fim.heartshine.gay Open in urlscan Pro
2606:4700:3034::6815:2016 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fim.heartshine.gay/
Effective URL:
https://fim.heartshine.gay/
Submission: On May 08 via api (May 8th 2024, 2:50:30 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3034::6815:2016, located in United States and belongs to CLOUDFLARENET, US. The main domain is fim.heartshine.gay.
TLS certificate: Issued by GTS CA 1P5 on March 12th 2024. Valid for: 3 months.

This is the only time fim.heartshine.gay was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3034::6815:2016	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.67.182.74 172.67.182.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	5

3 2606:4700:3034::6815:2016 (United States)

ASN13335 (CLOUDFLARENET, US)

fim.heartshine.gay	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

static.manebooru.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.182.74 (United States)

ASN13335 (CLOUDFLARENET, US)

static.heartshine.gay	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fim.heartshine.gay	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	heartshine.gay fim.heartshine.gay static.heartshine.gay	82 KB
1	manebooru.art static.manebooru.art	28 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
14	3

	Domain	Requested by
7	static.heartshine.gay	fim.heartshine.gay
5	fim.heartshine.gay	fim.heartshine.gay static.cloudflareinsights.com
1	static.manebooru.art	fim.heartshine.gay
1	static.cloudflareinsights.com	fim.heartshine.gay
14	4

This site contains links to these domains. Also see Links.

Domain
mlp.heartshine.gay
eqg.heartshine.gay
pl.heartshine.gay
g3.heartshine.gay
g1.heartshine.gay
kb.iu.edu
pony.social

Subject Issuer	Validity	Valid
heartshine.gay GTS CA 1P5	`2024-03-12` - `2024-06-10`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
manebooru.art E1	`2024-04-02` - `2024-07-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fim.heartshine.gay/
Frame ID: AD67C4C3A5D57EA27C127670E9FE251F
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MLP:FiM S01E01 - Ember's MLP:FiM Archive

Page URL History Show full URLs

http://fim.heartshine.gay/ HTTP 307
https://fim.heartshine.gay/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

116 kB
Transfer

2388 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://mlp.heartshine.gay/
Title: MLP G5

Search URL Search Domain Scan URL

URL: https://eqg.heartshine.gay/
Title: MLP: EqG

Search URL Search Domain Scan URL

URL: https://pl.heartshine.gay/
Title: MLP: PL

Search URL Search Domain Scan URL

URL: https://g3.heartshine.gay/
Title: MLP G3

Search URL Search Domain Scan URL

URL: https://g1.heartshine.gay/
Title: MLP G1

Search URL Search Domain Scan URL

URL: https://kb.iu.edu/d/ahic
Title: Clear your cache!

Search URL Search Domain Scan URL

URL: https://pony.social/@eheartshine

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fim.heartshine.gay/ HTTP 307
https://fim.heartshine.gay/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fim.heartshine.gay/
Redirect Chain

http://fim.heartshine.gay/
https://fim.heartshine.gay/

3 KB
2 KB

147ms
99ms

Document
text/html

2606:4700:3034::6815:2016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fim.heartshine.gay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2016 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5331233e4ead4818ba0834036750f4f3eee9e8983048fcd0772a2b062ebdf589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 880a4316cd3e5d4e-FRA
content-encoding: br
content-type: text/html
date: Wed, 08 May 2024 14:50:25 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Tue, 13 Feb 2024 16:05:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w9BcAhfkkBpF3tTnLQeAKxHSzeVps%2BTEbW8hLZniGqeDL25%2BPsQ5qsD8fn4odsC%2BQWsT9Y%2FFrU%2FHAmuYtZrfKnlS%2FPbefnJmF2UPp9XW3cJ5op14VKLAI93mIgvHtfcQzYDMqeRoAEbt1ITzJY2xm9s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

Location: https://fim.heartshine.gay/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 viewEp.css
fim.heartshine.gay/ 3 KB
1 KB 23ms
22ms Stylesheet
text/css 2606:4700:3034::6815:2016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fim.heartshine.gay/viewEp.css

