Report - hentaila.tv/ver/warau-kangofu/

Report Overview

Submitted URL
hentaila.tv/ver/warau-kangofu/
IP
104.21.76.63
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-09 07:54:29
Access
public
Website Title
Warau Kangofu - Hentaila - Ver Hentai en Español
Final URL
hentaila.tv/ver/warau-kangofu/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
img.hentaihaven.xxx	unknown	unknown	2023-10-05	2024-02-26	2.4 kB	94 kB	104.26.8.94
creative.mnaspm.com	unknown	2022-07-05	2023-10-04	2024-05-07	8.4 kB	628 kB	172.64.147.206
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-09	468 B	771 B	18.192.70.27
img.strpst.com	12993	2021-05-31	2021-06-03	2024-05-07	1.3 kB	42 kB	104.17.10.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-08	1.6 kB	105 kB	104.17.25.14
u3y8v8u4.aucdn.net	unknown	2022-06-27	2022-08-08	2024-05-07	532 B	536 kB	185.76.9.16
experttrafficmonitor.com	unknown	2023-11-16	2023-11-23	2024-05-04	636 B	504 B	18.192.70.27
a.magsrv.com	unknown	2023-08-01	2023-08-04	2024-05-08	811 B	90 kB	185.76.9.23
tsyndicate.com	13042	2017-03-08	2017-03-16	2024-05-08	475 B	617 B	168.119.1.208
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	418 B	95 kB	142.250.74.72
go.xlivrdr.com	unknown	2021-06-22	2021-07-02	2024-05-06	1.9 kB	3.1 kB	172.64.147.206
neverstoprotation.com	unknown	2023-03-09	2023-03-09	2024-05-02	563 B	2.7 kB	188.114.97.1
s.magsrv.com	unknown	2023-08-01	2023-08-04	2024-05-08	4.5 kB	11 kB	95.211.229.246
twistconcept.com	unknown	2022-04-14	2020-08-23	2024-05-06	445 B	1.1 kB	104.21.86.46
stripcash.com	32466	2013-11-11	2017-01-20	2024-05-03	421 B	447 B	104.18.55.140
ocsp.e2m02.amazontrust.com	unknown	2007-05-11	2022-12-07	2024-05-08	338 B	750 B	3.164.222.26
himg.nl	317940	2020-07-18	2017-05-12	2024-03-22	874 B	24 kB	104.21.234.50
runative-syndicate.com	31587	2019-01-25	2019-03-19	2024-05-04	483 B	625 B	136.243.46.156
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-08	466 B	678 B	139.45.195.8
go.mnaspm.com	unknown	2022-07-05	2023-10-04	2024-05-07	8.4 kB	28 kB	172.64.147.206
hentaila.tv	unknown	unknown	2021-01-11	2023-04-17	11 kB	572 kB	104.21.76.63
s3t3d2y8.afcdn.net	unknown	2022-06-27	2022-08-09	2024-05-08	438 B	1.0 kB	185.76.9.16
video.ktkjmp.com	23778	2020-08-07	2020-10-02	2024-05-07	442 B	1.0 kB	104.18.53.225
video.saawsedge.com	unknown	2023-12-19	2024-02-06	2024-05-07	429 B	479 B	143.204.55.42
bigstoreminigames.space	unknown	2024-02-21	2024-02-21	2024-04-22	480 B	715 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	experttrafficmonitor.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	hentaila.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-20
Pretty URL hentaila.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.21.76.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-20 06:23:30 Times Seen44506 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	247 B	2024-05-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 09:54:30 Last Seen2024-05-09 09:54:30 Times Seen1 Hash bab57d78ee1d4cda17a936f04d174f4b aeb0762ab2dfbf75916643230a3dc7e3ff20210d 0dd6bc2b1c4ad60b72fcc6eecd1fc2ca151ac5372755e4fc37a29597e05d4f9a Loading...

	unknown	59 B	2023-03-07	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-20 06:04:47 Times Seen3833 Hash de7507ad26c6c904109c87dd5dfac288 952cae1ce6ce1e74b010b31b4357424c12a5960c 09f81a5c463b570b389ce0b118a29bf489353d0ae7d47eefee9b9e7b703e0e02 Loading...

	hentaila.tv/ver/warau-kangofu/	1.1 kB	2024-05-09	2024-05-09
Pretty URL hentaila.tv/ver/warau-kangofu/ IP 104.21.76.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-09 09:54:30 Last Seen2024-05-09 09:54:31 Times Seen1 Hash d14637202f6ec8a8f9775bead196e017 e12c4a4d88e05bba38cdb4f819a623402b9229a5 6e5f7c9c6ad7c89f3da071eb5c400ea577c0af74b231f7a9db0d06d3e811156c Loading...

	hentaila.tv/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	14 kB	2023-05-09	2024-05-20
Pretty URL hentaila.tv/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 104.21.76.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21:05 Last Seen2024-05-20 06:25:20 Times Seen87775 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	unknown	332 B	2023-09-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-09 04:20:53 Last Seen2024-05-09 09:54:31 Times Seen20 Hash 36287aef04d29a02bc73feeeb168e649 0beecfea445319fd770dfa7a357d185864752442 c560a0ec58fb8ded7c7f02f954280cf665e47993a5981976afc2057fc924076f Loading...

	twistconcept.com/index.min.js?pk=0f6c6b0d2533be0a124411ed43310cc0	653 B	2023-11-23	2024-05-19
Pretty URL twistconcept.com/index.min.js?pk=0f6c6b0d2533be0a124411ed43310cc0 IP 104.21.86.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 14:59:07 Last Seen2024-05-19 22:07:47 Times Seen282 Hash 2058d53d084116ff3d36c8a630556710 8bcd226cf5ddb64be846ad645360638e82269097 6af3e3bd3016f5762e3dc3dbd8fc7bbf00f4ec9349bee71a23bbe5547dcffd1e Loading...

	hentaila.tv/wp-content/plugins/player-logic/assets/js/player-logic.js?ver=1.5.6	18 kB	2023-11-28	2024-05-09
Pretty URL hentaila.tv/wp-content/plugins/player-logic/assets/js/player-logic.js?ver=1.5.6 IP 104.21.76.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 12:42:19 Last Seen2024-05-09 09:54:32 Times Seen24 Hash 02ec85c18c41b45da4da47997c095549 e6dfa752ee0dd7f53aac2c58eb36a6405ed13788 06d706ac063bc185fab31372b83fc733c0c312ddd389efcfb2a655a67ecd54ec Loading...

	unknown	203 B	2023-09-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-09 04:20:53 Last Seen2024-05-09 09:54:31 Times Seen20 Hash d2ae0d80b8ebad3486cbe6a30d9f3113 6d62c7a5747466ad943ea7b32ecbf56e1286d559 fb8c049492682d549a32e8933acb17627e85d6ef84caebf82b54317c475e0ace Loading...

	unknown	153 B	2023-09-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-09 04:20:53 Last Seen2024-05-09 09:54:31 Times Seen20 Hash 796056674cee4245d6afa2c869da7632 29b9716c8c157f7a6f9e41027e098d66de16044f 4cbe2c6d5a48ca6a06cc4d6ac4b2471c36c37e242ffdb99fc9a5ca443179e7b0 Loading...

	a.magsrv.com/video-slider.js	46 kB	2024-03-16	2024-05-19
Pretty URL a.magsrv.com/video-slider.js IP 185.76.9.23 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-16 03:04:28 Last Seen2024-05-19 20:25:26 Times Seen175 Hash 3f6b75fbd59723a6564e74a91ce3ddea c59f2fe6bc1834557e544c2b787778597ee40e80 ea8030a37b36fb35f4055a90eedae594932e6caa9c037927aa9b861debf4e6aa Loading...

	a.magsrv.com/ad-provider.js	165 kB	2024-04-29	2024-05-13
Pretty URL a.magsrv.com/ad-provider.js IP 185.76.9.23 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 17:20:07 Last Seen2024-05-13 14:28:10 Times Seen336 Hash 23dca35363e4f4fbf7671ab6c7755f84 057432c37ba5cf65231392a9e07a565ef6689ece 8339d1105cfdcb822ad213c724fd2bdff27a3887df7e5ce28e801fab46e3b370 Loading...

	unknown	74 kB	2024-05-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 09:54:31 Last Seen2024-05-09 09:54:31 Times Seen1 Hash 9f621e29b18ba1cb015b1ccecebb5ff6 d9b6e89736499d6f433a551ccf2a14d3a5a41e0c dd474d86aeb9674ac4ef2bcbf5bc8194b76eced0f90b3cc2d46b8303827b7253 Loading...

	hentaila.tv/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-05-09	2024-05-09
Pretty URL hentaila.tv/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.76.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 09:54:31 Last Seen2024-05-09 09:54:32 Times Seen2 Hash 6063b43a1e1a95e8e4452be8f3e9e6fb d9a2bd34425c71cfa53266ec925f9549cbb6d48c 94290e07b11976425337be33bc46a7f394a74cc6176649667801eb0c2f327312 Loading...

	unknown	454 B	2024-01-06	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-06 22:09:07 Last Seen2024-05-09 09:54:31 Times Seen5 Hash 75ffd678a565b2e30dc43441e8f025eb 2e6fc39935bfa82fd5da94df2b829002d3d4880b 311ed16ee9b0fa0a190a1f5765fea03fae34a591618dec713504fa36aa9d79d7 Loading...

	unknown	628 B	2023-03-12	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:24 Last Seen2024-05-09 09:54:31 Times Seen68 Hash cd533644b0714eb4e0afc949d70ce43c 3d184e247fb466a30c3955a0d437e9cc0a1e63ea 01c051be29d0ed461e71e8d8b1938e83531bd12b9f58c3723b61d3839be3d353 Loading...

	creative.mnaspm.com/widgets/v4/Universal/main.4bdf944b186b14514dc3.js	304 kB	2024-04-24	2024-05-16
Pretty URL creative.mnaspm.com/widgets/v4/Universal/main.4bdf944b186b14514dc3.js IP 172.64.147.206 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 16:00:33 Last Seen2024-05-16 08:55:09 Times Seen202 Hash 3cd8eaa2635a40720e08708f31e5c128 2361cef75efb2ddaa52360c7b28afd3d2cff1166 17d0704cbae8d7e01064e3801038770e973ee435ae40bff3212f3cdb647aef94 Loading...

	unknown	242 B	2024-05-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 09:54:31 Last Seen2024-05-09 09:54:31 Times Seen1 Hash 9d1ecc1da48d0c9a8828cad03ed2814c 60c83952f39ed0a1ffc81481e8b6fdc17756251a e22ce4bd523c50196644216d774c767d68e0bd18837e0c22b71aca271b88d2be Loading...

