p-zen.xyz Open in urlscan Pro
141.147.172.141  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response p-zen.xyz/	566 KB 100 KB	34ms 14ms	Document text/html	141.147.172.141 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://p-zen.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.147.172.141 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS ty13001.mixhostadult.jp Software LiteSpeed / Resource Hash 3fbd93ee95458d4d07c7a7cc4733eb807a8a5078d00e85aa3c05891528fcb13e Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-type text/html; charset=UTF-8 date Sun, 16 Jun 2024 07:03:37 GMT etag "3045-1718382408;br" link <https://p-zen.xyz/wp-json/>; rel="https://api.w.org/" <https://p-zen.xyz/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://p-zen.xyz/>; rel=shortlink server LiteSpeed vary Accept-Encoding x-litespeed-cache hit
GET H2	200	icomoon.woff p-zen.xyz/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/	13 KB 13 KB	10ms 8ms	Font font/woff	141.147.172.141 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://p-zen.xyz/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.147.172.141 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS ty13001.mixhostadult.jp Software LiteSpeed / Resource Hash c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Origin https://p-zen.xyz Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:37 GMT last-modified Tue, 27 Dec 2022 11:21:55 GMT server LiteSpeed content-type font/woff cache-control public, max-age=604800 accept-ranges bytes content-length 13000 expires Sun, 23 Jun 2024 07:03:37 GMT
GET H2	200	fontawesome-webfont.woff2 p-zen.xyz/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/	75 KB 75 KB	9ms 8ms	Font font/woff2	141.147.172.141 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://p-zen.xyz/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.147.172.141 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS ty13001.mixhostadult.jp Software LiteSpeed / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Origin https://p-zen.xyz Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:37 GMT last-modified Tue, 27 Dec 2022 11:21:54 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes content-length 77160 expires Sun, 23 Jun 2024 07:03:37 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	180 KB 66 KB	176ms 116ms	Script application/javascript	2404:6800:400a:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5RXVNDJ Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 919c7ddfce48c8b91a20d4adf698c3e74446178c0495a1eb77a84a4487ed294a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67065 x-xss-protection 0 last-modified Sun, 16 Jun 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 16 Jun 2024 07:03:38 GMT
GET H2	200	swiper-bundle.min.css cdn.jsdelivr.net/npm/swiper@8/	16 KB 5 KB	14ms 2ms	Stylesheet text/css	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css?ver=6.1.6 Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 16 Jun 2024 07:03:37 GMT x-content-type-options nosniff content-encoding br age 2541 x-jsd-version 8.4.7 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 4878 x-served-by cache-fra-eddf8230155-FRA, cache-nrt-rjtf7700057-NRT x-jsd-version-type version etag W/"406d-rwCOh5O6dcNGNg6U6W482jFM4n8" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/	95 KB 34 KB	71ms 15ms	Script text/javascript	2404:6800:400a:804::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4 Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:804::200a Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 12:59:22 GMT content-encoding gzip x-content-type-options nosniff age 237856 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jun 2025 12:59:22 GMT
GET H3	200	jquery-migrate.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/	10 KB 4 KB	41ms 27ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?ver=1.4.1 Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 366668 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3550 last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec2-2748" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CPh1zaHIH6sAaEUqCo6NOlaz3SBKn6RhkeWFWQb8g%2Fx1orNW5Et9KbPKsxahoQoTIn%2FWc1y8rjsHQxIuXtuBvz9BjuBjX15rKAmydDJL01XmGpWPZbzR%2BdqL6DXh3BA%2BAHkvLNNw"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8948f0ee3e085c8b-NRT expires Fri, 06 Jun 2025 07:03:37 GMT
GET H3	200	screenshot.jpg p-zen.xyz/wp-content/themes/cocoon-master/	60 KB 61 KB	19ms 19ms	Image image/jpeg	141.147.172.141 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Show image Full URL https://p-zen.xyz/wp-content/themes/cocoon-master/screenshot.jpg Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.147.172.141 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS ty13001.mixhostadult.jp Software LiteSpeed / Resource Hash 7a1e8e2b327672dffb17a0be1d580fab59b4a820085c629ed0fae40cd9179b96 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:37 GMT last-modified Tue, 27 Dec 2022 11:21:55 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 61908 expires Sun, 23 Jun 2024 07:03:37 GMT
