hanklee.net Open in urlscan Pro
109.202.99.151 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Submission: On January 21 via api (January 21st 2021, 2:22:15 pm UTC) from BR

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 31 domains to perform 46 HTTP transactions. The main IP is 109.202.99.151, located in Netherlands and belongs to GLOBALLAYER, NL. The main domain is hanklee.net.

This is the only time hanklee.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	109.202.99.151 109.202.99.151	57172 (GLOBALLAYER) (GLOBALLAYER)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700:7::... 2606:4700:7::a29f:892c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.148.77 104.17.148.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81d::2016	15169 (GOOGLE) (GOOGLE)
1	67.202.92.15 67.202.92.15	32748 (STEADFAST) (STEADFAST)
1	104.75.89.168 104.75.89.168	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:3::84 2a04:4e42:3::84	54113 (FASTLY) (FASTLY)
1	193.126.240.146 193.126.240.146	2860 (NOS_COMUN...) (NOS_COMUNICACOES)
1	2a02:26f0:6c0... 2a02:26f0:6c00:292::2e0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.217.32.228 52.217.32.228	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	65.9.83.71 65.9.83.71	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::6815:56dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	136.243.111.164 136.243.111.164	24940 (HETZNER-AS) (HETZNER-AS)
1	104.155.159.57 104.155.159.57	15169 (GOOGLE) (GOOGLE)
1	213.246.108.216 213.246.108.216	8622 (ISIONUK N...) (ISIONUK Namesco Limited)
1	65.9.83.31 65.9.83.31	16509 (AMAZON-02) (AMAZON-02)
1	151.101.114.152 151.101.114.152	54113 (FASTLY) (FASTLY)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1 2	192.229.233.122 192.229.233.122	15133 (EDGECAST) (EDGECAST)
1	59.106.13.31 59.106.13.31	9370 (SAKURA-B ...) (SAKURA-B SAKURA Internet Inc.)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:29c::19fe	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2606:4700:303... 2606:4700:3034::ac43:aff0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.83.16 65.9.83.16	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
2	104.22.52.65 104.22.52.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	32

4 109.202.99.151 (Netherlands)

ASN57172 (GLOBALLAYER, NL)
PTR: hosted-by.gbukhost.co.uk

hanklee.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:892c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn130.picsart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.148.77 (United States)

ASN13335 (CLOUDFLARENET, US)

ugc.kn3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.92.15 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: s15.wpxhosting.com

www.stealthsecrets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.168 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-168.deploy.static.akamaitechnologies.com

wallpapers.filmibeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::84 (Ascension Island)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.126.240.146 (Lisbon, Portugal)

ASN2860 (NOS_COMUNICACOES, PT)
PTR: websites.iolnegocios.com

www.iol.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:292::2e0b (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.32.228 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

thefirearmsforum.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.83.71 (Seattle, United States)

ASN16509 (AMAZON-02, US)

camo.envatousercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:56dc (United States)

ASN13335 (CLOUDFLARENET, US)

gallery.fansshare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.111.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

images.fashionmodeldirectory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.155.159.57 (United States)

ASN15169 (GOOGLE, US)

brightideas.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.246.108.216 (United Kingdom)

ASN8622 (ISIONUK Namesco Limited, GB)

www.littleprincesses.org.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.83.31 (Seattle, United States)

ASN16509 (AMAZON-02, US)

i458.photobucket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.152 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

imgv2-2-f.scribdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.233.122 (Los Angeles, United States) 1 redirects

ASN15133 (EDGECAST, US)

thumbs.dreamstime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 59.106.13.31 (Osaka, Japan)

ASN9370 (SAKURA-B SAKURA Internet Inc., JP)

www.avocado.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:29c::19fe (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

images-americanas.b2w.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:aff0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

s3.studylib.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.83.16 (Seattle, United States)

ASN16509 (AMAZON-02, US)

media.istockphoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.52.65 (United States)

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

dorothydrawing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	dorothydrawing.com dorothydrawing.com
4	gstatic.com encrypted-tbn0.gstatic.com	29 KB
4	hanklee.net hanklee.net	38 KB
3	ytimg.com i.ytimg.com	328 KB
2	statcounter.com www.statcounter.com c.statcounter.com	13 KB
2	studylib.net 1 redirects s3.studylib.net	73 KB
2	dreamstime.com 1 redirects thumbs.dreamstime.com	110 KB
2	fashionmodeldirectory.com 1 redirects images.fashionmodeldirectory.com	901 KB
2	blogspot.com 1.bp.blogspot.com 3.bp.blogspot.com	331 KB
1	cloudflare.com cdnjs.cloudflare.com	28 KB
1	istockphoto.com media.istockphoto.com	202 KB
1	b2w.io images-americanas.b2w.io	331 KB
1	wp.com i0.wp.com	27 KB
1	avocado.co.jp www.avocado.co.jp	335 KB
1	twimg.com pbs.twimg.com	81 KB
1	scribdassets.com imgv2-2-f.scribdassets.com	80 KB
1	photobucket.com i458.photobucket.com	59 KB
1	littleprincesses.org.uk www.littleprincesses.org.uk	146 KB
1	brightideas.co brightideas.co	405 KB
1	fansshare.com gallery.fansshare.com	878 B
1	envatousercontent.com camo.envatousercontent.com	46 KB
1	amazonaws.com thefirearmsforum.s3.amazonaws.com	3 MB
1	shopify.com cdn.shopify.com	135 KB
1	iol.pt www.iol.pt	127 KB
1	pinimg.com i.pinimg.com	172 KB
1	filmibeat.com wallpapers.filmibeat.com	123 KB
1	stealthsecrets.com www.stealthsecrets.com	231 KB
1	kn3.net ugc.kn3.net	122 KB
1	picsart.com cdn130.picsart.com	411 KB
1	fontawesome.com use.fontawesome.com	401 KB
0	Failed function sub() { [native code] }. Failed
46	31