	unknown	225 B	2023-09-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-09 04:20:53 Last Seen2024-05-09 09:54:31 Times Seen20 Hash a51b648adad3c105a6d3980751f637f3 0909b60d8f5d5491c08bb9b4f7ea09e675c6f546 d45fa930e30cd82069c145ad16fbf366fd3335bb8ae42a3f9ec517233d08fdf3 Loading...

	unknown	562 B	2024-05-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 09:54:31 Last Seen2024-05-09 09:54:31 Times Seen1 Hash 49b67dfeec7b0cb89f66d6c3abda1e16 bf6b4646f142000561dd742028a541c2d75b7bce c397ebfea8bb8b883e77361cf96f0fdcb19e4dca7579e192c8678f68dda94763 Loading...

	www.googletagmanager.com/gtag/js?id=G-HLNJTN8DZ6	274 kB	2024-05-09	2024-05-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-HLNJTN8DZ6 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 09:54:31 Last Seen2024-05-09 09:54:31 Times Seen2 Hash 8a6662b9f9333b0cee6e9eae67545b87 3723d572593ff60b2d9336094143a1a8248f78e1 acbe14ce7809de10231b2ca48fa9aac386d099c38e9a31f98ba8d44ea2932a90 Loading...

	hentaila.tv/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-05-09	2024-05-09
Pretty URL hentaila.tv/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.76.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 09:54:31 Last Seen2024-05-09 09:54:32 Times Seen2 Hash dd909e0a5dcec6bc82b110c8c004f27a ff68a6fa0259e3fef36b118ea313e1b90f6cf011 a0d13e9b149df8ff65bc8a9b6acf46732bf3eb0f2a7ecec85dca6cf102dd900a Loading...

	unknown	3.3 kB	2024-05-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 09:54:31 Last Seen2024-05-09 09:54:31 Times Seen1 Hash b3d5f8d51856cfd346e322f85f2b58a7 b6288aceb6919383cc6eec29d82f1136af58cb23 dd4e97b39b9e5d15a766f2f3c73e76704190e90b32feaf4bc91f53903f126985 Loading...

	hentaila.tv/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	88 kB	2023-11-03	2024-05-20
Pretty URL hentaila.tv/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 104.21.76.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:43 Last Seen2024-05-20 06:25:20 Times Seen49275 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	hentaila.tv/wp-content/plugins/script-manager/assets/js/script-manager.js?ver=1.2.22	12 kB	2023-12-22	2024-05-09
Pretty URL hentaila.tv/wp-content/plugins/script-manager/assets/js/script-manager.js?ver=1.2.22 IP 104.21.76.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-22 02:48:22 Last Seen2024-05-09 09:54:32 Times Seen16 Hash 19638a41f95c62eb22c63e7459a8e397 8cd7a602607b5fa5ddcba8dcbce7b6d98dfe19aa c7272196124cb814ef2cc93563f180843b3a07f276d180811fcf666ef315890d Loading...

	hentaila.tv/wp-content/themes/vraven/assets/js/app2.js?ver=1.6.20	53 kB	2024-05-09	2024-05-09
Pretty URL hentaila.tv/wp-content/themes/vraven/assets/js/app2.js?ver=1.6.20 IP 104.21.76.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 09:54:31 Last Seen2024-05-09 09:54:32 Times Seen2 Hash f85b781263337e2e3565ac17088ad94b 9774c3a4e3465e77d4eee4c184f9e09e463ef91a a08796cbe2d5936fdd1fca155c3e198b025ef513852f80d63a60e0cb5d7b3ebf Loading...

		Size	First Seen	Last Seen
	#1 Write - cca81c7cd2c1ff2ec3e99a848b0c4a27	554 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 09:54:31 Last Seen2024-05-09 09:54:31 Times Seen1 Hash cca81c7cd2c1ff2ec3e99a848b0c4a27 b4ab583c6c13e850a0da249ffb9181e8c17cbcfd 465de1cc00bbaa2403bd09a25533caf0dbf8d3e7cf2e90b8fe5fd3731bc32434 Loading...

	#2 Write - 5d6575d50d8c9fde09332e718e144f7f	314 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 09:54:31 Last Seen2024-05-09 09:54:31 Times Seen1 Hash 5d6575d50d8c9fde09332e718e144f7f c49727bdb4cd01afeea13243f5baec24990d2827 952bfa988b4aafc09fd34055c0700a57debb86bbe87a75971224b38ab58773c0 Loading...

	#3 Write - d3cda7e880f684121e87e587aac29d92	570 B	2024-05-09	2024-05-09
Pretty Observations First Seen2024-05-09 09:54:31 Last Seen2024-05-09 09:54:31 Times Seen1 Hash d3cda7e880f684121e87e587aac29d92 44b3e780a3d1b7a1619bee6529904c0f8d05d6b8 60251e9e8fa505a73bb520366ba7a05a069d9c8f612e20d84238cc1451ca622f Loading...

HTTP Transactions (76)

URL IP Response Size

hentaila.tv/wp-content/uploads/2021/01/Hentaila-tv.png

104.21.76.63

200 OK

5.9 kB

URL GET HTTP/3
hentaila.tv/wp-content/uploads/2021/01/Hentaila-tv.png
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
PNG image data, 267 x 65, 8-bit/color RGBA, non-interlaced
Size
5.9 kB (5916 bytes)
Hash
3bbb51e7a65b390ba8d46e647a82e890
a0eefd19077844748fee7668c6923eb9d276b5a7
a130e3907211ae38e0567ec8e1adaf402ea825366effc5d583f0af3b4085f62a

HTTP Headers

GET /wp-content/uploads/2021/01/Hentaila-tv.png HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: image/png
content-length: 5916
last-modified: Thu, 14 Jan 2021 01:07:34 GMT
etag: "5fff9956-171c"
expires: Thu, 30 May 2024 17:30:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 743007
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CKqaCzHFmBUcNdhJP1tPV4ZfUT2xAqznTCg%2Bu%2FTKjZ7%2BSPc6Ob%2FhahyykA3ZxB7Q8KgIjKEJDI%2BfbVZBSCE4RZ5ld5%2FEOnItTJlvjsbBYrh3JwY%2FMBBcR4Rkg1ykfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e7fbc7f712f-OSL
alt-svc: h3=":443"; ma=86400

hentaila.tv/wp-content/uploads/2023/07/Discord-1.png

104.21.76.63

200 OK

62 kB

URL GET HTTP/3
hentaila.tv/wp-content/uploads/2023/07/Discord-1.png
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
PNG image data, 514 x 156, 8-bit/color RGBA, non-interlaced
Size
62 kB (62351 bytes)
Hash
f415e10ef13f3762ee9c5adcc3dfdb8b
496bf1f2e3b1b578c3ae76498367775b2cccc884
1ab521bc1038a6c64658d3ba6cab914ea34aa51296fdc1ce644d91ed2b0d0774

HTTP Headers

GET /wp-content/uploads/2023/07/Discord-1.png HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: image/png
content-length: 62351
last-modified: Wed, 26 Jul 2023 16:14:06 GMT
etag: "64c1464e-f38f"
expires: Thu, 30 May 2024 20:15:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 733133
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LcbpZhD7VGrewsPuOZKPK5cbZVPYMwIQx7qa936ZLthqJMY5%2B46BAt7ZBiHanM65rByy%2B6iAkvhuhVj25gyRxhAnlPiPsQiKpnT3vYUdVd3c6lxvW84i4bRK0P%2FK3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e7fbc81712f-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css?ver=6.4.4

104.17.25.14

200 OK

10 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css?ver=6.4.4
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (59158)
Size
10 kB (10482 bytes)
Hash
74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

HTTP Headers

GET /ajax/libs/font-awesome/5.15.3/css/all.min.css?ver=6.4.4 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: text/css; charset=utf-8
content-length: 10482
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6599bda5-28f2"
last-modified: Sat, 06 Jan 2024 21:52:53 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 55061
expires: Tue, 29 Apr 2025 07:54:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRp%2FSp6YZL4wIKdTKFh7A6azj5XBgsBcfe%2F%2Br2GNQtXEVYNGufvdWpwVfjDAqfLBrtHTFHp0SqooYiXKSffXSxFBTK3OhdILIzvtyyLQIOJDnl89uaDO5%2FkocpwyWWCEKxuHKtD1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88101e7fdc6c56b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.hentaihaven.xxx/images/esphnt/v/c/s_warau-kangofu.jpg

104.26.8.94

200 OK

18 kB

URL GET HTTP/2
img.hentaihaven.xxx/images/esphnt/v/c/s_warau-kangofu.jpg
IP
104.26.8.94:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaihaven.xxx
FingerprintC0:47:BA:43:33:22:50:8D:F0:5A:79:F4:03:02:8A:AE:FE:88:0B:7F
ValidityThu, 04 Apr 2024 04:38:58 GMT - Wed, 03 Jul 2024 04:38:57 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 204x300, components 3
Size
18 kB (18269 bytes)
Hash
538d84e62a219c1f5724c927c09986cb
1b3a4ddfe765ba1e480c0c38aae5067bcba9b6d4
a1f70f2e0149aa334f108a7d1b3a50ddc5f5151c22810b1ccc424f2f36f39991

HTTP Headers

GET /images/esphnt/v/c/s_warau-kangofu.jpg HTTP/1.1
Host: img.hentaihaven.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: image/jpeg
content-length: 18269
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=19469
etag: "6525b5e0-4c0d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 10 Oct 2023 20:36:48 GMT
cf-cache-status: HIT
age: 339186
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UWwmI2EZ55D91zSQmzA0eda2JYLpe5ovaMtTwM73nL7AWqL1OqZ%2FIElMI80xqko7amoOL1e7DURksDYhTW30AM82enRw2DQl99w2r9FzxIYr3tX130rHjKp%2BSY55i58uyHWIilQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e80086356af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

78 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

HTTP Headers

GET /ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hentaila.tv
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 78196
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6599bdc3-13174"
last-modified: Sat, 06 Jan 2024 21:53:23 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 24289
expires: Tue, 29 Apr 2025 07:54:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEPPXJKS78QiLSKkr4vAfVes7VWHXabrghxJ2zmcRgyPr%2BfXybRD2QECk8%2Bi2fWajcXSCZHXIJiIfStmZ93zKrGlcWt6Bfvpgn7dDgBJftFpRQf9cqVzyig8QzWcMVygDj6%2BZzrr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88101e814fe40b31-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2

104.17.25.14

200 OK

13 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261
Size
13 kB (13276 bytes)
Hash
f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