GET H3	200	topimg.jpg p-zen.xyz/wp-content/uploads/2022/04/	37 KB 37 KB	23ms 23ms	Image image/jpeg	141.147.172.141 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Show image Full URL https://p-zen.xyz/wp-content/uploads/2022/04/topimg.jpg Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.147.172.141 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS ty13001.mixhostadult.jp Software LiteSpeed / Resource Hash 3dccf35aa03e2d651aae907114fe12c3cc0ea9f1751cb7d37ec3c683ca08335e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:37 GMT last-modified Thu, 07 Apr 2022 12:58:32 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 37499 expires Sun, 23 Jun 2024 07:03:37 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3c605435cf38a1203dbe0d6df863d52ff200c0befe3858d1cdbef25e20ad1212 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	934 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cea95cc321529b0eb81568e6979b4aa0bc34676398340b25249703cbeba40675 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	access.php p-zen.xyz/wp-content/themes/cocoon-master/lib/analytics/	0 81 B	960ms 960ms	Image text/html	141.147.172.141 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Show image Full URL https://p-zen.xyz/wp-content/themes/cocoon-master/lib/analytics/access.php?post_id=7&post_type=page Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.147.172.141 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS ty13001.mixhostadult.jp Software LiteSpeed / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-litespeed-cache-control no-cache date Sun, 16 Jun 2024 07:03:39 GMT server LiteSpeed content-length 0 content-type text/html; charset=UTF-8
GET H3	200	sugardaddy.jpg p-zen.xyz/wp-content/uploads/2022/09/	61 KB 61 KB	7ms 6ms	Image image/jpeg	141.147.172.141 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Show image Full URL https://p-zen.xyz/wp-content/uploads/2022/09/sugardaddy.jpg Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.147.172.141 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS ty13001.mixhostadult.jp Software LiteSpeed / Resource Hash 784d929824864420dc5a51661cd636920ee48da92861b3d5d8f09c972540fdc4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:38 GMT last-modified Mon, 05 Sep 2022 09:14:24 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 62851 expires Sun, 23 Jun 2024 07:03:38 GMT
GET H3	200	600x500_011.png p-zen.xyz/wp-content/uploads/2019/09/	108 KB 108 KB	9ms 8ms	Image image/png	141.147.172.141 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Show image Full URL https://p-zen.xyz/wp-content/uploads/2019/09/600x500_011.png Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.147.172.141 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS ty13001.mixhostadult.jp Software LiteSpeed / Resource Hash cfa0087f87fa5b63fa4cd964fc3fa3182908c2b2227231f6779bf02d5f4a0db7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:38 GMT last-modified Fri, 13 Sep 2019 04:24:47 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 110421 expires Sun, 23 Jun 2024 07:03:38 GMT
GET H3	200	Jmail.png p-zen.xyz/wp-content/uploads/2022/09/	99 KB 99 KB	10ms 9ms	Image image/png	141.147.172.141 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Show image Full URL https://p-zen.xyz/wp-content/uploads/2022/09/Jmail.png Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.147.172.141 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS ty13001.mixhostadult.jp Software LiteSpeed / Resource Hash 79a3d0ac3ce7431d1929673f56b0b82a50fe75559003de3881b63c81faa21bec Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:38 GMT last-modified Mon, 05 Sep 2022 09:57:41 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 101606 expires Sun, 23 Jun 2024 07:03:38 GMT
GET H/1.1	200 OK	/ Show response websdk.appsflyer.com/	34 KB 10 KB	106ms 5ms	Script application/javascript	2600:140b:a00:8::b81a:2b48 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://websdk.appsflyer.com/?st=pba& Requested by Host: p-zen.xyz URL: https://p-zen.xyz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:140b:a00:8::b81a:2b48 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash 7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 07:03:38 GMT Content-Encoding gzip x-amz-request-id QZMD0SJKSF474SY5 x-amz-server-side-encryption AES256 Connection keep-alive Content-Length 9575 x-amz-id-2 YCwvJXRBePan3Lxbiu/ZfbrSxm6x5F9ND+dHOT0762t/ojXry3MQo3dGa+0jD6xV6MiRkba96fw= Last-Modified Wed, 14 Jun 2023 06:58:46 GMT Server AmazonS3 ETag "d4e7f1ffd74e53e33a46a668c2e9d67c" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2821 Accept-Ranges bytes X-DataStream-Cache-Status 1 Expires Sun, 16 Jun 2024 07:50:39 GMT
GET H2	200	onelink Show response wa.onelink.me/v1/	13 B 362 B	224ms 204ms	XHR application/json	3.165.21.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wa.onelink.me/v1/onelink Requested by Host: websdk.appsflyer.com URL: https://websdk.appsflyer.com/?st=pba& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.165.21.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-165-21-120.nrt12.r.cloudfront.net Software / Resource Hash 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:38 GMT via 1.1 50d05269d088c83b5af103f7fefdfa6e.cloudfront.net (CloudFront) x-amz-cf-pop NRT12-P4 x-cache Miss from cloudfront content-type application/json access-control-allow-origin https://p-zen.xyz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 13 x-amz-cf-id dThpyIXwiOPPNoko3KypUmSLbR9WSg5Uy0y57vvXmN-6zPuwcNgqZg==