	Domain	Requested by
4	dorothydrawing.com	hanklee.net
4	encrypted-tbn0.gstatic.com	hanklee.net
4	hanklee.net	hanklee.net
3	i.ytimg.com	hanklee.net
2	s3.studylib.net	1 redirects hanklee.net
2	thumbs.dreamstime.com	1 redirects hanklee.net
2	images.fashionmodeldirectory.com	1 redirects hanklee.net
1	c.statcounter.com	www.statcounter.com
1	cdnjs.cloudflare.com	hanklee.net
1	www.statcounter.com	hanklee.net
1	media.istockphoto.com	hanklee.net
1	images-americanas.b2w.io	hanklee.net
1	3.bp.blogspot.com	hanklee.net
1	i0.wp.com	hanklee.net
1	www.avocado.co.jp	hanklee.net
1	pbs.twimg.com	hanklee.net
1	imgv2-2-f.scribdassets.com	hanklee.net
1	i458.photobucket.com	hanklee.net
1	www.littleprincesses.org.uk	hanklee.net
1	brightideas.co	hanklee.net
1	gallery.fansshare.com	hanklee.net
1	camo.envatousercontent.com	hanklee.net
1	1.bp.blogspot.com	hanklee.net
1	thefirearmsforum.s3.amazonaws.com	hanklee.net
1	cdn.shopify.com	hanklee.net
1	www.iol.pt	hanklee.net
1	i.pinimg.com	hanklee.net
1	wallpapers.filmibeat.com	hanklee.net
1	www.stealthsecrets.com	hanklee.net
1	ugc.kn3.net	hanklee.net
1	cdn130.picsart.com	hanklee.net
1	use.fontawesome.com	hanklee.net
0	Failed	hanklee.net
46	33

This site contains no links.

Subject Issuer	Validity	Valid
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.picsart.com Sectigo RSA Domain Validation Secure Server CA	`2019-08-18` - `2021-08-17`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
stealthsecrets.com Let's Encrypt Authority X3	`2020-11-30` - `2021-02-28`	3 months	crt.sh
greynium.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-06` - `2021-04-08`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.iol.pt GeoTrust RSA CA 2018	`2020-06-19` - `2021-09-18`	a year	crt.sh
cdn.shopify.com Let's Encrypt Authority X3	`2020-11-12` - `2021-02-10`	3 months	crt.sh
camo.envatousercontent.com Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh
images.fashionmodeldirectory.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
www.littleprincesses.org.uk Sectigo RSA Domain Validation Secure Server CA	`2020-12-15` - `2022-01-15`	a year	crt.sh
photobucket.com Amazon	`2020-10-05` - `2021-11-04`	a year	crt.sh
*.scribdassets.com R3	`2020-12-18` - `2021-03-18`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.dreamstime.com DigiCert SHA2 Secure Server CA	`2020-07-14` - `2022-07-19`	2 years	crt.sh
avocado.co.jp Let's Encrypt Authority X3	`2020-11-23` - `2021-02-21`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
b2wdigital.com DigiCert SHA2 Secure Server CA	`2020-07-14` - `2021-07-14`	a year	crt.sh
media.gettyimages.com Amazon	`2020-05-09` - `2021-06-09`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-11-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Frame ID: 3A9C82DA13CB6AAE44F678C98710BDE6
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bulma (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bulma(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Page Statistics

46
Requests

65 %
HTTPS

39 %
IPv6

31
Domains

33
Subdomains

32
IPs

7
Countries

8407 kB
Transfer

9262 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://images.fashionmodeldirectory.com/model/000000355858-alisar_ailabouni-fullsize.jpg HTTP 302
https://images.fashionmodeldirectory.com/images/models/13513/alisar-ailabouni-355858-fullsize.jpg

Request Chain 25

http://thumbs.dreamstime.com/z/litterbug-14493971.jpg HTTP 301
https://thumbs.dreamstime.com/z/litterbug-14493971.jpg

Request Chain 30

http://s3.studylib.net/store/data/006906865_1-032fc58dcd1067b40f5cd9e2c8959a79.png HTTP 301
https://s3.studylib.net/store/data/006906865_1-032fc58dcd1067b40f5cd9e2c8959a79.png

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request visit-candydollchan-net-candydoll-downloads-candydollchan.html Show response
hanklee.net/ 70 KB
11 KB 87ms
54ms Document
text/html 109.202.99.151
GLOBALLAYER

General

Check archive.org

Show headers Download Go to

Full URL

http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

HTTP/1.1

Server

109.202.99.151 , Netherlands, ASN57172 (GLOBALLAYER, NL),

Reverse DNS

hosted-by.gbukhost.co.uk

Software

nginx-rc /

Resource Hash

a500c1042597213dc017c95e38d8e5673942f6ee3cddcab579d35d96c36f7606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: hanklee.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx-rc
Date: Thu, 21 Jan 2021 14:21:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK bulma.css
hanklee.net/themes/okeokeaja/assets/css/ 190 KB
26 KB 47ms
35ms Stylesheet
text/css 109.202.99.151
GLOBALLAYER

General

Check archive.org

Show headers Download Go to

Full URL

http://hanklee.net/themes/okeokeaja/assets/css/bulma.css

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

HTTP/1.1

Server

109.202.99.151 , Netherlands, ASN57172 (GLOBALLAYER, NL),

Reverse DNS

hosted-by.gbukhost.co.uk

Software

nginx-rc /

Resource Hash

491f417160c58de369a6a7eca14b74cdf37407821e77cd84dfdd8f045395db40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Jan 2020 16:52:22 GMT
Server: nginx-rc
ETag: W/"5e18abc6-2f78e"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sat, 20 Feb 2021 14:21:55 GMT

GET
H/1.1 200
OK custom.css
hanklee.net/themes/okeokeaja/assets/css/ 179 B
601 B 63ms
45ms Stylesheet
text/css 109.202.99.151
GLOBALLAYER

General

Check archive.org

Show headers Download Go to

Full URL

http://hanklee.net/themes/okeokeaja/assets/css/custom.css

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

HTTP/1.1

Server

109.202.99.151 , Netherlands, ASN57172 (GLOBALLAYER, NL),

Reverse DNS

hosted-by.gbukhost.co.uk

Software

nginx-rc /

Resource Hash

cfafb5554eb14be3ebefbee9f234c78aa658be5b5d200b789495fc9f54a7a2f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Sep 2020 11:34:27 GMT
Server: nginx-rc
ETag: "5f649b43-b3"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179
X-XSS-Protection: 1; mode=block
Expires: Sat, 20 Feb 2021 14:21:55 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.3.1/js/ 963 KB
401 KB 158ms
31ms Script
application/javascript 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/js/all.js
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8cb270b4d9485a93b31df98113fda8723ffc067fa7bfa90cedd47b76f7b10be1