HTTP Headers

GET /ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hentaila.tv
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13276
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6599bdc0-33dc"
last-modified: Sat, 06 Jan 2024 21:53:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 55710
expires: Tue, 29 Apr 2025 07:54:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bdb3J93RjHVhiIEniNEZ%2B9LABCEm69bFxY%2Bjkwr151SAqOCfIWoq%2F8KCjL2j1WpdSBPF9OFpKXZ%2FnyfMWL4kMeZJHcPSEOUowInBMe1QNHhpOGLPl%2FpCSRSseIkhy6xU6QpDLy89"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88101e814fe50b31-OSL
alt-svc: h3=":443"; ma=86400

img.hentaihaven.xxx/images/esphnt/v/c/s_newmanoid-cam-hentai-haven.jpg

104.26.8.94

200 OK

21 kB

URL GET HTTP/3
img.hentaihaven.xxx/images/esphnt/v/c/s_newmanoid-cam-hentai-haven.jpg
IP
104.26.8.94:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaihaven.xxx
FingerprintC0:47:BA:43:33:22:50:8D:F0:5A:79:F4:03:02:8A:AE:FE:88:0B:7F
ValidityThu, 04 Apr 2024 04:38:58 GMT - Wed, 03 Jul 2024 04:38:57 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 204x300, components 3
Size
21 kB (20955 bytes)
Hash
ab58b2fb2bb825d5d80599ccbf9d49d2
f2f8f0973241b2a7e9d3afc7bb9b4bfacbcff8a1
84372d124b953722a9f2a23b2bc79ccde84426f49469cbf54c8deb9f466d7035

HTTP Headers

GET /images/esphnt/v/c/s_newmanoid-cam-hentai-haven.jpg HTTP/1.1
Host: img.hentaihaven.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: image/jpeg
content-length: 20955
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=22460
etag: "6525b5e0-57bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 10 Oct 2023 20:36:48 GMT
cf-cache-status: HIT
age: 307897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NcmhZFet6C6HvshM2NdIRvsN5AAvHc8SU8VHgcaBtR0eEM46fKzC08dxHz%2FHN9Eq44c2aLxxQd1sGYxqReaL6SbU3MDefmjFjQKuMBmcw742WjqNfSbAKHbTk0Xi7tdj1AHMomM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e81ae8f5688-OSL
alt-svc: h3=":443"; ma=86400

img.hentaihaven.xxx/images/esphnt/v/c/s_overflow-hentai-haven-incest-harem.jpg

104.26.8.94

200 OK

14 kB

URL GET HTTP/3
img.hentaihaven.xxx/images/esphnt/v/c/s_overflow-hentai-haven-incest-harem.jpg
IP
104.26.8.94:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaihaven.xxx
FingerprintC0:47:BA:43:33:22:50:8D:F0:5A:79:F4:03:02:8A:AE:FE:88:0B:7F
ValidityThu, 04 Apr 2024 04:38:58 GMT - Wed, 03 Jul 2024 04:38:57 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 204x300, components 3
Size
14 kB (14022 bytes)
Hash
f629122195b35761fc5a9f7c3ac5edbe
599de71f46d51121bc7cf0cbe985704da38e008f
f1d3b70ec0be0c34c66c5d38513e11ba8013e6144bbd23d5f960e67dc91b47b8

HTTP Headers

GET /images/esphnt/v/c/s_overflow-hentai-haven-incest-harem.jpg HTTP/1.1
Host: img.hentaihaven.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: image/jpeg
content-length: 14022
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=14923
etag: "6525b5e0-3a4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 10 Oct 2023 20:36:48 GMT
cf-cache-status: HIT
age: 361430
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gLgPcazgYm2b1vwnQOc2SNhK4AOXrtn1P8Qr4xIZadOq%2Bfhyqy70q%2FWWSbBlE9OfaJaWpSKyXDz8i%2F7Iq5Mngi%2FCmm726oyLne0%2BzBHwRmBE8pP0nh0zmWkDaqZH1Yxeiyya1qY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e81ae955688-OSL
alt-svc: h3=":443"; ma=86400

hentaila.tv/wp-content/themes/vraven/assets/css/style2.css?ver=1.6.20

104.21.76.63

200 OK

31 kB

URL GET HTTP/3
hentaila.tv/wp-content/themes/vraven/assets/css/style2.css?ver=1.6.20
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
ASCII text, with very long lines (43866), with no line terminators
Size
31 kB (30909 bytes)
Hash
d75572afa4017acfd812c78dc781c5aa
706cf0dc32a3d8ef5957789828b0dfe639a5a96b
365edac4cb6cd02d64906df3b922071e33f24ad823fda365c239be722af53be1

HTTP Headers

GET /wp-content/themes/vraven/assets/css/style2.css?ver=1.6.20 HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=46163
etag: W/"65e1057a-b453"
expires: Thu, 30 May 2024 18:41:22 GMT
last-modified: Thu, 29 Feb 2024 22:30:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 738759
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LO09fV6o6uhXwuIMFyrnTwXNMv0K%2BhFpaZ%2BdTiRDZF%2FsLvJEg4Mddq49ABBfs30Ac0wsbl2%2BEEa1x%2FrY1WU9%2FhY6Y8uSqYKmJdcaEW%2B%2FbXRbTzlPx%2FbttQSNXXSgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e7fbc7c712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.hentaihaven.xxx/images/esphnt/v/c/s_alignment-you-you-futa-yaoi-hentai-anal-rape.jpg

104.26.8.94

200 OK

16 kB

URL GET HTTP/3
img.hentaihaven.xxx/images/esphnt/v/c/s_alignment-you-you-futa-yaoi-hentai-anal-rape.jpg
IP
104.26.8.94:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaihaven.xxx
FingerprintC0:47:BA:43:33:22:50:8D:F0:5A:79:F4:03:02:8A:AE:FE:88:0B:7F
ValidityThu, 04 Apr 2024 04:38:58 GMT - Wed, 03 Jul 2024 04:38:57 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 204x300, components 3
Size
16 kB (15571 bytes)
Hash
8695441a12bead0d898685846f2be0ea
476cf0193269bf7dcf89166cf354980a00ad05c3
9a8de8a0a1f3def1819b436ae2ce480e7554beb075be5602bd8c29c424267207

HTTP Headers

GET /images/esphnt/v/c/s_alignment-you-you-futa-yaoi-hentai-anal-rape.jpg HTTP/1.1
Host: img.hentaihaven.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: image/jpeg
content-length: 15571
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=16577
etag: "6525b5e0-40c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 10 Oct 2023 20:36:48 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpiM%2BdD%2F3coZetcSnTsWT0FJlvpFZpEbwRh7W0qNkBt6mjjhJgnjuhLcn5XZzWelaLgCcRCQorOyPZk6cXwNKza0Qo0jeJ761xjovzIe2RrPxKzdwNzcCdX6yz5VmKopmB0jhMI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e81ae8a5688-OSL
alt-svc: h3=":443"; ma=86400

hentaila.tv/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.76.63

302 Found

0 B

URL GET HTTP/3
hentaila.tv/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 09 May 2024 07:54:01 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJ3aCX7OSisIgYe1LdMlKkmDZRipwOkI8n17hNB%2BVLjx4i2pCRyZYfY%2BTOb0oxFN7PMAYy0Cpab9SejtHMmIhWhv4%2BsqC30UIF9TqFfH3Dzj9mBXxTmlRkR8wkvxow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e820f23712f-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-HLNJTN8DZ6

142.250.74.72

200 OK

95 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-HLNJTN8DZ6
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3034)
Size
95 kB (94806 bytes)
Hash
8a6662b9f9333b0cee6e9eae67545b87
3723d572593ff60b2d9336094143a1a8248f78e1
acbe14ce7809de10231b2ca48fa9aac386d099c38e9a31f98ba8d44ea2932a90

HTTP Headers

GET /gtag/js?id=G-HLNJTN8DZ6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 07:54:02 GMT
expires: Thu, 09 May 2024 07:54:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94806
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hentaila.tv/cdn-cgi/challenge-platform/h/g/jsd/r/88101e7dbb84b4f9

104.21.76.63

200 OK

0 B

URL POST HTTP/3
hentaila.tv/cdn-cgi/challenge-platform/h/g/jsd/r/88101e7dbb84b4f9
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/88101e7dbb84b4f9 HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12157
Origin: https://hentaila.tv
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=pRakM3TgzKfk53QD47hpsRBUK3pyyuyTidL1bMmu35s-1715241242-1.0.1.1-V_SrjXVpHSLqq5s_qkWWwK61zQBsg2_YVbEVYp0rOIy73JE4Vr35ksFWguFQhveIXZIJi8nJeJrbNCbXeTZ1vA; Path=/; Expires=Fri, 09-May-25 07:54:02 GMT; Domain=.hentaila.tv; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h7Q5%2Fsbgw6GaK1pdSI9u1PorMPggok2hf1ipla5glkIHAz2e3GQf59ntZcomEFtFflex86mV6heV48CQi6LLAqVPXVG%2Bu4%2Fl%2FgqbbCRo6rqzENjazH3OHO9%2Br7Hx4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e8388c8712f-OSL
alt-svc: h3=":443"; ma=86400

hentaila.tv/wp-content/uploads/2022/01/cropped-favicon-192x192.png

104.21.76.63

200 OK

15 kB

URL GET HTTP/3
hentaila.tv/wp-content/uploads/2022/01/cropped-favicon-192x192.png
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced
Size
15 kB (15278 bytes)
Hash
5e5a5e3d24cdd32c0a0a57bbdda829a5
4ea8dbfb4575630a614135fb732dd807e34013cc
54f1fdca2e59efb0369078597060502877e292d207168bb9a969b19419e10ee6

HTTP Headers

GET /wp-content/uploads/2022/01/cropped-favicon-192x192.png HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: image/png
content-length: 15278
last-modified: Tue, 04 Jan 2022 01:43:50 GMT
etag: "61d3a656-3bae"
expires: Thu, 30 May 2024 16:26:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 746835
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHxqrx6h%2F5M0bd2jPpZFWrp2AXMibWaM5drZ8iVLsQpWujb03ppJt054XH2th8IsCMSO%2FTCd0YslVPw7I2AQdvG6uyOrxCc7dN9K3YudphHbepfdYEMX%2FGx9rtrqZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e83a8f2712f-OSL
alt-svc: h3=":443"; ma=86400

himg.nl/images/es/warau-kangofu-2/s_poster.jpg

104.21.234.50

200 OK

10 kB

URL GET HTTP/2
himg.nl/images/es/warau-kangofu-2/s_poster.jpg
IP
104.21.234.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerLet's Encrypt
Subjecthimg.nl
FingerprintDE:7D:D0:39:3E:A4:28:97:9D:BD:A3:02:EB:29:E0:1C:96:D1:33:82
ValidityFri, 05 Apr 2024 13:04:08 GMT - Thu, 04 Jul 2024 13:04:07 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 308x175, components 3
Size
10 kB (10425 bytes)
Hash
027b1a7abc093fa45f5cf83bc368021e
d78f47aaf9d79757d6ae8affee7104eda23ed77c
d6a347e59b55f63223d2181b07bc35487df1a6f4272536bb820a8fe5d16f8474

