61 65 33 62 63 36 65 36 66 37 39 31 64 36 33 37 38 62 37 32 62 33 61 61 34 62 31 38 35 63 61 30 32 63 32 36 30 65 33 63 36 31 62 35 66 63 65 34 66 36 33 34 34 32 65 36 36 34 37 66 39 30 22 2c 22 74 22 3a 22 63 22 2c 22 63 22 3a 22 63 6f 72 65 22 2c 22 65 22 3a 22 31 37 33 30 37 36 31 35 39 34 32 32 37 22 7d 5d 7d Data Ascii: {"pid":"4314c53bf0a50ee26fb672e299b0eb35","c":[{"k":"_cc_id","v":"4314c53bf0a50ee26fb672e299b0eb35","e":23328000}],"ids":[{"i":"80ae3bc6e6f791d6378b72b3aa4b185ca02c260e3c61b5fce4f63442e6647f90","t":"c","c":"core","e":"1730761594227"}]}

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:34 UTC	517	OUT	GET /5/6534229 HTTP/1.1 Host: wejeestuze.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://hianime.to/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:35 UTC	1379	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 28 Oct 2024 23:06:34 GMT Content-Type: application/javascript Content-Length: 75863 Connection: close X-Trace-Id: 7e6060dc827256531fd73182e5d67b8f Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" Accept-Ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon Access-Control-Max-Age: 86400 Pragma: no-cache Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires: Tue, 11 Jan 1994 10:00:00 GMT Timing-Allow-Origin: * Set-Cookie: OAID=008103a728344721f89b0f64a5fc3c27; expires=Tue, 28 Oct 2025 23:06:34 GMT; path=/; secure; SameSite=None Set-Cookie: oaidts=1730156794; expires=Tue, 28 Oct 2025 23:06:34 GMT; path=/; secure; SameSite=None Set-Cookie: syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT Pragma: no-cache Cache-Control: no-store, no-cache, must-revalidate, max-age=0 Expires: Mon, 26 Jul 1997 05:00:00 GMT
2024-10-28 23:06:35 UTC	15005	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 6c 63 7a 78 73 75 73 69 6e 29 20 7b 28 66 75 6e 63 74 69 6f 6e 28 7a 2c 72 4b 2c 4b 4b 2c 6a 4b 29 7b 28 28 29 3d 3e 7b 76 61 72 20 49 3d 7a 2e 5a 72 28 29 2c 59 6e 3d 7a 2e 45 62 5b 7a 2e 59 62 5d 28 7a 2e 65 29 5b 7a 2e 51 6a 5d 28 29 5b 7a 2e 69 72 5d 28 7a 2e 65 29 3b 74 79 70 65 6f 66 20 72 4b 3c 7a 2e 78 26 26 28 49 5b 7a 2e 76 72 5d 3d 72 4b 2c 74 79 70 65 6f 66 20 72 4b 5b 7a 2e 51 72 5d 3c 7a 2e 78 26 26 28 49 5b 7a 2e 56 6a 5d 3d 72 4b 5b 7a 2e 51 72 5d 29 29 3b 74 79 70 65 6f 66 20 4b 4b 3c 7a 2e 78 26 26 28 49 5b 7a 2e 4f 72 5d 3d 4b 4b 2c 49 5b 7a 2e 77 4b 5d 3d 4b 4b 5b 59 6e 5d 29 3b 74 79 70 65 6f 66 20 6a 4b 3c 7a 2e 78 26 26 28 49 5b 7a 2e 53 72 5d 3d 6a 4b 29 3b 66 75 6e 63 74 69 6f 6e 20 6c 72 28 29 7b 76 Data Ascii: (function(lczxsusin) {(function(z,rK,KK,jK){(()=>{var I=z.Zr(),Yn=z.Eb[z.Yb](z.e)[z.Qj]()[z.ir](z.e);typeof rK<z.x&&(I[z.vr]=rK,typeof rK[z.Qr]<z.x&&(I[z.Vj]=rK[z.Qr]));typeof KK<z.x&&(I[z.Or]=KK,I[z.wK]=KK[Yn]);typeof jK<z.x&&(I[z.Sr]=jK);function lr(){v