POST H2	200	events Show response wa.appsflyer.com/	73 B 526 B	272ms 202ms	XHR application/json	13.35.49.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wa.appsflyer.com/events?site-id=pa8YSGtKvVA3s5YRpdVDUo Requested by Host: websdk.appsflyer.com URL: https://websdk.appsflyer.com/?st=pba& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.49.115 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-49-115.nrt20.r.cloudfront.net Software / Resource Hash ced57afe8e7e055dbe6285f0fe59e1e701d9485740e5c91af4c4d38ac0f81890 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type text/plain Response headers date Sun, 16 Jun 2024 07:03:38 GMT via 1.1 3c0190220d7b3ab896def13f86f295aa.cloudfront.net (CloudFront) x-amz-cf-pop NRT20-C1 x-cache Miss from cloudfront content-type application/json access-control-allow-origin https://p-zen.xyz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 73 x-amz-cf-id UIyfC5DmSMr4gnIO7gqJJ1J32LrcKERws6OJMH5fL_SVOd--2ATCBA==
GET H2	200	onelink Show response wa.onelink.me/v1/	51 B 509 B	202ms 201ms	XHR application/json	3.165.21.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wa.onelink.me/v1/onelink?af_id=d3f81eeb-08d6-4f7b-baa0-b3b1ccb37d8b-p Requested by Host: websdk.appsflyer.com URL: https://websdk.appsflyer.com/?st=pba& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.165.21.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-165-21-120.nrt12.r.cloudfront.net Software / Resource Hash 447f71c375c019aad8f9b6b82b7c7fc5189aa131e588ceffb84df395a5002be8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:38 GMT via 1.1 50d05269d088c83b5af103f7fefdfa6e.cloudfront.net (CloudFront) x-amz-cf-pop NRT12-P4 x-cache Miss from cloudfront content-type application/json access-control-allow-origin https://p-zen.xyz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 51 x-amz-cf-id XZGQ8kKmvzwXcRQQK5nxmHWnH1IMDVKcfSOSrjfuQsyJq9unDfHgGA==
GET H3	200	cropped-icon3-1-32x32.png p-zen.xyz/wp-content/uploads/2022/04/	933 B 1000 B	5ms 5ms	Other image/png	141.147.172.141 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://p-zen.xyz/wp-content/uploads/2022/04/cropped-icon3-1-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 141.147.172.141 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS ty13001.mixhostadult.jp Software LiteSpeed / Resource Hash c75e0fcb6c69a1355d37d8738a1b38807f1ee050fae77d1826ff5bec24f2cb3c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://p-zen.xyz/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 07:03:39 GMT last-modified Tue, 27 Dec 2022 11:41:38 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 933 expires Sun, 23 Jun 2024 07:03:39 GMT

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| dataLayer function| $ function| jQuery object| swv object| wpcf7 object| baguetteBox function| ScrollHint function| lozad object| addComment object| cocoon_localize_script_options object| jQuery11240762495431464955 object| google_tag_manager object| google_tag_data string| AppsFlyerSdkObject function| AF object| AF_SDK

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.appsflyer.com/	1970-01-21 06:50:49	Name: af_id Value: d3f81eeb-08d6-4f7b-baa0-b3b1ccb37d8b-p
			.p-zen.xyz/	1970-01-21 06:58:01	Name: afUserId Value: d3f81eeb-08d6-4f7b-baa0-b3b1ccb37d8b-p
			.onelink.me/	1970-01-21 06:58:01	Name: af_id Value: d3f81eeb-08d6-4f7b-baa0-b3b1ccb37d8b-p
			.p-zen.xyz/	1970-01-20 21:32:06	Name: AF_SYNC Value: 1718521419060

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
p-zen.xyz
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.googletagmanager.com
104.17.24.14
13.35.49.115
141.147.172.141
2404:6800:400a:804::200a
2404:6800:400a:80e::2008
2600:140b:a00:8::b81a:2b48
2a04:4e42:400::485
3.165.21.120
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3c605435cf38a1203dbe0d6df863d52ff200c0befe3858d1cdbef25e20ad1212
3dccf35aa03e2d651aae907114fe12c3cc0ea9f1751cb7d37ec3c683ca08335e
3fbd93ee95458d4d07c7a7cc4733eb807a8a5078d00e85aa3c05891528fcb13e
447f71c375c019aad8f9b6b82b7c7fc5189aa131e588ceffb84df395a5002be8
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
784d929824864420dc5a51661cd636920ee48da92861b3d5d8f09c972540fdc4
79a3d0ac3ce7431d1929673f56b0b82a50fe75559003de3881b63c81faa21bec
7a1e8e2b327672dffb17a0be1d580fab59b4a820085c629ed0fae40cd9179b96
7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f
919c7ddfce48c8b91a20d4adf698c3e74446178c0495a1eb77a84a4487ed294a
c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa
c75e0fcb6c69a1355d37d8738a1b38807f1ee050fae77d1826ff5bec24f2cb3c
cea95cc321529b0eb81568e6979b4aa0bc34676398340b25249703cbeba40675
ced57afe8e7e055dbe6285f0fe59e1e701d9485740e5c91af4c4d38ac0f81890
cfa0087f87fa5b63fa4cd964fc3fa3182908c2b2227231f6779bf02d5f4a0db7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855