HTTP Headers

GET /images/es/warau-kangofu-2/s_poster.jpg HTTP/1.1
Host: himg.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: image/jpeg
last-modified: Wed, 16 Feb 2022 23:54:36 GMT
vary: Accept-Encoding
etag: W/"620d8ebc-2263"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bnE3nXdU%2FGneaxKgpcirs0A6G1Of%2BvkAINyq%2B54hvn6lGeavYu%2Bko8nvnBGVv%2FC3sgfHpeUDT5%2B6%2FV40vJW88pURPKIimGoVjajRJ8SaGSt%2F8HRipKPa2zw3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e8238de527f-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hentaila.tv/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.76.63

302 Found

0 B

URL GET HTTP/3
hentaila.tv/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=pRakM3TgzKfk53QD47hpsRBUK3pyyuyTidL1bMmu35s-1715241242-1.0.1.1-V_SrjXVpHSLqq5s_qkWWwK61zQBsg2_YVbEVYp0rOIy73JE4Vr35ksFWguFQhveIXZIJi8nJeJrbNCbXeTZ1vA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 09 May 2024 07:54:02 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MX4N7d9k11zz3ZAwduaeH%2FgohmDeAZuUsdQUmjgb59wWxqZfG8q8nvGI2UU8Rd3WzxMWiawGe72VZkLIQtihNC68Kpxl7BRDQjpblYxjWrPpUFSG0iWOvtwJZnnmeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e840961712f-OSL
alt-svc: h3=":443"; ma=86400

himg.nl/images/es/warau-kangofu-1/s_poster.jpg

104.21.234.50

200 OK

12 kB

URL GET HTTP/2
himg.nl/images/es/warau-kangofu-1/s_poster.jpg
IP
104.21.234.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerLet's Encrypt
Subjecthimg.nl
FingerprintDE:7D:D0:39:3E:A4:28:97:9D:BD:A3:02:EB:29:E0:1C:96:D1:33:82
ValidityFri, 05 Apr 2024 13:04:08 GMT - Thu, 04 Jul 2024 13:04:07 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 308x175, components 3
Size
12 kB (11807 bytes)
Hash
bd70143cef84270e80dd2792c28452f9
b784f3c5db56aa01794091472a8a8e8d37b2269a
3938395c6ce8c8be3971c733cbce185215b942350cfaa77c335e72f3a34c5118

HTTP Headers

GET /images/es/warau-kangofu-1/s_poster.jpg HTTP/1.1
Host: himg.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: image/jpeg
last-modified: Wed, 16 Feb 2022 23:54:36 GMT
vary: Accept-Encoding
etag: W/"620d8ebc-22d2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5EyvpxkVsaHWgKIio1yzgeFYuvhuunbjqmJ3sqR2zRJ7WHodoZj8ba6AD6AKxdjojvM%2B6SKuBMugNbBwdymvarf5D8MerTjF%2F9vnEr3YW9uJJ7Q9kJKCK%2FX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e8238e9527f-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hentaila.tv/cdn-cgi/challenge-platform/h/g/jsd/r/88101e7dbb84b4f9

104.21.76.63

200 OK

0 B

URL POST HTTP/3
hentaila.tv/cdn-cgi/challenge-platform/h/g/jsd/r/88101e7dbb84b4f9
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/88101e7dbb84b4f9 HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12157
Origin: https://hentaila.tv
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Cookie: cf_clearance=pRakM3TgzKfk53QD47hpsRBUK3pyyuyTidL1bMmu35s-1715241242-1.0.1.1-V_SrjXVpHSLqq5s_qkWWwK61zQBsg2_YVbEVYp0rOIy73JE4Vr35ksFWguFQhveIXZIJi8nJeJrbNCbXeTZ1vA; _ga_HLNJTN8DZ6=GS1.1.1715241242.1.0.1715241242.0.0.0; _ga=GA1.1.1869079405.1715241242; manga_view_5508=ok
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=G8i5SOcRr8qsjmq_VSFNR2KuOe2e6sF8OF8LV_69YV8-1715241242-1.0.1.1-9xIrsQ4mRe0qICcy_i45T_UUqyPDVV51mr86OIgXOM5XpFI0EF7zzIRMjozkn6YNX2zODB42fU.2ch40bALuuw; Path=/; Expires=Fri, 09-May-25 07:54:02 GMT; Domain=.hentaila.tv; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x43oMlHQpC7MIkVJCcfU5ZBbJnqb5k%2FasAd4THKybwqVneYBYAKH4Pc6KDx5jjmJO2cqNh0cg5g0dnlbFydgSPA7BxDQjPffHHGAixBkPgnEGQflFWwyB8RlV3Tleg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e859b6f712f-OSL
alt-svc: h3=":443"; ma=86400

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

1.8 kB

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JSON text data
Size
1.8 kB (1810 bytes)
Hash
c4ac8a1b6127ea7ab025eaf6cc9ead13
d1707cb238f2564638fdb0ec8186d413ac25a0a3
3f84429fa643451e67a7a6c7e25d3f64839639604c589476f0e9024c02c7d364

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 376
Origin: https://hentaila.tv
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 May 2024 07:54:02 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://hentaila.tv
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22663c811a53cc38.243325731393030959%22%3B%7D; expires=Sat, 09-May-2026 07:54:02 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VOW0oEQQy8iheYpvLqTvbbbwXFA4yzMyjI/rgsK+Twdo+wrF00KZJKpRisE2xCPEAOpgdwBpVAUS5kmk/PL6mUH+vpPH9+zeV8SSMy16xMDMowE+PUGszwJEKawz1qOgs4uCZZSqKDTVQHK/1Oa/n2+rh/6uAU4MqGzsfVpO7QOa5jk/jos4qE+7IZuC0Q8q3J2h0pbAj/pcQfCvp0d8cN09AKqXAP0x9yb8/fP6cl806orXGtY9VuBqPea+7BSaojf64k9V1jidn0WF1DNpElwutKJrBfiS2twngBAAA=

95.211.229.248

200 OK

20 B

URL GET HTTP/1.1
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VOW0oEQQy8iheYpvLqTvbbbwXFA4yzMyjI/rgsK+Twdo+wrF00KZJKpRisE2xCPEAOpgdwBpVAUS5kmk/PL6mUH+vpPH9+zeV8SSMy16xMDMowE+PUGszwJEKawz1qOgs4uCZZSqKDTVQHK/1Oa/n2+rh/6uAU4MqGzsfVpO7QOa5jk/jos4qE+7IZuC0Q8q3J2h0pbAj/pcQfCvp0d8cN09AKqXAP0x9yb8/fP6cl806orXGtY9VuBqPea+7BSaojf64k9V1jidn0WF1DNpElwutKJrBfiS2twngBAAA=
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAA1VOW0oEQQy8iheYpvLqTvbbbwXFA4yzMyjI/rgsK+Twdo+wrF00KZJKpRisE2xCPEAOpgdwBpVAUS5kmk/PL6mUH+vpPH9+zeV8SSMy16xMDMowE+PUGszwJEKawz1qOgs4uCZZSqKDTVQHK/1Oa/n2+rh/6uAU4MqGzsfVpO7QOa5jk/jos4qE+7IZuC0Q8q3J2h0pbAj/pcQfCvp0d8cN09AKqXAP0x9yb8/fP6cl806orXGtY9VuBqPea+7BSaojf64k9V1jidn0WF1DNpElwutKJrBfiS2twngBAAA= HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaila.tv
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22663c811a53cc38.243325731393030959%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C4664014%7C96852230%7C201340%7C%7C110%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Chentaila.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1715241242%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C89aa5b265bdfde77375d4a76ef0bceb9%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 May 2024 07:54:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://hentaila.tv
Access-Control-Allow-Credentials: true
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s3t3d2y8.afcdn.net/images/close-icon-circle.png

185.76.9.16

200 OK

405 B

URL GET HTTP/2
s3t3d2y8.afcdn.net/images/close-icon-circle.png
IP
185.76.9.16:443
ASN
#60068 Datacamp Limited

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29
ValidityTue, 30 Apr 2024 07:42:02 GMT - Mon, 29 Jul 2024 07:42:01 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
405 B (405 bytes)
Hash
bc8bf5d1633e548e9a178bf29be30b7b
bd290b6eabd73d2c95db053620797503e9178484
94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb

HTTP Headers

GET /images/close-icon-circle.png HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: image/png
content-length: 405
last-modified: Tue, 25 Oct 2022 11:33:38 GMT
etag: "6357c992-195"
expires: Fri, 27 Oct 2023 07:10:07 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3hLCcAQ
x-77-nzt-ray: c0a4cc28db0c046a1a813c661a2e0c23
x-accel-expires: @1719731222
x-accel-date: 1688195222
x-cache: HIT
x-age: 27046020
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 27046020
accept-ranges: bytes
X-Firefox-Spdy: h2

a.magsrv.com/ad-provider.js

185.76.9.23

200 OK

42 kB

URL GET HTTP/2
a.magsrv.com/ad-provider.js
IP
185.76.9.23:443
ASN
#60068 Datacamp Limited

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
gzip compressed data, from Unix
Size
42 kB (42545 bytes)
Hash
abe02b006b714c87e15bee2e6e178e9c
34a0323cd5f5ce4ba02153e4c473e7db4a1f065c
9a2bac22515064c4eb60d69625fcc015ece98d32a3fa8dbb3d6036d1374b0f11

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"057432c37ba5cf65231392a9e07"
accept-ch: 
expires: Wed, 08 May 2024 11:46:25 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3CAMAAAwBuUwKCQH3BgAAAAwBnJIhHwH3zBoAAA
x-77-nzt-ray: af585630750c56d01a813c66589be70e
x-accel-expires: @1715251266
x-accel-date: 1715240466
x-77-cache: HIT
x-77-age: 776
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 776
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12QW0pEMRBEt+IGJvQz6Z5vvxUUF3DnPlCQ+XGQEWrxJlcG1BwCnaSqu4iQ2IH8QHlHenQ7kiC5JBWTwm54eHyCMV7X82V6e5/K5RPO7GGowkKMdFcXWE0RITATPCgiAyFKkhJgh4I64mo2qkKk1QOt4eX5ft88ICjRlak32keDK7ofdB12liUmU82IeXOSNpNybE3X3pbTh/BPVPqhaG/DkNu5cxhSZVPpgfoi7NfTx9d5Bn4JB75beSQfxf/nG9IlNpJj7Z9jaduiLa1W2taTSpxanduyLrJ8Az9nUI93AQAA