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
content-encoding: gzip
last-modified: Tue, 28 Aug 2018 18:00:39 GMT
server: NetDNA-cache/2.2
etag: W/"d0482db440697a659af4980d2e841891"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 321108506574201.gif
cdn130.picsart.com/ 410 KB
411 KB 66ms
44ms Image
image/gif 2606:4700:7::a29f:892c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn130.picsart.com/321108506574201.gif
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:892c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74eb004f5e46a5e024014f51189dfa8520c7db675e51d64a9c810d9b64cdd1fd

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:55 GMT
cf-cache-status: HIT
age: 98390
content-length: 419550
cf-request-id: 07c6ebd76a00002b7df521d000000001
pragma: public
server: cloudflare
etag: W/"33-94d078899561b3084fa0943d2b87b49014b5282e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 6151af38ac772b7d-FRA
link: <https://cdn130.picsart.com/321108506574201.gif>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1438632762464.jpg
ugc.kn3.net/i/760x/https://img.4plebs.org/boards/pol/image/1438/63/ 122 KB
122 KB 405ms
348ms Image
image/jpeg 104.17.148.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ugc.kn3.net/i/760x/https://img.4plebs.org/boards/pol/image/1438/63/1438632762464.jpg
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.148.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 440f897d7f8a518f16d6d73cd8ba95f457f06020a8b92ad267b69f60e4a89045

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:56 GMT
CF-Cache-Status: MISS
Server: cloudflare
Etag: "8307172e9207108f5432f4cfe7769bd54c636fba"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6151af38eefe10c1-CPH
Content-Length: 124701
cf-request-id: 07c6ebd793000010c176227000000001
Expires: Fri, 21 Jan 2022 14:21:56 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/0FQoxo25LA8/ 84 KB
84 KB 49ms
25ms Image
image/jpeg 2a00:1450:4001:81d::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/0FQoxo25LA8/maxresdefault.jpg

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b38275e766b58e461f1918adc2bc387a31bb7623caf10212b20c7cd072b9db71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:55 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86153
x-xss-protection: 0
expires: Thu, 21 Jan 2021 16:21:55 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/LsAnchsIpa8/ 107 KB
107 KB 63ms
38ms Image
image/jpeg 2a00:1450:4001:81d::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/LsAnchsIpa8/maxresdefault.jpg

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35f038aa8ff62009dc44059ec1c64610250a2f368efdbe5a36d8febd67bab40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:55 GMT
x-content-type-options: nosniff
server: sffe
etag: "1579254562"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109123
x-xss-protection: 0
expires: Thu, 21 Jan 2021 16:21:55 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/Fu_NSbb6E0Q/ 137 KB
137 KB 75ms
50ms Image
image/jpeg 2a00:1450:4001:81d::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Fu_NSbb6E0Q/maxresdefault.jpg

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f022ea36a752fe807b3320a4d86198d8bcb9fc04227542d9cdba01d344b4cd51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:55 GMT
x-content-type-options: nosniff
server: sffe
etag: "1439388009"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139863
x-xss-protection: 0
expires: Thu, 21 Jan 2021 16:21:55 GMT

GET
H2 200 azayablue.png
www.stealthsecrets.com/wp-content/uploads/2016/08/ 231 KB
231 KB 588ms
130ms Image
image/png 67.202.92.15
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stealthsecrets.com/wp-content/uploads/2016/08/azayablue.png
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.15 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: s15.wpxhosting.com
Software: LiteSpeed /
Resource Hash: f674abae9f447d4ce0dd30a8fa6153c0523b2d1dea1655f841638ccdfe7bde47

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Thu, 21 Jan 2021 14:21:56 GMT
referrer-policy
last-modified: Tue, 07 Nov 2017 17:05:02 GMT
server: LiteSpeed
etag: "39b29-5a01e7be-0;;;"
vary: User-Agent
content-type: image/png
wpx: 1
cache-control: public, max-age=31536000,public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 236329
expires: Fri, 21 Jan 2022 14:21:56 GMT

GET
H2 200 ae-dil-hai-mushkil_147462750200.jpg
wallpapers.filmibeat.com/ph-1024x768/2016/09/ 122 KB
123 KB 690ms
598ms Image
image/jpeg 104.75.89.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpapers.filmibeat.com/ph-1024x768/2016/09/ae-dil-hai-mushkil_147462750200.jpg

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.168 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-168.deploy.static.akamaitechnologies.com

Software

Apache / PHP/7.1.9

Resource Hash

4de4a01be414648585515b9c5f5bc5ac186ac2491f9df719d57964359f961883

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
date: Thu, 21 Jan 2021 14:21:56 GMT
server: Apache
x-powered-by: PHP/7.1.9
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename=ae-dil-hai-mushkil_147462750200.jpg
strict-transport-security: max-age=15768000
expires: Sat, 20 Feb 2021 14:21:56 GMT

GET
H2 200 05763e278571c8be6e9bbf0b52ac3245.jpg
i.pinimg.com/originals/05/76/3e/ 172 KB
172 KB 28ms
8ms Image
image/jpeg 2a04:4e42:3::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/05/76/3e/05763e278571c8be6e9bbf0b52ac3245.jpg
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: beef57f3fb646064fd68f01a8def44899a1234ff9330f7b4bdf8a22f3fd48c8d

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:55 GMT
x-cdn: fastly
etag: "d810189852d0b2ea5046a0dee7089386"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 176127

GET
H/1.1 200
OK 800
www.iol.pt/multimedia/oratvi/multimedia/imagem/id/5627b0530cf2bf1ee22eee1d/ 127 KB
127 KB 316ms
90ms Image
image/jpeg 193.126.240.146
NOS_COMUNICACOES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iol.pt/multimedia/oratvi/multimedia/imagem/id/5627b0530cf2bf1ee22eee1d/800
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.126.240.146 Lisbon, Portugal, ASN2860 (NOS_COMUNICACOES, PT),
Reverse DNS: websites.iolnegocios.com
Software: /
Resource Hash: 0f0e7207a0d2b035facfdab53813f8fbea81e0db0fe174227d8de6d8ae047cf6