Requested by

Host: fim.heartshine.gay
URL: https://fim.heartshine.gay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2016 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f559a2ffd8ab779821f51157a3974abab3df0c9ae32b68aa417f7d257bf53e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 1053085
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 11 Aug 2022 12:53:28 GMT
server: cloudflare
etag: W/"62f4fbc8-aac"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FjHZekeLz9dkFDl7J4VN1604voKysQIVPRakjIgHyVby%2F1Slrrl6hWJprAAPxreWInm3UfqWM25T6c4v75hY7G7km6vMl7kOJ77L4V0LTmAodIM0A%2BFQwutxod67AFknuQgSaG2GB0k%2B8MHcTKRP9s4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
x-robots-tag: none
cf-ray: 880a43177e015d4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 viewEp.js Show response
fim.heartshine.gay/ 9 KB
3 KB 24ms
23ms Script
application/javascript 2606:4700:3034::6815:2016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fim.heartshine.gay/viewEp.js

Requested by

Host: fim.heartshine.gay
URL: https://fim.heartshine.gay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2016 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a70921722f5c8794259c7f3d3bf93228bf000afd761b2eabefde886a743861f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 4019795
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 09 Mar 2024 22:24:55 GMT
server: cloudflare
etag: W/"65ece1b7-250f"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FOUviguJ5YFLYLAmOePuPCgSxVhVjTxtOd2fvxDZCEZKiVwmzKlwdDYG3kNPPccHofgqfAo77WgybfotRhN0Q1etfQx8G%2BUfj00ObBThmUZ1GgW%2F65ldJ3qFFodT28ZtjDEUj6kAcUbeS%2Bvs5NAJ4HQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
x-robots-tag: none
cf-ray: 880a43177e025d4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 115ms
69ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: fim.heartshine.gay
URL: https://fim.heartshine.gay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://fim.heartshine.gay
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:25 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 880a4317dc855d96-FRA

GET
H3 200 thumb.png
static.manebooru.art/img/2020/8/7/4000355/ 27 KB
28 KB 97ms
30ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.manebooru.art/img/2020/8/7/4000355/thumb.png

Requested by

Host: fim.heartshine.gay
URL: https://fim.heartshine.gay/viewEp.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f787303fc15c64d49d86f0c32a4bd0f1e4f74f5ffb76426bbf77d114d80788f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 278941
alt-svc: h3=":443"; ma=86400
content-length: 27654
last-modified: Fri, 07 Aug 2020 11:22:50 GMT
server: cloudflare
etag: "5f2d398a-6c06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FTb%2Bhp1prmu4ItLPAyQWxC5bkkmXBVpsCu9C%2BZSG%2BZCzPY0ez4nTiBZtjKmJ5YIvkp7q%2F%2Bwg834N97CZC8ICwclnjcJii%2FAL%2BnXjW7y5KA7ydYMZGIdOc90Nsq6%2Bg0%2FOAcg8wASDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 880a431809062c2a-FRA
priority: u=1,i
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 titilliumtext-bold.woff2
static.heartshine.gay/woff/ 24 KB
25 KB 67ms
20ms Font
application/octet-stream 172.67.182.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.heartshine.gay/woff/titilliumtext-bold.woff2

Requested by

Host: fim.heartshine.gay
URL: https://fim.heartshine.gay/viewEp.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb0440171e8beb64d44c960746d689eab648f572fd51f920db26e8347b04dd0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://fim.heartshine.gay
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1278558
alt-svc: h3=":443"; ma=86400
content-length: 25016
last-modified: Thu, 01 Apr 2021 02:35:20 GMT
server: cloudflare
etag: "60653168-61b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhMk3o7ibMgdrs%2BBM7PtXnQh2OMl%2FYY27nH8pLQ8zYrdR2TpenKfDZflKIlcJC9Hyptu%2FpSxLcdkiPfoG6dx%2FhWZmoBeSU5EbV7EKGUANAg4M%2BlDoPUfs5iYub7aW%2BEA9SdnS%2B6K%2FQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 880a43180a244dcc-FRA
priority: u=0,i=?0

GET
H3 200 swansea.woff2
static.heartshine.gay/woff/ 19 KB
20 KB 73ms
27ms Font
application/octet-stream 172.67.182.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.heartshine.gay/woff/swansea.woff2