95.211.229.248

200 OK

20 B

URL GET HTTP/1.1
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12QW0pEMRBEt+IGJvQz6Z5vvxUUF3DnPlCQ+XGQEWrxJlcG1BwCnaSqu4iQ2IH8QHlHenQ7kiC5JBWTwm54eHyCMV7X82V6e5/K5RPO7GGowkKMdFcXWE0RITATPCgiAyFKkhJgh4I64mo2qkKk1QOt4eX5ft88ICjRlak32keDK7ofdB12liUmU82IeXOSNpNybE3X3pbTh/BPVPqhaG/DkNu5cxhSZVPpgfoi7NfTx9d5Bn4JB75beSQfxf/nG9IlNpJj7Z9jaduiLa1W2taTSpxanduyLrJ8Az9nUI93AQAA
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAA12QW0pEMRBEt+IGJvQz6Z5vvxUUF3DnPlCQ+XGQEWrxJlcG1BwCnaSqu4iQ2IH8QHlHenQ7kiC5JBWTwm54eHyCMV7X82V6e5/K5RPO7GGowkKMdFcXWE0RITATPCgiAyFKkhJgh4I64mo2qkKk1QOt4eX5ft88ICjRlak32keDK7ofdB12liUmU82IeXOSNpNybE3X3pbTh/BPVPqhaG/DkNu5cxhSZVPpgfoi7NfTx9d5Bn4JB75beSQfxf/nG9IlNpJj7Z9jaduiLa1W2taTSpxanduyLrJ8Az9nUI93AQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaila.tv
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22663c811a53cc38.243325731393030959%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C4664014%7C96852230%7C201340%7C%7C110%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Chentaila.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1715241242%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C89aa5b265bdfde77375d4a76ef0bceb9%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 May 2024 07:54:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://hentaila.tv
Access-Control-Allow-Credentials: true
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

u3y8v8u4.aucdn.net/library/438437/47807cccc79028a02cc8b0bda317bb77e88a6c20.mp4

185.76.9.16

206 Partial Content

536 kB

URL GET HTTP/2
u3y8v8u4.aucdn.net/library/438437/47807cccc79028a02cc8b0bda317bb77e88a6c20.mp4
IP
185.76.9.16:443
ASN
#60068 Datacamp Limited

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29
ValidityTue, 30 Apr 2024 07:42:02 GMT - Mon, 29 Jul 2024 07:42:01 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
536 kB (535731 bytes)
Hash
ea2c65fc5c9641c21c0c4ac4aa1cfa03
47807cccc79028a02cc8b0bda317bb77e88a6c20
825a42f422b9d1eda910a865e300d88820094ce7026e523c4d557906542f48c2

HTTP Headers

GET /library/438437/47807cccc79028a02cc8b0bda317bb77e88a6c20.mp4 HTTP/1.1
Host: u3y8v8u4.aucdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Thu, 09 May 2024 07:54:02 GMT
content-type: video/mp4
content-length: 535731
last-modified: Thu, 18 Apr 2024 08:16:18 GMT
etag: "6620d6d2-82cb3"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Fri, 18 Apr 2025 08:25:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJDQH37KcbAAwBuUwKEwH3KgAAAAgBJRPCMQGB
x-77-nzt-ray: c0a4cc286af9156a1a813c66cbf62123
x-accel-expires: @1744964740
x-77-cache: HIT
x-accel-date: 1713428782
x-77-age: 1812460
server: CDN77-Turbo
x-cache: HIT
x-age: 1812460
x-77-pop: stockholmSE
content-range: bytes 0-535730/535731
X-Firefox-Spdy: h2

go.xlivrdr.com/smartpop/519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&sourceId=5808896&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&p1=5808896&ax=0&trackOff=1

172.64.147.206

302 Found

0 B

URL GET HTTP/2
go.xlivrdr.com/smartpop/519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&sourceId=5808896&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&p1=5808896&ax=0&trackOff=1
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjectxlivrdr.com
FingerprintAC:DF:58:06:6C:2D:40:8B:0F:40:A9:A7:6E:EE:B5:46:5A:72:2D:2F
ValidityTue, 19 Mar 2024 13:19:22 GMT - Mon, 17 Jun 2024 13:19:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /smartpop/519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&sourceId=5808896&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&p1=5808896&ax=0&trackOff=1 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 09 May 2024 07:54:02 GMT
content-length: 0
location: https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: _var=732574.33200_MDdlMGJmZGE=; Path=/; Expires=Sat, 08 Jun 2024 07:54:02 GMT; HttpOnly; Secure; SameSite=None
__cflb=02DiuDFRFiBZBvMSLtqGxuZp8RQcjVh52i85aUid6KJdS; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:02 GMT; HttpOnly
server: cloudflare
cf-ray: 88101e865b501c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.xlivrdr.com/smartpop/73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&sourceId=4692220p1={campaign&p1=5808898&ax=0&kbLimit=1000

172.64.147.206

302 Found

0 B

URL GET HTTP/2
go.xlivrdr.com/smartpop/73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&sourceId=4692220p1={campaign&p1=5808898&ax=0&kbLimit=1000
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjectxlivrdr.com
FingerprintAC:DF:58:06:6C:2D:40:8B:0F:40:A9:A7:6E:EE:B5:46:5A:72:2D:2F
ValidityTue, 19 Mar 2024 13:19:22 GMT - Mon, 17 Jun 2024 13:19:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /smartpop/73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&sourceId=4692220p1={campaign&p1=5808898&ax=0&kbLimit=1000 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 09 May 2024 07:54:02 GMT
content-length: 0
location: https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: _var=2063057.33202_YzRmMzYxZTI=; Path=/; Expires=Sat, 08 Jun 2024 07:54:02 GMT; HttpOnly; Secure; SameSite=None
__cflb=02DiuDFRFiBZBvMSLtqFVfs5Aboo4dwjpwGLWUAV7Jb5E; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:02 GMT; HttpOnly
server: cloudflare
cf-ray: 88101e865b531c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tsyndicate.com/api/v1/retargeting/set/0a1ebf4e-f1a4-4146-916d-6962c02eca57

168.119.1.208

200 OK

43 B

URL GET HTTP/2
tsyndicate.com/api/v1/retargeting/set/0a1ebf4e-f1a4-4146-916d-6962c02eca57
IP
168.119.1.208:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://neverstoprotation.com/iframe/5ebd27f8848b1?iframe&ag_custom_domain=hentaila.tv
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintF5:9F:1F:89:8F:08:CD:46:43:4B:55:0A:42:66:52:21:16:57:43:31
ValidityFri, 12 Apr 2024 09:06:37 GMT - Thu, 11 Jul 2024 09:06:36 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ba036c43037cfe89320d1ef7b64cd43f
88c72d3e26047eb1e45e5564a76427734f120efe
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

HTTP Headers

GET /api/v1/retargeting/set/0a1ebf4e-f1a4-4146-916d-6962c02eca57 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://neverstoprotation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 07:54:02 GMT
content-type: image/gif
content-length: 43
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 83d046429e6100e5
set-cookie: ts_rt_0a1ebf4e-f1a4-4146-916d-6962c02eca57=AAMC; expires=Fri, 09 May 2025 07:54:02 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

runative-syndicate.com/api/v1/retargeting/set/a56bbc85-b77d-4219-bfc4-e832384180bb

136.243.46.156

200 OK

43 B

URL GET HTTP/2
runative-syndicate.com/api/v1/retargeting/set/a56bbc85-b77d-4219-bfc4-e832384180bb
IP
136.243.46.156:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://neverstoprotation.com/iframe/5ebd27f8848b1?iframe&ag_custom_domain=hentaila.tv
Certificate
IssuerLet's Encrypt
Subjectrunative-syndicate.com
Fingerprint7B:74:FE:3F:C1:1F:C3:21:65:A5:F5:CD:DD:1C:93:A5:3E:85:F0:A0
ValidityTue, 30 Apr 2024 23:06:33 GMT - Mon, 29 Jul 2024 23:06:32 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ba036c43037cfe89320d1ef7b64cd43f
88c72d3e26047eb1e45e5564a76427734f120efe
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

HTTP Headers

GET /api/v1/retargeting/set/a56bbc85-b77d-4219-bfc4-e832384180bb HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://neverstoprotation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 07:54:02 GMT
content-type: image/gif
content-length: 43
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: d838a306c16010ea
set-cookie: ts_rt_a56bbc85-b77d-4219-bfc4-e832384180bb=AAMC; expires=Fri, 09 May 2025 07:54:02 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=231cd49a7855e5ab09961d63fb71270a509dc35327a759c7694c3f89594943d0

139.45.195.8

200 OK

43 B

URL GET HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=231cd49a7855e5ab09961d63fb71270a509dc35327a759c7694c3f89594943d0
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://neverstoprotation.com/iframe/5ebd27f8848b1?iframe&ag_custom_domain=hentaila.tv
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=231cd49a7855e5ab09961d63fb71270a509dc35327a759c7694c3f89594943d0 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 07:54:03 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=08805787e8ca4d6aeea317ef5894e978; expires=Fri, 09 May 2025 07:54:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1

172.64.147.206

200 OK

779 B

URL GET HTTP/2
creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
HTML document, ASCII text
Size
779 B (779 bytes)
Hash
6740d76d8d67aff3297528374c523a25
1dd33342178ef1cb776bcbfffbd034f6d3619567
fdb07bb149bf33b0ad337c7c1020cdc710297131921cfe19faa31fdfe1dd8804

HTTP Headers

GET /widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1 HTTP/1.1
Host: creative.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentaila.tv/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: text/html
last-modified: Mon, 29 Apr 2024 08:13:29 GMT
expires: Thu, 09 May 2024 07:53:59 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age":  1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
age: 3
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e87cf38b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

video.ktkjmp.com/adsbygoogle.js

104.18.53.225

200 OK

16 B

URL GET HTTP/2
video.ktkjmp.com/adsbygoogle.js
IP
104.18.53.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerCloudflare, Inc.
Subjectvideo.ktkjmp.com
Fingerprint02:C1:75:9D:DD:6A:66:20:9E:A3:46:1B:5E:A4:87:83:5A:09:92:93
ValiditySun, 02 Jul 2023 00:00:00 GMT - Mon, 01 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
16 B (16 bytes)
Hash
3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

HTTP Headers

GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: eOt3YX0Nm2YrsRFghHjY+ldPpZhMsRS8Tg9HXo+sQY2MfQ8piotah5MMqRgsIwcNTLmVbQ2iqoU=
x-amz-request-id: Y49M74J1R1NSP1TJ
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.mnaspm.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 1556
expires: Thu, 09 May 2024 11:54:03 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e8a2bce5693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

twistconcept.com/index.min.js?pk=0f6c6b0d2533be0a124411ed43310cc0

104.21.86.46

200 OK

374 B

URL GET HTTP/2
twistconcept.com/index.min.js?pk=0f6c6b0d2533be0a124411ed43310cc0
IP
104.21.86.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://neverstoprotation.com/iframe/5ebd27f8848b1?iframe&ag_custom_domain=hentaila.tv
Certificate
IssuerGoogle Trust Services LLC
Subjecttwistconcept.com
Fingerprint73:11:A2:75:AF:3F:76:30:B1:19:9F:59:CD:02:5E:98:3C:A1:12:6B
ValiditySat, 23 Mar 2024 03:02:17 GMT - Fri, 21 Jun 2024 03:02:16 GMT