2024-10-28 23:06:35 UTC	16384	IN	Data Raw: 7b 61 64 64 4f 76 65 72 6c 61 79 3a 6f 2c 73 6d 61 72 74 4f 76 65 72 6c 61 79 3a 61 2c 6f 6e 63 6c 69 63 6b 46 69 72 73 74 3a 73 2c 6f 6e 63 6c 69 63 6b 46 69 72 73 74 55 6c 74 69 6d 61 74 65 3a 64 7d 3d 72 3b 74 72 79 7b 69 66 28 21 6f 26 26 21 61 26 26 21 73 26 26 21 64 29 72 65 74 75 72 6e 20 67 28 7a 2e 57 59 29 3b 54 74 7c 7c 67 28 7a 2e 63 59 29 3b 6c 65 74 20 5b 63 5d 3d 65 5b 7a 2e 77 4d 5d 28 72 29 3b 69 66 28 69 5b 7a 2e 76 72 5d 5b 7a 2e 54 67 5d 26 26 4f 74 21 3d 3d 69 5b 7a 2e 76 72 5d 5b 7a 2e 54 67 5d 5b 7a 2e 44 43 5d 26 26 73 65 74 54 69 6d 65 6f 75 74 28 28 29 3d 3e 7b 4f 74 3d 69 5b 7a 2e 76 72 5d 5b 7a 2e 54 67 5d 5b 7a 2e 44 43 5d 7d 2c 7a 2e 50 67 29 2c 63 26 26 21 65 5b 7a 2e 64 4d 5d 28 72 29 29 7b 6c 65 74 20 6c 3d 59 72 28 72 29 Data Ascii: {addOverlay:o,smartOverlay:a,onclickFirst:s,onclickFirstUltimate:d}=r;try{if(!o&&!a&&!s&&!d)return g(z.WY);Tt\|\|g(z.cY);let [c]=e[z.wM](r);if(i[z.vr][z.Tg]&&Ot!==i[z.vr][z.Tg][z.DC]&&setTimeout(()=>{Ot=i[z.vr][z.Tg][z.DC]},z.Pg),c&&!e[z.dM](r)){let l=Yr(r)
2024-10-28 23:06:35 UTC	16384	IN	Data Raw: 6e 20 67 6e 28 74 2c 65 29 7b 69 66 28 74 26 26 56 74 28 29 3d 3d 3d 7a 2e 73 29 7b 70 6e 3d 21 7a 2e 6c 2c 7a 74 3d 7a 2e 65 5b 7a 2e 57 4b 5d 28 4d 61 74 68 5b 7a 2e 4e 4d 5d 28 29 5b 7a 2e 58 4d 5d 28 7a 2e 75 45 29 5b 7a 2e 43 6b 5d 28 7a 2e 51 76 29 2c 7a 2e 79 47 29 5b 7a 2e 57 4b 5d 28 4d 61 74 68 5b 7a 2e 4e 4d 5d 28 29 5b 7a 2e 58 4d 5d 28 7a 2e 75 45 29 5b 7a 2e 43 6b 5d 28 7a 2e 54 72 29 29 3b 76 61 72 20 72 3d 28 65 7c 7c 5b 5d 29 5b 7a 2e 4b 4d 5d 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 76 61 72 20 6f 3d 28 6e 5b 7a 2e 4c 4b 5d 28 7a 2e 4c 6a 28 7a 2e 6a 70 2c 7a 2e 65 29 29 7c 7c 5b 5d 29 5b 7a 2e 75 6a 5d 28 29 7c 7c 76 6f 69 64 20 7a 2e 6c 3b 72 65 74 75 72 6e 20 7a 2e 5a 72 28 7a 2e 65 53 2c 66 6e 2c 7a 2e 74 53 2c 7a 74 2c 7a 2e 41 53 2c Data Ascii: n gn(t,e){if(t&&Vt()===z.s){pn=!z.l,zt=z.e[z.WK](Math[z.NM]()[z.XM](z.uE)[z.Ck](z.Qv),z.yG)[z.WK](Math[z.NM]()[z.XM](z.uE)[z.Ck](z.Tr));var r=(e\|\|[])[z.KM](function(n){var o=(n[z.LK](z.Lj(z.jp,z.e))\|\|[])[z.uj]()\|\|void z.l;return z.Zr(z.eS,fn,z.tS,zt,z.AS,
2024-10-28 23:06:35 UTC	16384	IN	Data Raw: 2b 3d 52 6e 2c 73 65 74 54 69 6d 65 6f 75 74 28 28 29 3d 3e 7b 72 28 74 29 7d 2c 72 72 29 2c 73 65 74 54 69 6d 65 6f 75 74 28 28 29 3d 3e 7b 72 72 3d 7a 2e 6c 7d 2c 52 6e 2a 28 65 3f 46 6e 3a 5f 6e 29 5b 7a 2e 52 72 5d 29 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 6e 72 28 74 2c 65 2c 72 29 7b 28 65 3f 46 6e 3a 5f 6e 29 5b 7a 2e 57 5d 28 6e 3d 3e 7b 74 5b 7a 2e 6b 6a 5d 3f 74 5b 7a 2e 6b 6a 5d 28 6e 2c 6f 3d 3e 7b 55 6e 