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 10:17:19 GMT
X-Cache-Debug: client: max-age=604800 ; server: 259200.000
age: 0
Transfer-Encoding: chunked
X-Cache: MISS
X-Varnish: 2322981338
Via: 1.1 varnish
cache-control: max-age=604800
Connection: keep-alive
Content-Type: image/jpeg

GET
H2 200 IMG_1865_FULL_1024x1024.jpg
cdn.shopify.com/s/files/1/1426/9384/products/ 134 KB
135 KB 411ms
411ms Image
image/webp 2a02:26f0:6c00:292::2e0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1426/9384/products/IMG_1865_FULL_1024x1024.jpg?v\u003d1562882780

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:292::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6b15c731af101a44bdbd570ad89208bbf4473473da0157560919d6446922b3e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc: gcp-us-east1
content-length: 137298
x-xss-protection: 1; mode=block
x-request-id: 14abd93
surrogate-key: mime-image/webp source-ShopAssetsBackend segment2-198 segment4-50867 revision-50a95a5e537d635ac20ff85f7c3a5dc22728a832 cdn-shopify-com-s-files-1-1426-9384-products-IMG_1865_FULL-jpg shop-14269384
last-modified: Sat, 16 Jan 2021 01:24:27 GMT
date: Thu, 21 Jan 2021 14:21:56 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1426/9384/products/IMG_1865_FULL_1024x1024.jpg>; rel="canonical"
expires: Sun, 16 Jan 2022 01:24:27 GMT

GET cae0c86b30bc760394e1e2c3b7dcdf5719615847841a40920e19c8a65ee286f7
/ 0
0

GET
H/1.1 200
OK 183201_f66d3301d70b335ae4be13d813d1c22a.jpg
thefirearmsforum.s3.amazonaws.com/2017/03/ 3 MB
3 MB 314ms
295ms Image
image/jpeg 52.217.32.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thefirearmsforum.s3.amazonaws.com/2017/03/183201_f66d3301d70b335ae4be13d813d1c22a.jpg
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: HTTP/1.1
Server: 52.217.32.228 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b68a2f8292901d72352fc5d3a1dddca6ea72d864df2e65d5fc691d3dc103a747

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:57 GMT
Last-Modified: Sun, 12 Mar 2017 00:36:16 GMT
Server: AmazonS3
x-amz-request-id: 0D357BE4C8D222E7
ETag: "f66d3301d70b335ae4be13d813d1c22a"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3197506
x-amz-id-2: RcgtF0drL6cF4arwn0bT3EcdFSQYYlLlyri0rOyTBOBcul3ussvO08YOZG6KBqp3NgTZT60Ew6Y=

GET e63e1342ac94642c1b59999b6941b70112507765a56738d9cdd790a8fb3897f4
/ 0
0

GET
H/1.1 200
OK IMG_20150326_054436.jpg
1.bp.blogspot.com/-gtqV7pDbcvM/VRNkMUalHeI/AAAAAAAAEBU/ldzNNIbuRJs/s1600/ 152 KB
152 KB 29ms
22ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-gtqV7pDbcvM/VRNkMUalHeI/AAAAAAAAEBU/ldzNNIbuRJs/s1600/IMG_20150326_054436.jpg

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6efab5177b1049d95a1a025332406f684bb1dd1860360d7594ca10c6ee55f2c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:56 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v1016"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_20150326_054436.jpg"
Timing-Allow-Origin: *
Content-Length: 155232
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 14:21:56 GMT

GET
H2 200 687474703a2f2f64656d6f2e686967686861792e636f6d2f73696d706c6575782f64656d6f706167652f7374796c65322e6a7067
camo.envatousercontent.com/73f0cc19cf52a50a9b8bcb441f358ab33f1520eb/ 46 KB
46 KB 501ms
403ms Image
image/jpeg 65.9.83.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://camo.envatousercontent.com/73f0cc19cf52a50a9b8bcb441f358ab33f1520eb/687474703a2f2f64656d6f2e686967686861792e636f6d2f73696d706c6575782f64656d6f706167652f7374796c65322e6a7067

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

envato-camo /

Resource Hash

312904afde3fe55e9b9ac002d3fb7a4bcc3afad042af20a0b7a46c73a598fc04

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
via: 1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Mon, 26 Feb 2018 07:00:30 GMT
server: envato-camo
x-amz-cf-pop: AMS1-C1
date: Thu, 21 Jan 2021 14:27:41 GMT
strict-transport-security: max-age=16070400
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 46739
x-xss-protection: 1; mode=block
x-amz-cf-id: oG3sdRcykqSn-CaipvJRW2H1lrntD0oO__NE907mClkeSD-PfQ7PFw==

GET
H/1.1 200
OK shahel-adele-silva-1107351095.jpg
gallery.fansshare.com/photos/adelesilva/ 0
878 B 56ms
38ms Image
image/jpeg 2606:4700:3037::6815:56dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gallery.fansshare.com/photos/adelesilva/shahel-adele-silva-1107351095.jpg
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:56dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:56 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2150
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZCeTo3ry0DNmn3WgRxI3V9aJdPRr9KtHyHuBGBbNnlCNGJ2hGD4WnN27oLmaIH5WjkqFZPQHjsbnk1wsMIRTEMOUNVJQ45bwatg6eBquh9KLP%2Fbph9KU3drwKTJ2%2Flxq0H0%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=16070400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6151af3aad11dfe3-FRA
cf-request-id: 07c6ebd8a50000dfe3d7998000000001
Expires: Thu, 28 Jan 2021 13:46:06 GMT

GET
H/1.1

200
OK

alisar-ailabouni-355858-fullsize.jpg
images.fashionmodeldirectory.com/images/models/13513/
Redirect Chain

https://images.fashionmodeldirectory.com/model/000000355858-alisar_ailabouni-fullsize.jpg
https://images.fashionmodeldirectory.com/images/models/13513/alisar-ailabouni-355858-fullsize.jpg

900 KB
900 KB

56ms
55ms

Image
image/jpeg

136.243.111.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fashionmodeldirectory.com/images/models/13513/alisar-ailabouni-355858-fullsize.jpg
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.111.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 0873d66ca097cca38384d62fdfb218db1f7130b604d760baa240a561f386a52e