File type
JavaScript source, ASCII text, with very long lines (652)
Size
374 B (374 bytes)
Hash
2058d53d084116ff3d36c8a630556710
8bcd226cf5ddb64be846ad645360638e82269097
6af3e3bd3016f5762e3dc3dbd8fc7bbf00f4ec9349bee71a23bbe5547dcffd1e

HTTP Headers

GET /index.min.js?pk=0f6c6b0d2533be0a124411ed43310cc0 HTTP/1.1
Host: twistconcept.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://neverstoprotation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 13:06:26 GMT
etag: W/"655f4e52-28d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWETz5oQo6kC6eehMDlhN1xr7Zpha1tbqc%2FIpGFjczLRPS%2FNyx0546iWGwyTNKsb0lQ6xQy7v5x2AkL%2FlKCZ4UBcaxdAYnllaoTU1iPOaNGX6YdPTo0iXS9leRJnHzZm2MII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e88290256ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

proftrafficcounter.com/px.gif?akey=0f6c6b0d2533be0a124411ed43310cc0

18.192.70.27

307 Temporary Redirect

0 B

URL GET HTTP/2
proftrafficcounter.com/px.gif?akey=0f6c6b0d2533be0a124411ed43310cc0
IP
18.192.70.27:443
ASN
#16509 AMAZON-02

Requested by
https://neverstoprotation.com/iframe/5ebd27f8848b1?iframe&ag_custom_domain=hentaila.tv
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px.gif?akey=0f6c6b0d2533be0a124411ed43310cc0 HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://neverstoprotation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Thu, 09 May 2024 07:54:03 GMT
content-type: image/gif
content-length: 0
location: https://experttrafficmonitor.com/dbs?uuid=3845e6d7-13e3-46a1-a75f-7294c8107692&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsiMTQ5IjoxNzE1MjQxMjQzfSwiYWNjbCI6eyIyMCwxIjoxNzE1MjQxMjQzfX0.bSYh183jGzdIiR6MUZbFElmqvJOCQ4UbMX7VbuoQ06E
server: nginx/1.21.6
set-cookie: uid_id2=3845e6d7-13e3-46a1-a75f-7294c8107692:3:1; expires=Sun, 07 May 2034 07:54:03 GMT; secure; SameSite=None
ak=149,1715241243; expires=Wed, 07 Aug 2024 07:54:03 GMT; secure; SameSite=None
acl=20,1,1715241243; expires=Wed, 07 Aug 2024 07:54:03 GMT; secure; SameSite=None
expires: Thu, 09 May 2024 07:54:03 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2

hentaila.tv/wp-content/plugins/player-logic/assets/js/player-logic.js?ver=1.5.6

104.21.76.63

200 OK

5.7 kB

URL GET HTTP/3
hentaila.tv/wp-content/plugins/player-logic/assets/js/player-logic.js?ver=1.5.6
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
JavaScript source, ASCII text, with very long lines (7462), with CRLF, LF line terminators
Size
5.7 kB (5671 bytes)
Hash
02ec85c18c41b45da4da47997c095549
e6dfa752ee0dd7f53aac2c58eb36a6405ed13788
06d706ac063bc185fab31372b83fc733c0c312ddd389efcfb2a655a67ecd54ec

HTTP Headers

GET /wp-content/plugins/player-logic/assets/js/player-logic.js?ver=1.5.6 HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=21302
etag: W/"65878266-5336"
expires: Thu, 30 May 2024 18:41:22 GMT
last-modified: Sun, 24 Dec 2023 00:59:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 738759
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9l6KUt8XDmf4HReWzzDL0fNeRDW4z75T9jMoRaXE3OaLZb6yzf9lTqcWGZvElCLUwShwP3DEB%2Fe8alHye7zUDhO4IndqZfIfwQ7KN8HU1UtXXR2EhN85RFoWimoOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e81def0712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.mnaspm.com/abc.gif?action=sbSignupWithModel&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sourceId=4692220p1%3D%7Bcampaign&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&thumbSizeKey=big&language=en&thumbFit=cover&stripcashR=0&thumbType=default&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=2&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fhentaila.tv%2F&i=0&ib=0&filtersMatch=0&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A601%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A445%2C%22duration%22%3A39%2C%22transferSize%22%3A82319%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A445%2C%22duration%22%3A26%2C%22transferSize%22%3A4646%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A742%2C%22duration%22%3A0%7D%5D&mh=-322006457

172.64.147.206

200 OK

103 B

URL GET HTTP/3
go.mnaspm.com/abc.gif?action=sbSignupWithModel&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sourceId=4692220p1%3D%7Bcampaign&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&thumbSizeKey=big&language=en&thumbFit=cover&stripcashR=0&thumbType=default&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=2&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fhentaila.tv%2F&i=0&ib=0&filtersMatch=0&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A601%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A445%2C%22duration%22%3A39%2C%22transferSize%22%3A82319%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A445%2C%22duration%22%3A26%2C%22transferSize%22%3A4646%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A742%2C%22duration%22%3A0%7D%5D&mh=-322006457
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
data
Size
103 B (103 bytes)
Hash
8c99886486b9a004383cb4df29011c43
d79ca4754481fc59598bc08fcdf354900918bffe
bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c

HTTP Headers

GET /abc.gif?action=sbSignupWithModel&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sourceId=4692220p1%3D%7Bcampaign&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&thumbSizeKey=big&language=en&thumbFit=cover&stripcashR=0&thumbType=default&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=2&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fhentaila.tv%2F&i=0&ib=0&filtersMatch=0&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A601%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A445%2C%22duration%22%3A39%2C%22transferSize%22%3A82319%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A445%2C%22duration%22%3A26%2C%22transferSize%22%3A4646%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A742%2C%22duration%22%3A0%7D%5D&mh=-322006457 HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/
Cookie: __cflb=0H28upDCGznfDm9XVD3VBZigQJNzkRqgQxQqrUyj1kQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: image/gif
content-length: 103
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 88101e8b8b611c06-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/ai/1715241191/118090280_webp

104.17.10.106

200 OK

12 kB

URL GET HTTP/2
img.strpst.com/ai/1715241191/118090280_webp
IP
104.17.10.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
Fingerprint15:3B:1E:F6:13:E2:CF:39:35:E5:C5:64:DA:91:8D:43:49:24:9E:A8
ValiditySun, 03 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (11838 bytes)
Hash
ec9999c36fa2aed209fe2e933e6ec93e
7acca0124c073555b702715e55e41c6d88d8f7e9
5b7f591c6f3a9c85b9349c24750b730a49f66a5889d098e5961b20c64e134eb6

HTTP Headers

GET /ai/1715241191/118090280_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: image/webp
content-length: 11838
etag: "ec9999c36fa2aed209fe2e933e6ec93e"
last-modified: Thu, 09 May 2024 07:53:11 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 21
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e8c3ee2b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.strpst.com/ai/1715241185/146900634_webp

104.17.10.106

200 OK

17 kB

URL GET HTTP/2
img.strpst.com/ai/1715241185/146900634_webp
IP
104.17.10.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
Fingerprint15:3B:1E:F6:13:E2:CF:39:35:E5:C5:64:DA:91:8D:43:49:24:9E:A8
ValiditySun, 03 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 648x360, Scaling: [none]x[none], YUV color, decoders should clamp
Size
17 kB (16666 bytes)
Hash
e82f8262bee51ed1d9fe28cbf80d1ae8
f70f92d70e479074761d0fab649c09241d30b202
a7828f1083599624d448ec687facbada3bee9b2453a722a31ddd27c7a9a6c145

HTTP Headers

GET /ai/1715241185/146900634_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: image/webp
content-length: 16666
etag: "e82f8262bee51ed1d9fe28cbf80d1ae8"
last-modified: Thu, 09 May 2024 07:53:06 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 16
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e8c3ee9b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.strpst.com/ai/1715241191/118090280_webp

104.17.10.106

200 OK

12 kB

URL GET HTTP/2
img.strpst.com/ai/1715241191/118090280_webp
IP
104.17.10.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
Fingerprint15:3B:1E:F6:13:E2:CF:39:35:E5:C5:64:DA:91:8D:43:49:24:9E:A8
ValiditySun, 03 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (11838 bytes)
Hash
ec9999c36fa2aed209fe2e933e6ec93e
7acca0124c073555b702715e55e41c6d88d8f7e9
5b7f591c6f3a9c85b9349c24750b730a49f66a5889d098e5961b20c64e134eb6

HTTP Headers

GET /ai/1715241191/118090280_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: image/webp
content-length: 11838
etag: "ec9999c36fa2aed209fe2e933e6ec93e"
last-modified: Thu, 09 May 2024 07:53:11 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 21
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e8c4ef8b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stripcash.com/checkUrl

104.18.55.140

200 OK

15 B

URL GET HTTP/2
stripcash.com/checkUrl
IP
104.18.55.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectstripcash.com
FingerprintA5:66:AE:99:F4:14:78:FD:30:4E:BE:D1:39:4E:AB:1C:B6:9A:39:9B
ValiditySun, 14 Apr 2024 00:39:00 GMT - Sat, 13 Jul 2024 00:38:59 GMT

File type
JSON text data
Size
15 B (15 bytes)
Hash
7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5

HTTP Headers

GET /checkUrl HTTP/1.1
Host: stripcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/json
content-length: 15
access-control-allow-origin: https://creative.mnaspm.com
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrsnD7QZBLqqpmg33FQZmse6Xgua; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:03 GMT; HttpOnly
server: cloudflare
cf-ray: 88101e8c6efab50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1

172.64.147.206

200 OK

1.9 kB

URL GET HTTP/2
creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
HTML document, ASCII text
Size
1.9 kB (1911 bytes)
Hash
6740d76d8d67aff3297528374c523a25
1dd33342178ef1cb776bcbfffbd034f6d3619567
fdb07bb149bf33b0ad337c7c1020cdc710297131921cfe19faa31fdfe1dd8804

HTTP Headers

GET /widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1 HTTP/1.1
Host: creative.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentaila.tv/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: text/html
last-modified: Mon, 29 Apr 2024 08:13:29 GMT
expires: Thu, 09 May 2024 07:53:59 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age":  1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
age: 3
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e87cf3bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.mnaspm.com/app/domain-checker/get-check

172.64.147.206

200 OK

172 B

URL POST HTTP/3
go.mnaspm.com/app/domain-checker/get-check
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
JSON text data
Size
172 B (172 bytes)
Hash
c4b7d16658ce3861c669019f081ddde7
91846e444ab801d87ae115610fd8d3230de61d14
6b75bd439cea9657a917ce6d78c1fc8f5cfad15314832ac9b331d98cb598c83d

HTTP Headers

POST /app/domain-checker/get-check HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVE9CKHVnP1Wapb1e3fsdCR4WWLk; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:03 GMT; HttpOnly
server: cloudflare
cf-ray: 88101e8b8b641c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.mnaspm.com/app/domain-checker/check-result