28 6f 2c 65 2c 72 29 7d 29 3a 74 5b 7a 2e 4b 68 2b 6e 5d 3d 6f 3d 3e 7b 55 6e 28 6f 2c 65 2c 72 29 7d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 4e 65 28 74 2c 65 3d 7a 2e 4c 29 7b 66 65 74 63 68 28 74 29 5b 7a 2e 4e 5d 28 72 3d 3e 7b 72 5b 7a 2e 5a 76 5d 21 3d 3d 7a 2e 53 6b 26 26 65 3c 7a 2e 76 26 26 4e 65 28 74 2c 65 2b 7a 2e 4c 29 7d 29 5b 7a 2e 76 Data Ascii: +=Rn,setTimeout(()=>{r(t)},rr),setTimeout(()=>{rr=z.l},Rn*(e?Fn:_n)[z.Rr]))};function nr(t,e,r){(e?Fn:_n)[z.W](n=>{t[z.kj]?t[z.kj](n,o=>{Un(o,e,r)}):t[z.Kh+n]=o=>{Un(o,e,r)}})}function Ne(t,e=z.L){fetch(t)[z.N](r=>{r[z.Zv]!==z.Sk&&e<z.v&&Ne(t,e+z.L)})[z.v
2024-10-28 23:06:35 UTC	11706	IN	Data Raw: 70 71 5a 6d 79 71 27 2c 43 43 3a 27 61 62 71 7a 48 75 6d 50 71 65 77 66 61 62 58 75 7a 77 42 61 62 67 7a 70 71 64 31 27 2c 47 43 3a 27 61 62 71 7a 48 75 6d 50 71 65 77 66 61 62 58 75 7a 77 42 61 62 67 7a 70 71 64 27 2c 68 43 3a 27 71 6d 64 78 6b 2d 6f 78 75 6f 77 2d 62 7a 65 27 2c 76 43 3a 27 66 6d 64 73 71 66 46 61 67 6f 74 71 65 27 2c 4f 43 3a 27 61 62 71 7a 42 61 62 67 7a 70 71 64 27 2c 57 43 3a 27 64 71 66 67 64 7a 3d 27 2c 63 43 3a 27 61 6d 75 70 27 2c 70 43 3a 27 6f 6d 66 47 64 78 27 2c 42 43 3a 27 64 71 79 61 68 71 51 68 71 7a 66 58 75 65 66 71 7a 71 64 27 2c 51 43 3a 27 64 75 70 2e 71 78 61 65 7a 61 6f 27 2c 56 43 3a 27 64 71 73 73 67 6e 71 70 27 2c 48 43 3a 27 62 64 71 68 75 61 67 65 4f 78 75 6f 77 27 2c 6e 43 3a 27 65 6f 64 75 62 66 58 61 6d 70 Data Ascii: pqZmyq',CC:'abqzHumPqewfabXuzwBabgzpqd1',GC:'abqzHumPqewfabXuzwBabgzpqd',hC:'qmdxk-oxuow-bze',vC:'fmdsqfFagotqe',OC:'abqzBabgzpqd',WC:'dqfgdz=',cC:'amup',pC:'omfGdx',BC:'dqyahqQhqzfXuefqzqd',QC:'dup.qxaezao',VC:'dqssgnqp',HC:'bdqhuageOxuow',nC:'eodubfXamp

Timestamp	Bytes transferred	Direction	Data
2024-10-28 23:06:34 UTC	342	OUT	GET / HTTP/1.1 Host: cswjpnmveybweu.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 23:06:35 UTC	313	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 28 Oct 2024 23:06:35 GMT Content-Type: text/html; charset=utf-8 Content-Length: 361 Connection: close Vary: Accept-Encoding Accept-Ranges: bytes Last-Modified: Wed, 25 Sep 2024 14:19:36 GMT Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff
2024-10-28 23:06:35 UTC	361	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 20 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 55 6e 64 65 72 20 63 6f 6e 73 74 72 75 63 74 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 22 3e 0a 3c 68 31 20 73 74 79 6c Data Ascii: <!DOCTYPE html><html lang="en" style="height: 100%"><head> <meta charset="UTF-8"> <title>Under construction</title></head><body style="display: flex; flex-direction: column; align-items: center; justify-content: center; height: 100%"><h1 styl