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:56 GMT
Last-Modified: Sun, 11 Mar 2018 20:11:51 GMT
Server: Apache/2.4.25 (Debian)
ETag: "e0fd4-56728a2c92fc0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=5184000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 921556

Redirect headers

Date: Thu, 21 Jan 2021 14:21:56 GMT
Server: Apache/2.4.25 (Debian)
location: https://images.fashionmodeldirectory.com/images/models/13513/alisar-ailabouni-355858-fullsize.jpg
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1

GET
H/1.1 200
OK Laura-4-90615x7.jpg
brightideas.co/wp-content/uploads/2013/05/ 404 KB
405 KB 338ms
292ms Image
image/jpeg 104.155.159.57
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://brightideas.co/wp-content/uploads/2013/05/Laura-4-90615x7.jpg
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: HTTP/1.1
Server: 104.155.159.57 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: d756d49dcb30d6055d0cddf29e9419504e0f6fda50bafb468fc741995bb218d9

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:56 GMT
Last-Modified: Wed, 21 Sep 2016 15:15:59 GMT
Server: nginx
ETag: "57e2a42f-65165"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 414053

GET
H2 200 efny9bfnGCGLn0m.jpg
www.littleprincesses.org.uk/images/SupporterGallery/ 146 KB
146 KB 188ms
68ms Image
image/jpeg 213.246.108.216
ISIONUK Namesco L...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.littleprincesses.org.uk/images/SupporterGallery/efny9bfnGCGLn0m.jpg
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.108.216 , United Kingdom, ASN8622 (ISIONUK Namesco Limited, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 10ce5111ebbfdd35bec6e12f9c079d41d8cc5e124eadd5af385975fb1cc18fb8

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:20:45 GMT
last-modified: Wed, 06 Jan 2021 07:48:35 GMT
server: nginx
x-powered-by: PleskLin
etag: "5ff56b53-248a8"
content-type: image/jpeg
accept-ranges: bytes
content-length: 149672

GET
H2 200 DSLR.jpg
i458.photobucket.com/albums/qq309/diman115/ikonki/ 59 KB
59 KB 675ms
589ms Image
image/webp 65.9.83.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i458.photobucket.com/albums/qq309/diman115/ikonki/DSLR.jpg
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.83.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: photobucket /
Resource Hash: 8c18d22a282e43f027ef89461038577ee98805880574bf5d1c1c5d5c92665a7e

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:57 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
content-disposition: inline; filename="DSLR.webp"
content-length: 59908
x-request-id: qf07ki8J9P2mX7k2B9Zxk
server: photobucket
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=3600, public
access-control-allow-headers: *
x-amz-cf-id: nQ_lrRU95nBtZCOwNU56b3t8bQPMgMjo7KlBoUUBPDth3X09ghWKvQ==
expires: Thu, 21 Jan 2021 15:21:57 GMT

GET
H2 200 1588025721
imgv2-2-f.scribdassets.com/img/document/438812710/original/30fae13fb1/ 79 KB
80 KB 265ms
200ms Image
image/webp 151.101.114.152
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgv2-2-f.scribdassets.com/img/document/438812710/original/30fae13fb1/1588025721?v\u003d1
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.152 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1c1c0c7d7952368f36805aa78a40e034d083459436c414963fc4069aa24a98ee

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 722954
etag: "pRx+KAd/Mp6szHCsMHnp1alwnCzHH92I49NK32AH2uM"
x-served-by: cache-mdw17323-MDW, cache-hhn4069-HHN
vary: Accept
x-cache: HIT, MISS
fastly-io-info: ifsz=169293 idim=768x1024 ifmt=jpeg ofsz=81234 odim=768x1024 ofmt=webp
cache-control: max-age=864000,stale-while-revalidate=86400,stale-if-error=86400
content-length: 81234
fastly-stats: io=1
accept-ranges: bytes
content-type: image/webp
x-timer: S1611238917.543191,VS0,VE169
x-cache-hits: 1, 0

GET
H2 200 Erg-2OjVoAIslvg.jpg
pbs.twimg.com/media/ 81 KB
81 KB 53ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Erg-2OjVoAIslvg.jpg

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA4) /

Resource Hash

93a4cc1905dc44ef0d9d821ad4fbaaa04d8528cae40b24394e2c8f82db05fa16

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
x-content-type-options: nosniff
age: 2150
x-cache: HIT
content-length: 82971
x-response-time: 123
surrogate-key: media media/bucket/5 media/1348897189737635842
last-modified: Tue, 12 Jan 2021 07:36:45 GMT
server: ECS (amb/6BA4)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7085e15e324805b102c8b5d658fc3ee4
accept-ranges: bytes

GET
H2

200

litterbug-14493971.jpg
thumbs.dreamstime.com/z/
Redirect Chain

http://thumbs.dreamstime.com/z/litterbug-14493971.jpg
https://thumbs.dreamstime.com/z/litterbug-14493971.jpg

109 KB
109 KB

108ms
26ms

Image
image/jpeg

192.229.233.122
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbs.dreamstime.com/z/litterbug-14493971.jpg
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.122 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F70B) /
Resource Hash: a4e08dc9dd58829cbb40b98bbd0828eb4413baf2d193b0db09d80f334c465386

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
last-modified: Wed, 17 Jul 2013 01:47:29 GMT
server: ECS (ska/F70B)
age: 18071796
etag: "2280975808"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 111785
expires: Fri, 21 Jan 2022 14:21:56 GMT

Redirect headers

Access-Control-Allow-Origin: *
Date: Thu, 21 Jan 2021 14:21:56 GMT
Cache-Control: max-age=31536000
Server: ECS (ska/F70B)
Content-Length: 0
Location: https://thumbs.dreamstime.com/z/litterbug-14493971.jpg
Expires: Fri, 21 Jan 2022 14:21:56 GMT

GET
H2 200 sheri_y001.jpg
www.avocado.co.jp/models/wp/wp-content/uploads/2017/10/ 335 KB
335 KB 1677ms
300ms Image
image/jpeg 59.106.13.31
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avocado.co.jp/models/wp/wp-content/uploads/2017/10/sheri_y001.jpg
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 59.106.13.31 Osaka, Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: ecfb3a35b741760ce8a40b03339bccebca2d9395e42d95c57605ebb24f3e6ba5