172.64.147.206

204 No Content

0 B

URL POST HTTP/3
go.mnaspm.com/app/domain-checker/check-result
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /app/domain-checker/check-result HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 238
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 09 May 2024 07:54:03 GMT
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrsbPA44EurybeS8wNo9K4xQaafE; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:03 GMT; HttpOnly
server: cloudflare
cf-ray: 88101e8d5cab1c06-OSL
alt-svc: h3=":443"; ma=86400

go.mnaspm.com/app/domain-checker/check-result

172.64.147.206

204 No Content

0 B

URL POST HTTP/3
go.mnaspm.com/app/domain-checker/check-result
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /app/domain-checker/check-result HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 238
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 09 May 2024 07:54:03 GMT
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtr4j9PoyecweyjPgwrJJsRNr7MYG; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:03 GMT; HttpOnly
server: cloudflare
cf-ray: 88101e8d5cb11c06-OSL
alt-svc: h3=":443"; ma=86400

ocsp.e2m02.amazontrust.com/

3.164.222.26

279 B

URL
ocsp.e2m02.amazontrust.com/
IP
3.164.222.26:0
ASN
#0

File type
data
Size
279 B (279 bytes)
Hash
5756a4d8555fb08e74cc69d4107dd840
12d8ee3b711153f97bffc20f7eed02e91dcb2838
bda42975ca7cb2f612f7421f6323ed8589d91df5334c8cad1315c0d6a571a959

HTTP Headers

POST / HTTP/1.1
Host: ocsp.e2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 279
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 09 May 2024 07:54:03 GMT
Last-Modified: Thu, 09 May 2024 06:40:47 GMT
Server: ECAcc (amb/6BD3)
X-Cache: Miss from cloudfront
Via: 1.1 88ba1d0c348c5f253432165d46a14a82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: nayxYukuc1nW6q0l5UUIHyI6JVAxJY2IqOoZRIfw46mU9zCoLFH0Pw==
Age: 4396

go.mnaspm.com/thumbs/view

172.64.147.206

200 OK

3.5 kB

URL POST HTTP/3
go.mnaspm.com/thumbs/view
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
JSON text data
Size
3.5 kB (3541 bytes)
Hash
fd1ba4c9464e3d24d1fa0da3d1f2ea9e
2b7dd96c65da18fcce3f4b486732c74a0f94af17
ba78cc7b74b8844df41ad157f83a2b5d164cb8c8740116664850cdda32eb6a92

HTTP Headers

POST /thumbs/view HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 84
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrs3cR5HVWEzYfypTNe93Pe2Uhit; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:03 GMT; HttpOnly
server: cloudflare
cf-ray: 88101e8d5caa1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hentaila.tv/wp-content/uploads/2022/01/cropped-favicon-32x32.png

104.21.76.63

200 OK

1.6 kB

URL GET HTTP/3
hentaila.tv/wp-content/uploads/2022/01/cropped-favicon-32x32.png
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
1.6 kB (1622 bytes)
Hash
361e0b242527cb767ec7e10397e8c063
206c99b52540e2dd386a17d6e557853a81bba310
5272d6d70dfc952874bc86b93ae8a0d5f8abe2994fbf7b0c828cfac505154279

HTTP Headers

GET /wp-content/uploads/2022/01/cropped-favicon-32x32.png HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: image/png
content-length: 1622
last-modified: Tue, 04 Jan 2022 01:43:50 GMT
etag: "61d3a656-656"
expires: Thu, 30 May 2024 21:17:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 729384
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnMDDSu2zZ7z2RadwVxPpipokh4XM77Wd6u3zujRkk9HpvcRyZfLYDQ8U8llHoudH7ukbbNwEJPb06ev2J9Z%2BdtAKD5PGFdUAfUm%2FxHxaGBdTiY7lqlL0sJqfYdXhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e83a8f3712f-OSL
alt-svc: h3=":443"; ma=86400

hentaila.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.76.63

200 OK

12 kB

URL GET HTTP/3
hentaila.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 09:31:53 GMT
etag: W/"663b4689-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjUNTzP8HrzIKiXqWWtM%2F2fkiApHBa1oaVzzw%2F76AdAKo8ATsInO%2BWkWPWCFjtlxzKxyCrXnms7wvVjaCsg4GgzO4L6%2FrgExuFJ68VLdEeb%2BgxLxEj9Y7zaHedosZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e7fcc8c712f-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 11 May 2024 07:54:01 GMT
cache-control: max-age=172800, public
content-encoding: gzip

s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11QW0oEMRC8iheYUP1K0vvtt4LiAYaZWRRkf1yWFfrwdkZc1BRJF5VKpxIG6wSb4HeQg+kBHE7FUZQLmcbD41Moxet2Os9v73M5X4JcmDhqLqBwMzEOrc5DJUJI75pypA+AaJCFBBJsojpYAcjYanPxWlmjtXh5vt8nJTgEuLIh+YgQLa9IjutoQ7z2WUW89+Vo4LZAqB+bbNme3IbxT2R8ozCs7t1xwzS8QiqcyXIgdnn++DwtEb+MA3Y7Our/3R/kA1RHCZgbzzAB2xGm+VN9W122RU1W9y8B7qRUfwEAAA==

95.211.229.246

200 OK

0 B

URL GET HTTP/1.1
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11QW0oEMRC8iheYUP1K0vvtt4LiAYaZWRRkf1yWFfrwdkZc1BRJF5VKpxIG6wSb4HeQg+kBHE7FUZQLmcbD41Moxet2Os9v73M5X4JcmDhqLqBwMzEOrc5DJUJI75pypA+AaJCFBBJsojpYAcjYanPxWlmjtXh5vt8nJTgEuLIh+YgQLa9IjutoQ7z2WUW89+Vo4LZAqB+bbNme3IbxT2R8ozCs7t1xwzS8QiqcyXIgdnn++DwtEb+MA3Y7Our/3R/kA1RHCZgbzzAB2xGm+VN9W122RU1W9y8B7qRUfwEAAA==
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAA11QW0oEMRC8iheYUP1K0vvtt4LiAYaZWRRkf1yWFfrwdkZc1BRJF5VKpxIG6wSb4HeQg+kBHE7FUZQLmcbD41Moxet2Os9v73M5X4JcmDhqLqBwMzEOrc5DJUJI75pypA+AaJCFBBJsojpYAcjYanPxWlmjtXh5vt8nJTgEuLIh+YgQLa9IjutoQ7z2WUW89+Vo4LZAqB+bbNme3IbxT2R8ozCs7t1xwzS8QiqcyXIgdnn++DwtEb+MA3Y7Our/3R/kA1RHCZgbzzAB2xGm+VN9W122RU1W9y8B7qRUfwEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaila.tv
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22663c811a53cc38.243325731393030959%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C4664014%7C96852230%7C201340%7C%7C110%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Chentaila.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1715241242%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C89aa5b265bdfde77375d4a76ef0bceb9%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 May 2024 07:54:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://hentaila.tv
Access-Control-Allow-Credentials: true
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

creative.mnaspm.com/widgets/v4/Universal/lang/en.json

172.64.147.206

200 OK

172 B

URL GET HTTP/3
creative.mnaspm.com/widgets/v4/Universal/lang/en.json
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
ASCII text, with no line terminators
Size
172 B (172 bytes)
Hash
402f4a06b5dcf96d25dd4ff1f840784b
edebb253af01ef1882f424ee6278368485898d62
bd570b38d9d687c593545a7b250570605c601381f3d3d5263346b295e12a55ba

HTTP Headers

GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/json
last-modified: Mon, 29 Apr 2024 08:13:29 GMT
etag: W/"662f56a9-ac"
expires: Thu, 09 May 2024 07:54:04 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 7
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e89d9d71c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hentaila.tv/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

104.21.76.63

200 OK

88 kB

URL GET HTTP/3
hentaila.tv/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Aug 2023 11:14:22 GMT
vary: Accept-Encoding
etag: W/"64ec818e-15601"
expires: Thu, 30 May 2024 16:26:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 746834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6UsgpOooEv%2B6JsbDgYT3EaiMQfAbcSGmI4mzT2IMPs1clNZcbRkDlumSJa%2Bpoc%2FJ%2FIAD7yya7t8gAZwR2LW%2BIbs0DbjdBFFbcHz9QATmFmH6765lZf3wRTk0Su4AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e81def5712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

creative.mnaspm.com/widgets/v4/Universal/main.4bdf944b186b14514dc3.js

172.64.147.206

200 OK

304 kB

URL GET HTTP/3
creative.mnaspm.com/widgets/v4/Universal/main.4bdf944b186b14514dc3.js
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type

Size
304 kB (303863 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /widgets/v4/Universal/main.4bdf944b186b14514dc3.js HTTP/1.1
Host: creative.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Apr 2024 08:14:47 GMT
etag: W/"662f56f7-4a2f7"
expires: Thu, 09 May 2024 07:53:54 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 9
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e8909301c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

experttrafficmonitor.com/dbs?uuid=3845e6d7-13e3-46a1-a75f-7294c8107692&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsiMTQ5IjoxNzE1MjQxMjQzfSwiYWNjbCI6eyIyMCwxIjoxNzE1MjQxMjQzfX0.bSYh183jGzdIiR6MUZbFElmqvJOCQ4UbMX7VbuoQ06E

18.192.70.27

200 OK

0 B

URL GET HTTP/2
experttrafficmonitor.com/dbs?uuid=3845e6d7-13e3-46a1-a75f-7294c8107692&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsiMTQ5IjoxNzE1MjQxMjQzfSwiYWNjbCI6eyIyMCwxIjoxNzE1MjQxMjQzfX0.bSYh183jGzdIiR6MUZbFElmqvJOCQ4UbMX7VbuoQ06E
IP
18.192.70.27:443
ASN
#16509 AMAZON-02

Requested by
https://neverstoprotation.com/iframe/5ebd27f8848b1?iframe&ag_custom_domain=hentaila.tv
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dbs?uuid=3845e6d7-13e3-46a1-a75f-7294c8107692&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsiMTQ5IjoxNzE1MjQxMjQzfSwiYWNjbCI6eyIyMCwxIjoxNzE1MjQxMjQzfX0.bSYh183jGzdIiR6MUZbFElmqvJOCQ4UbMX7VbuoQ06E HTTP/1.1
Host: experttrafficmonitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neverstoprotation.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: image/gif
content-length: 7
server: nginx/1.21.6
set-cookie: uid_id2=3845e6d7-13e3-46a1-a75f-7294c8107692:3:1; expires=Sun, 07 May 2034 07:54:03 GMT; secure; SameSite=None
ak=149,1715241243; expires=Wed, 07 Aug 2024 07:54:03 GMT; secure; SameSite=None
acl=20,1,1715241243; expires=Wed, 07 Aug 2024 07:54:03 GMT; secure; SameSite=None
expires: Thu, 09 May 2024 07:54:03 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2

hentaila.tv/wp-content/themes/vraven/assets/js/app2.js?ver=1.6.20

104.21.76.63

200 OK

53 kB

URL GET HTTP/3
hentaila.tv/wp-content/themes/vraven/assets/js/app2.js?ver=1.6.20
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
JavaScript source, ASCII text, with very long lines (32280), with CRLF, LF line terminators
Size
53 kB (53299 bytes)
Hash
f85b781263337e2e3565ac17088ad94b
9774c3a4e3465e77d4eee4c184f9e09e463ef91a
a08796cbe2d5936fdd1fca155c3e198b025ef513852f80d63a60e0cb5d7b3ebf