Requested by

Host: fim.heartshine.gay
URL: https://fim.heartshine.gay/viewEp.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

320eebf14719dea829cc5ec979d38ee768a739a4c07ca90a4461901182735ed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://fim.heartshine.gay
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1200280
alt-svc: h3=":443"; ma=86400
content-length: 19828
last-modified: Thu, 11 Aug 2022 12:38:33 GMT
server: cloudflare
etag: "62f4f849-4d74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RoWfxI5yl8Q0isOjhJF0Xmla63t3NEYM0z%2BAtbZHFGujU%2FwzISGe6mazkKOSYgXt2EgmBpozbvPvi9Ox22WjBc%2Fai2DxzpVT97WA504TcZ9VSpvHcW1r7wj%2BRjWvCR%2FjgpyHZ9t2MKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 880a43180a2a4dcc-FRA
priority: u=0,i=?0

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 db.json Show response
fim.heartshine.gay/ 67 KB
5 KB 57ms
57ms Fetch
application/json 172.67.182.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fim.heartshine.gay/db.json

Requested by

Host: fim.heartshine.gay
URL: https://fim.heartshine.gay/viewEp.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6313cbbf3d157327fd72732fcbdb87da6107436ef4f5a3c6282989e6cd2874a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sun, 10 Mar 2024 18:54:34 GMT
server: cloudflare
etag: W/"65ee01ea-10a23"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o5hO3Nie%2FS4Fm%2Fw4v32WkgMZDIYjjJZxuu9DhSCjACSsFNFE9szuGoeCdtD2qGQZDp6NJMn%2FKtXwOaeZ%2BzJb9DXMQvBrYoRejrF9MZZnSEF2gHZJ0Om2MQcPy%2BpVypIbByRjY8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-robots-tag: none
cf-ray: 880a43185ce7bbd3-FRA
priority: u=1,i

POST
H3 204 rum Show response
fim.heartshine.gay/cdn-cgi/ 0
179 B 13ms
12ms XHR
text/plain 172.67.182.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fim.heartshine.gay/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 08 May 2024 14:50:25 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fim.heartshine.gay
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 880a43185ceabbd3-FRA

GET
H3 200 fav-32.png
static.heartshine.gay/_img/ 2 KB
2 KB 28ms
28ms Other
image/png 172.67.182.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.heartshine.gay/_img/fav-32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2deda776045b5391d896bfae8c9b26cade567057c84b7fdee635d2f91e6876e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1314940
alt-svc: h3=":443"; ma=86400
content-length: 1645
last-modified: Thu, 01 Apr 2021 02:38:57 GMT
server: cloudflare
etag: "60653241-66d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUZKx0JwqhX%2Fv4OjFeHkHq1PprT%2Bo6rISVy%2F25VOV42treuqzENvohly%2FiZRtQGcgXCGePvaP2KMOG%2FXlCUkt0nHZg6V588x7SuYOBIJYJyggvhxp3wLvWOdiX3FMa3Xm1zXAYmvDVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 880a43185cebbbd3-FRA
priority: u=1,i
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 206 s01e01-480p.mp4
static.heartshine.gay/g4-fim/ 1 MB
0 27ms
26ms Media
video/mp4 172.67.182.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.heartshine.gay/g4-fim/s01e01-480p.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1178320
Content-Range: bytes 0-135900094/135900095
alt-svc: h3=":443"; ma=86400
Content-Length: 135900095
last-modified: Fri, 02 Apr 2021 12:39:58 GMT
server: cloudflare
etag: "6067109e-819abbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQXDE2gZe0zIi%2FbaYFwzVjfItsjMsC11xPlVdfOWfqCWA6c1J160HVTJciArp8JqPxQLNlL0esrjg8iJaYvPHkE%2F6UNaNBv44vFdpG%2Bs%2F71jeVpKH0Do%2FgkCHcq7sjBydboVTW5Qnso%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 880a4318cb5b4dcc-FRA
priority: u=3,i

GET
H3 200 titilliumtext-extrabold.woff2
static.heartshine.gay/woff/ 24 KB
24 KB 20ms
20ms Font
application/octet-stream 172.67.182.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.heartshine.gay/woff/titilliumtext-extrabold.woff2