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:58 GMT
last-modified: Fri, 11 Sep 2020 04:43:16 GMT
server: nginx
accept-ranges: bytes
etag: "53a30-5af0252b7c858"
content-length: 342576
content-type: image/jpeg

GET
H2 200 1-12-Scale-Mini-Cute-font-b-Candy-b-font-Metal-Buckets-Decoration-for-BJD-Dollhouse.jpg
i0.wp.com/ae01.alicdn.com/kf/HTB1uhCXyL9TBuNjy1zbq6xpepXa7/ 27 KB
27 KB 104ms
44ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ae01.alicdn.com/kf/HTB1uhCXyL9TBuNjy1zbq6xpepXa7/1-12-Scale-Mini-Cute-font-b-Candy-b-font-Metal-Buckets-Decoration-for-BJD-Dollhouse.jpg?crop=5,2,900,500&quality=2886

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

38c58235f617a678487f024be6c4fa06eb71d0e7ff2facfcfdda0a495fdce779

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 8
date: Thu, 21 Jan 2021 14:21:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Jan 2021 12:21:37 GMT
server: nginx
etag: "43a0a4b3ae044a3e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <http://ae01.alicdn.com/kf/HTB1uhCXyL9TBuNjy1zbq6xpepXa7/1-12-Scale-Mini-Cute-font-b-Candy-b-font-Metal-Buckets-Decoration-for-BJD-Dollhouse.jpg>; rel="canonical"
content-length: 27288
expires: Sat, 14 Jan 2023 00:21:37 GMT

GET
H/1.1 200
OK 103.JPG
3.bp.blogspot.com/-bM0z8WYFAaI/T5GXdQpGC-I/AAAAAAAAAss/yK4cANmjGR0/s1600/ 179 KB
179 KB 453ms
445ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-bM0z8WYFAaI/T5GXdQpGC-I/AAAAAAAAAss/yK4cANmjGR0/s1600/103.JPG

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

19b6acb6cd051a1661fffcd01f394653155e6b9ef11075382303d0a896e80301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:57 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v2502"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="103.JPG"
Timing-Allow-Origin: *
Content-Length: 182819
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 14:21:57 GMT

GET
H2 200 7526332SZ.jpg
images-americanas.b2w.io/produtos/01/00/item/7526/3/ 329 KB
331 KB 128ms
109ms Image
image/webp 2a02:26f0:6c00:29c::19fe
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-americanas.b2w.io/produtos/01/00/item/7526/3/7526332SZ.jpg
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:29c::19fe , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: BIS /
Resource Hash: 6f7f8d3995f48e3c52250196415af25f9d2eaa7d57fa7f227b4b5fe2c409f7a7

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
last-modified: Thu, 21 Jan 2021 13:54:35 GMT
server: BIS
etag: 19fd7786dcd45071904440a2b32fbe38f3654301c2a2ec6f185bb4dabc17dfb0
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control: public, max-age=604800
warning: 58716
content-disposition: inline; filename="7526332SZ.webp"
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length: 336970
x-request-id: rLbomxzjN9TNIoxa3Lmtm
expires: Thu, 28 Jan 2021 14:21:56 GMT

GET
H2

200

006906865_1-032fc58dcd1067b40f5cd9e2c8959a79.png
s3.studylib.net/store/data/
Redirect Chain

http://s3.studylib.net/store/data/006906865_1-032fc58dcd1067b40f5cd9e2c8959a79.png
https://s3.studylib.net/store/data/006906865_1-032fc58dcd1067b40f5cd9e2c8959a79.png

71 KB
72 KB

43ms
22ms

Image
image/png

2606:4700:3034::ac43:aff0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.studylib.net/store/data/006906865_1-032fc58dcd1067b40f5cd9e2c8959a79.png
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:aff0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d4fbb6dcaa7ae2b8c8b895ac78faed14a3b684472920a452029b8390d2fc11

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2148
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72963
cf-request-id: 07c6ebdae40000dfdb5709d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OsE6nkRlJ6S0fllqvqT1vUomerbkrrigBC7O9amb%2BjO24Dj4RxJwL4EoJyIUQABXGAl7K2PPs6WOBP9G63ESW8wd8CQWOO%2BijP2UyjpHQu%2FnYqNqAZzXgJ5HzzI%3D"}]}
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Access-Control-Allow-Origin,Content-Range,Access-Control-Allow-Credentials,Content-Encoding,Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6151af3e3c97dfdb-FRA

Redirect headers

Date: Thu, 21 Jan 2021 14:21:56 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5DTwNs7psycJYyR25380bNNAYdEpVCA%2BmngmzOOGWla2%2F8WHUt8JWiGoM7YNWce5GXUWHtUKFVARV2z0uzmZ6lYIUSLlKTdJB1RZ9a4k8LG8rdrlwSDWYA9WbeA%3D"}]}
Location: https://s3.studylib.net/store/data/006906865_1-032fc58dcd1067b40f5cd9e2c8959a79.png
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6151af3dfc3fdfe3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07c6ebdab70000dfe39436b000000001
Expires: Thu, 21 Jan 2021 15:21:56 GMT

GET 452d789ac0e901a0327528febdf0d94f4d713fd8bc39aa53e1c22f57b80e7e57
/ 0
0

GET
H/1.1 200
OK small-house-with-a-label-for-rent-picture-id186804260
media.istockphoto.com/photos/ 201 KB
202 KB 415ms
348ms Image
image/jpeg 65.9.83.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.istockphoto.com/photos/small-house-with-a-label-for-rent-picture-id186804260
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.83.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 8c011437cc8ff344f8cf0613b00b38a4a25ce24596ab3b367d270e16bec919cf

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:57 GMT
Via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb7.cloudfront.net (CloudFront)
Last-Modified: Thu, 21 Jan 2021 14:21:57 GMT
Server: Kestrel
X-Amz-Cf-Pop: AMS1-C1
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=7776000
Content-Disposition: inline; filename=istockphoto-186804260-1024x1024.jpg
Connection: keep-alive
Link: </photos/small-house-with-a-label-for-rent-picture-id186804260>; rel= "canonical"
Content-Length: 206317
X-Amz-Cf-Id: FaDJ7Ja4N56XW1WuqG_vScpkr7STM87tSzxB9bDxNiowEr1dMxKhiA==

GET
H/1.1 200
OK bulma.js Show response
hanklee.net/themes/okeokeaja/assets/js/ 492 B
741 B 32ms
31ms Script
application/javascript 109.202.99.151
GLOBALLAYER

General

Check archive.org

Show headers Download Go to

Full URL

http://hanklee.net/themes/okeokeaja/assets/js/bulma.js

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

HTTP/1.1

Server

109.202.99.151 , Netherlands, ASN57172 (GLOBALLAYER, NL),

Reverse DNS

hosted-by.gbukhost.co.uk

Software

nginx-rc /

Resource Hash

d631d1ea973f19afc029a5e8395d2b50cd8a6e37df317167b9bb81da2b6d322b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 14:21:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Jan 2020 16:53:26 GMT
Server: nginx-rc
ETag: W/"5e18ac06-1ec"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sat, 20 Feb 2021 14:21:55 GMT

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 8 KB
9 KB 36ms
15ms Image
image/jpeg 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT59Y4uxmwPwb0ycoHAz6Qyn7Wgf9sQMMuNOg&usqp=CAU

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

080a2b5505595ac3ea3c7b91de5117eb730f26e88cac3bbaba761aee02b30e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Jun 2020 14:31:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8363
x-xss-protection: 0
expires: Fri, 21 Jan 2022 14:21:56 GMT

GET
H3-Q050 200 images
encrypted-tbn0.gstatic.com/ 5 KB
5 KB 44ms
29ms Image
image/jpeg 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTb_l3n98ntnbuOtJoTS8BXYz7wDFfOAn3FGA&usqp=CAU

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706169439af104368186a19495570b9bf1c3d22eecfe8ebc348ff3a13fb46224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Oct 2020 05:10:35 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5112
x-xss-protection: 0
expires: Fri, 21 Jan 2022 14:21:56 GMT

GET
H3-Q050 200 images
encrypted-tbn0.gstatic.com/ 8 KB
8 KB 117ms
103ms Image
image/jpeg 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSG0hyzpVp07vTEp3m_huO0bSQNVHP2fAZrDQ&usqp=CAU

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67ad6d9cce1499430a1341a2b15eadb50c678fc3c5d86d49c242c13503c141b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 29 Nov 2020 05:48:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8370
x-xss-protection: 0
expires: Fri, 21 Jan 2022 14:21:56 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 38 KB
13 KB 84ms
29ms Script
application/x-javascript 104.22.52.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5086d4f97bc3ee70971c51e89fa6ae25ff054accec7c4e890b1083ee7bcc9ab

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Jan 2021 10:15:35 GMT
server: cloudflare
age: 13168
etag: W/"6006b147-98f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 6151af3eaa781d0a-CPH
cf-request-id: 07c6ebdb2500001d0a24352000000001
expires: Thu, 21 Jan 2021 22:42:27 GMT

GET
H/1.1 403
Forbidden 353bfba230185371105b37856c82f6f5.js
dorothydrawing.com/35/3b/fb/ 0
0 257ms
220ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dorothydrawing.com/35/3b/fb/353bfba230185371105b37856c82f6f5.js
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 21 Jan 2021 14:21:56 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden 8f8ac2d81b55a9148025d1de6de83691.js
dorothydrawing.com/8f/8a/c2/ 0
0 244ms
220ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dorothydrawing.com/8f/8a/c2/8f8ac2d81b55a9148025d1de6de83691.js
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 21 Jan 2021 14:21:56 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 16ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: http://hanklee.net
Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 668143
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27964
cf-request-id: 07c6ebd7a200004ac8adbd9000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rmIeDClORT6fvuYlWVatzk3zjdvTT%2BnqxJpd%2FyrPTLYezEowxEr0wLK9H9fgiwrAS1NR20%2FwWMd3LO15aht36xRdmpJLXy64VxN9Pqx8FVh%2BvGjN9G6hER00olShHLcoFw%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6151af390eed4ac8-FRA
expires: Tue, 11 Jan 2022 14:21:56 GMT

GET
H/1.1 403
Forbidden 353bfba230185371105b37856c82f6f5.js
dorothydrawing.com/35/3b/fb/ 0
0 130ms
130ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dorothydrawing.com/35/3b/fb/353bfba230185371105b37856c82f6f5.js
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 21 Jan 2021 14:21:56 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-Q050 200 images
encrypted-tbn0.gstatic.com/ 7 KB
7 KB 45ms
31ms Image
image/jpeg 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcR6URYz6GJqBrv8lMu4vY5aoY-oeJJfY1fPlQ&usqp=CAU

Requested by

Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb45d4433af352634308cb6ceb504a2f3ba13a038750f63d4cff3d294de60f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Aug 2017 21:23:53 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7440
x-xss-protection: 0
expires: Fri, 21 Jan 2022 14:21:56 GMT

GET
H/1.1 403
Forbidden 8f8ac2d81b55a9148025d1de6de83691.js
dorothydrawing.com/8f/8a/c2/ 0
0 122ms
122ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dorothydrawing.com/8f/8a/c2/8f8ac2d81b55a9148025d1de6de83691.js
Requested by: Host: hanklee.net
URL: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 21 Jan 2021 14:21:56 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 t.php Show response
c.statcounter.com/ 162 B
594 B 581ms
579ms XHR
application/json 104.22.52.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?u1=275F085229C44FAC333B3B397DFF0ED7&sc_project=11987472&java=1&security=3a95a9d8&sc_snum=1&sess=830817&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html&t=Visit%20Candydollchan%20Net%20Candydoll%20Downloads%20Candydollchan&invisible=1&sc_rum_e_s=1102&sc_rum_e_e=1109&sc_rum_f_s=0&sc_rum_f_e=1099&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0564d20c6662fa83c89b22ef3e1185cede3d6e4dfbc1525e936930e8ea58fb13

Request headers

Referer: http://hanklee.net/visit-candydollchan-net-candydoll-downloads-candydollchan.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 14:21:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6151af3efb591d0a-CPH
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: http://hanklee.net
access-control-allow-credentials: true
content-type: application/json
cf-request-id: 07c6ebdb5700001d0a0a2a8000000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: x-raw-image:///cae0c86b30bc760394e1e2c3b7dcdf5719615847841a40920e19c8a65ee286f7

Domain
URL: x-raw-image:///e63e1342ac94642c1b59999b6941b70112507765a56738d9cdd790a8fb3897f4