Requested by

Host: fim.heartshine.gay
URL: https://fim.heartshine.gay/viewEp.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea96d499cc26bafc253228c266ec32c82c1cbe87b224162e2adc332c966e377e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://fim.heartshine.gay
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1241037
alt-svc: h3=":443"; ma=86400
content-length: 24232
last-modified: Thu, 01 Apr 2021 02:35:20 GMT
server: cloudflare
etag: "60653168-5ea8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLvKQ4%2FiwGbaFHmh4CTl8aND2LPCcGRGPRmFWizLGe7s8LEbdT2A8GZjNIe4TnpU0JTbZDk5EYjuLfu1ytJz041zEJdgO%2BNiVwAxBQ6%2B8BckJtucLDVHlRTIm%2FZTn45HE6H4SBm1cgA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 880a4318db814dcc-FRA
priority: u=0,i=?0

GET
H3 200 fav-32.png
static.heartshine.gay/_img/ 2 KB
0 5ms
5ms Other
image/png 172.67.182.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.heartshine.gay/_img/fav-32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2deda776045b5391d896bfae8c9b26cade567057c84b7fdee635d2f91e6876e5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1314940
alt-svc: h3=":443"; ma=86400
content-length: 1645
last-modified: Thu, 01 Apr 2021 02:38:57 GMT
server: cloudflare
etag: "60653241-66d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUZKx0JwqhX%2Fv4OjFeHkHq1PprT%2Bo6rISVy%2F25VOV42treuqzENvohly%2FiZRtQGcgXCGePvaP2KMOG%2FXlCUkt0nHZg6V588x7SuYOBIJYJyggvhxp3wLvWOdiX3FMa3Xm1zXAYmvDVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 880a43185cebbbd3-FRA
priority: u=1,i
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 206 s01e01-480p.mp4
static.heartshine.gay/g4-fim/ 934 KB
0 0ms
0ms Media
video/mp4 172.67.182.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.heartshine.gay/g4-fim/s01e01-480p.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
Range: bytes=1277952-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 14:50:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1178320
Content-Range: bytes 1277952-135900094/135900095
alt-svc: h3=":443"; ma=86400
Content-Length: 134622143
last-modified: Fri, 02 Apr 2021 12:39:58 GMT
server: cloudflare
etag: "6067109e-819abbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQXDE2gZe0zIi%2FbaYFwzVjfItsjMsC11xPlVdfOWfqCWA6c1J160HVTJciArp8JqPxQLNlL0esrjg8iJaYvPHkE%2F6UNaNBv44vFdpG%2Bs%2F71jeVpKH0Do%2FgkCHcq7sjBydboVTW5Qnso%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 880a4318cb5b4dcc-FRA
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fim.heartshine.gay
static.cloudflareinsights.com
static.heartshine.gay
static.manebooru.art
172.67.182.74
188.114.96.3
2606:4700:3034::6815:2016
2606:4700::6810:5049
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2deda776045b5391d896bfae8c9b26cade567057c84b7fdee635d2f91e6876e5
320eebf14719dea829cc5ec979d38ee768a739a4c07ca90a4461901182735ed2
5331233e4ead4818ba0834036750f4f3eee9e8983048fcd0772a2b062ebdf589
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
a70921722f5c8794259c7f3d3bf93228bf000afd761b2eabefde886a743861f4
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
d6313cbbf3d157327fd72732fcbdb87da6107436ef4f5a3c6282989e6cd2874a
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea96d499cc26bafc253228c266ec32c82c1cbe87b224162e2adc332c966e377e
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f559a2ffd8ab779821f51157a3974abab3df0c9ae32b68aa417f7d257bf53e54
f787303fc15c64d49d86f0c32a4bd0f1e4f74f5ffb76426bbf77d114d80788f4
fb0440171e8beb64d44c960746d689eab648f572fd51f920db26e8347b04dd0f

fim.heartshine.gay Open in urlscan Pro 2606:4700:3034::6815:2016 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

116 kBTransfer

2388 kBSize

0 Cookies

7 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

fim.heartshine.gay Open in urlscan Pro
2606:4700:3034::6815:2016 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

116 kB
Transfer

2388 kB
Size

0
Cookies

14 HTTP transactions
6 data transactions