Domain
URL: x-raw-image:///452d789ac0e901a0327528febdf0d94f4d713fd8bc39aa53e1c22f57b80e7e57

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


1.bp.blogspot.com
3.bp.blogspot.com
brightideas.co
c.statcounter.com
camo.envatousercontent.com
cdn.shopify.com
cdn130.picsart.com
cdnjs.cloudflare.com
dorothydrawing.com
encrypted-tbn0.gstatic.com
gallery.fansshare.com
hanklee.net
i.pinimg.com
i.ytimg.com
i0.wp.com
i458.photobucket.com
images-americanas.b2w.io
images.fashionmodeldirectory.com
imgv2-2-f.scribdassets.com
media.istockphoto.com
pbs.twimg.com
s3.studylib.net
thefirearmsforum.s3.amazonaws.com
thumbs.dreamstime.com
ugc.kn3.net
use.fontawesome.com
wallpapers.filmibeat.com
www.avocado.co.jp
www.iol.pt
www.littleprincesses.org.uk
www.statcounter.com
www.stealthsecrets.com

104.155.159.57
104.17.148.77
104.22.52.65
104.75.89.168
109.202.99.151
136.243.111.164
151.101.114.152
192.0.77.2
192.229.233.122
192.243.59.12
193.126.240.146
213.246.108.216
23.111.9.35
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:3034::ac43:aff0
2606:4700:3037::6815:56dc
2606:4700:7::a29f:892c
2606:4700::6810:125e
2a00:1450:4001:800::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:818::200e
2a00:1450:4001:81d::2016
2a02:26f0:6c00:292::2e0b
2a02:26f0:6c00:29c::19fe
2a04:4e42:3::84
52.217.32.228
59.106.13.31
65.9.83.16
65.9.83.31
65.9.83.71
67.202.92.15
0564d20c6662fa83c89b22ef3e1185cede3d6e4dfbc1525e936930e8ea58fb13
06d4fbb6dcaa7ae2b8c8b895ac78faed14a3b684472920a452029b8390d2fc11
080a2b5505595ac3ea3c7b91de5117eb730f26e88cac3bbaba761aee02b30e20
0873d66ca097cca38384d62fdfb218db1f7130b604d760baa240a561f386a52e
0f0e7207a0d2b035facfdab53813f8fbea81e0db0fe174227d8de6d8ae047cf6
10ce5111ebbfdd35bec6e12f9c079d41d8cc5e124eadd5af385975fb1cc18fb8
19b6acb6cd051a1661fffcd01f394653155e6b9ef11075382303d0a896e80301
1c1c0c7d7952368f36805aa78a40e034d083459436c414963fc4069aa24a98ee
312904afde3fe55e9b9ac002d3fb7a4bcc3afad042af20a0b7a46c73a598fc04
35f038aa8ff62009dc44059ec1c64610250a2f368efdbe5a36d8febd67bab40f
38c58235f617a678487f024be6c4fa06eb71d0e7ff2facfcfdda0a495fdce779
440f897d7f8a518f16d6d73cd8ba95f457f06020a8b92ad267b69f60e4a89045
491f417160c58de369a6a7eca14b74cdf37407821e77cd84dfdd8f045395db40
4de4a01be414648585515b9c5f5bc5ac186ac2491f9df719d57964359f961883
67ad6d9cce1499430a1341a2b15eadb50c678fc3c5d86d49c242c13503c141b9
6b15c731af101a44bdbd570ad89208bbf4473473da0157560919d6446922b3e6
6cb45d4433af352634308cb6ceb504a2f3ba13a038750f63d4cff3d294de60f0
6efab5177b1049d95a1a025332406f684bb1dd1860360d7594ca10c6ee55f2c9
6f7f8d3995f48e3c52250196415af25f9d2eaa7d57fa7f227b4b5fe2c409f7a7
706169439af104368186a19495570b9bf1c3d22eecfe8ebc348ff3a13fb46224
74eb004f5e46a5e024014f51189dfa8520c7db675e51d64a9c810d9b64cdd1fd
8c011437cc8ff344f8cf0613b00b38a4a25ce24596ab3b367d270e16bec919cf
8c18d22a282e43f027ef89461038577ee98805880574bf5d1c1c5d5c92665a7e
8cb270b4d9485a93b31df98113fda8723ffc067fa7bfa90cedd47b76f7b10be1
93a4cc1905dc44ef0d9d821ad4fbaaa04d8528cae40b24394e2c8f82db05fa16
a4e08dc9dd58829cbb40b98bbd0828eb4413baf2d193b0db09d80f334c465386
a500c1042597213dc017c95e38d8e5673942f6ee3cddcab579d35d96c36f7606
b38275e766b58e461f1918adc2bc387a31bb7623caf10212b20c7cd072b9db71
b68a2f8292901d72352fc5d3a1dddca6ea72d864df2e65d5fc691d3dc103a747
beef57f3fb646064fd68f01a8def44899a1234ff9330f7b4bdf8a22f3fd48c8d
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c5086d4f97bc3ee70971c51e89fa6ae25ff054accec7c4e890b1083ee7bcc9ab
cfafb5554eb14be3ebefbee9f234c78aa658be5b5d200b789495fc9f54a7a2f2
d631d1ea973f19afc029a5e8395d2b50cd8a6e37df317167b9bb81da2b6d322b
d756d49dcb30d6055d0cddf29e9419504e0f6fda50bafb468fc741995bb218d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecfb3a35b741760ce8a40b03339bccebca2d9395e42d95c57605ebb24f3e6ba5
f022ea36a752fe807b3320a4d86198d8bcb9fc04227542d9cdba01d344b4cd51
f674abae9f447d4ce0dd30a8fa6153c0523b2d1dea1655f841638ccdfe7bde47

hanklee.net Open in urlscan Pro 109.202.99.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

46 Requests

65 %HTTPS

39 %IPv6

31 Domains

33 Subdomains

32 IPs

7 Countries

8407 kBTransfer

9262 kBSize

0 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hanklee.net Open in urlscan Pro
109.202.99.151 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

65 %
HTTPS

39 %
IPv6

31
Domains

33
Subdomains

32
IPs

7
Countries

8407 kB
Transfer

9262 kB
Size

0
Cookies

46 HTTP transactions
0 data transactions