HTTP Headers

GET /wp-content/themes/vraven/assets/js/app2.js?ver=1.6.20 HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=59721
etag: W/"65e1057a-e949"
expires: Thu, 30 May 2024 17:30:35 GMT
last-modified: Thu, 29 Feb 2024 22:30:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 743006
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ReFUjeANLywUMwgSlzyRPLU1qpkghxQYQlRC4vqm4ccPPAB60EOHVCG%2Bc8b%2BIr3688TlU9JNaBQ%2FqDutG5J7viMjqD%2F4zfnBz2T4BlcfOapdrjIzmR2DtxLAbaTDVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e81bec7712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

creative.mnaspm.com/widgets/v4/Universal/lang/en.json

172.64.147.206

200 OK

172 B

URL GET HTTP/3
creative.mnaspm.com/widgets/v4/Universal/lang/en.json
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
ASCII text, with no line terminators
Size
172 B (172 bytes)
Hash
402f4a06b5dcf96d25dd4ff1f840784b
edebb253af01ef1882f424ee6278368485898d62
bd570b38d9d687c593545a7b250570605c601381f3d3d5263346b295e12a55ba

HTTP Headers

GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/json
last-modified: Mon, 29 Apr 2024 08:13:29 GMT
etag: W/"662f56a9-ac"
expires: Thu, 09 May 2024 07:54:04 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 7
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e89b9b01c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.mnaspm.com/api/models?landing=WidgetV4Universal&masterSmartpopId=1914&quality=240p&smartpopId=432&tag=girls&webp=1&forceClient=1&stripcashR=0&limit=1&usePreroll=0&sortBy=mlRank

172.64.147.206

200 OK

1.9 kB

URL GET HTTP/3
go.mnaspm.com/api/models?landing=WidgetV4Universal&masterSmartpopId=1914&quality=240p&smartpopId=432&tag=girls&webp=1&forceClient=1&stripcashR=0&limit=1&usePreroll=0&sortBy=mlRank
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2015), with no line terminators
Size
1.9 kB (1869 bytes)
Hash
88dfc03777fd3599716f477e03688df6
4921e10fd7dcf2b9c8a220b7f16996e58b02dd55
b6c8ed84d8f052e2b18bd42a45aad6916a23464b3af83cb60e38ff6db16bf73d

HTTP Headers

GET /api/models?landing=WidgetV4Universal&masterSmartpopId=1914&quality=240p&smartpopId=432&tag=girls&webp=1&forceClient=1&stripcashR=0&limit=1&usePreroll=0&sortBy=mlRank HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Thu, 09 May 2024 07:53:51 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuDFRFiBZBvMSLtqFVkgfjmU48Q4QEHZAEYvvQuaDz; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:03 GMT; HttpOnly
server: cloudflare
cf-ray: 88101e8aaa991c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hentaila.tv/ver/warau-kangofu/

104.21.76.63

200 OK

126 kB

URL User Request GET HTTP/2
hentaila.tv/ver/warau-kangofu/
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type

Size
126 kB (125957 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ver/warau-kangofu/ HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://hentaila.tv/wp-json/>; rel="https://api.w.org/", <https://hentaila.tv/wp-json/wp/v2/wp-manga/5508>; rel="alternate"; type="application/json", <https://hentaila.tv/?p=5508>; rel=shortlink
x-fastcgi-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wA4Z8i%2BttHo%2FGkmkvMt1aEQ7Cl5utAaoLlKhZKpz9GYFSaLkmP99Pr9uyKiSVk3BpUujab40%2FXdhFCz1rrL4T5IU2kDoOovDLnQmdsaAyPIMnrqyjYo82iB6glkRgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e7dbb84b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hentaila.tv/wp-includes/css/dist/block-library/style.min.css?ver=6.4.4

104.21.76.63

200 OK

110 kB

URL GET HTTP/3
hentaila.tv/wp-includes/css/dist/block-library/style.min.css?ver=6.4.4
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type

Size
110 kB (110147 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.4 HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: text/css
last-modified: Wed, 31 Jan 2024 00:43:22 GMT
vary: Accept-Encoding
etag: W/"65b997aa-1ae43"
expires: Thu, 30 May 2024 17:30:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 743007
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivh5lUtgfooaiRzORsPzcf3KFT66qKjWcWm41FeztIx4Gkfc5FlMKCjdXVJHzMaPQfIedTgmspwH%2BlPUM1LJP2fAJXJPsyyN4q49P36y9S8vAN3ZbyMcXRptiyc0qA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e7fbc74712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hentaila.tv/wp-admin/admin-ajax.php

104.21.76.63

200 OK

16 B

URL POST HTTP/3
hentaila.tv/wp-admin/admin-ajax.php
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
dac3510b7572d5d0a91c5cabcfffb808
8f3fde801270c1046ce441e8a9df9a01d5142102
4f32d280a95889bb861167e00c1b95a773707eb98dfe2cc1736bf8884a2259f5

HTTP Headers

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 43
Origin: https://hentaila.tv
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Cookie: cf_clearance=pRakM3TgzKfk53QD47hpsRBUK3pyyuyTidL1bMmu35s-1715241242-1.0.1.1-V_SrjXVpHSLqq5s_qkWWwK61zQBsg2_YVbEVYp0rOIy73JE4Vr35ksFWguFQhveIXZIJi8nJeJrbNCbXeTZ1vA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hentaila.tv
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlLBpn2F9eAIAi0PE0jADUDwNzpXDAntKtpW1wwu9qs6IdLkvPEKhwnX%2FoRcatGavULKH1WrbDYZ3kNjvlpIXWzbZ9Lvx9qh9rX5w7uuy5A4qks%2F8uDC9nDsUCEHbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e843997712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

creative.mnaspm.com/widgets/v4/Universal/main.4bdf944b186b14514dc3.js

172.64.147.206

200 OK

304 kB

URL GET HTTP/3
creative.mnaspm.com/widgets/v4/Universal/main.4bdf944b186b14514dc3.js
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type

Size
304 kB (303863 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /widgets/v4/Universal/main.4bdf944b186b14514dc3.js HTTP/1.1
Host: creative.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Apr 2024 08:14:47 GMT
etag: W/"662f56f7-4a2f7"
expires: Thu, 09 May 2024 07:53:54 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 9
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e8909311c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.mnaspm.com/config?url=https%3A%2F%2Fcreative.mnaspm.com%2Fwidgets%2Fv4%2FUniversal%3Faction%3DsbSignupWithModel%26ax%3D0%26campaignId%3D519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01%26campaignType%3Dsmartpop%26creativeId%3D9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95%26iterationId%3D867695%26masterSmartpopId%3D1914%26memberId%3DopddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-%26mlView%3D1%26p1%3D5808896%26quality%3D240p%26ruleId%3D17%26smartpopId%3D432%26sourceId%3D5808896%26tag%3Dgirls%26trackOff%3D1%26usePreroll%3D0%26userId%3D1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9%26variationId%3D33200%26webp%3D1

104.18.40.50

200 OK

6.1 kB

URL GET HTTP/2
go.mnaspm.com/config?url=https%3A%2F%2Fcreative.mnaspm.com%2Fwidgets%2Fv4%2FUniversal%3Faction%3DsbSignupWithModel%26ax%3D0%26campaignId%3D519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01%26campaignType%3Dsmartpop%26creativeId%3D9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95%26iterationId%3D867695%26masterSmartpopId%3D1914%26memberId%3DopddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-%26mlView%3D1%26p1%3D5808896%26quality%3D240p%26ruleId%3D17%26smartpopId%3D432%26sourceId%3D5808896%26tag%3Dgirls%26trackOff%3D1%26usePreroll%3D0%26userId%3D1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9%26variationId%3D33200%26webp%3D1
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
ASCII text, with very long lines (7996), with no line terminators
Size
6.1 kB (6085 bytes)
Hash
3987b221659b060c67ae6706b977d9e9
a57480f11f0ab792fb1fee1fb8c36e6691f1b539
e3f9414c31fb60d9b9ce91de83d7bf5a970e615e3b1ddcfc84afa785dbd14e9d

HTTP Headers

GET /config?url=https%3A%2F%2Fcreative.mnaspm.com%2Fwidgets%2Fv4%2FUniversal%3Faction%3DsbSignupWithModel%26ax%3D0%26campaignId%3D519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01%26campaignType%3Dsmartpop%26creativeId%3D9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95%26iterationId%3D867695%26masterSmartpopId%3D1914%26memberId%3DopddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-%26mlView%3D1%26p1%3D5808896%26quality%3D240p%26ruleId%3D17%26smartpopId%3D432%26sourceId%3D5808896%26tag%3Dgirls%26trackOff%3D1%26usePreroll%3D0%26userId%3D1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9%26variationId%3D33200%26webp%3D1 HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Thu, 09 May 2024 07:54:03 GMT
cf-cache-status: MISS
set-cookie: __cflb=02DiuDFRFiBZBvMSLtsgHAjogiG8Ahr7ZMuaBcLL7x5wa; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:03 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e89d8a65691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

video.saawsedge.com/checkUrl

143.204.55.42

200 OK

15 B

URL GET HTTP/2
video.saawsedge.com/checkUrl
IP
143.204.55.42:443
ASN
#16509 AMAZON-02

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
Certificate
IssuerAmazon
Subject*.saawsedge.com
Fingerprint24:17:7C:7B:0A:E1:C7:A7:B7:C8:6E:C7:4A:A3:19:0D:1C:18:0F:CE
ValidityMon, 05 Feb 2024 00:00:00 GMT - Wed, 05 Mar 2025 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
1d644ae7e24f3430d634f21c1d94a975
5752bf80588493a9914d4fddf9ed3b31857d90ac
c9df5a7f763aff50375511af681843ba40d4d6ce044521c440515f7e04a2bff7

HTTP Headers

GET /checkUrl HTTP/1.1
Host: video.saawsedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain
content-length: 15
date: Thu, 09 May 2024 07:37:32 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 88100657ae620e29-MXP
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: SSkuG2f2cviZTeHjZN_d7dlqr1B8PjWQ3rKhlzQ_yROoU2OzKJ8J0w==
age: 991
X-Firefox-Spdy: h2

hentaila.tv/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

104.21.76.63

200 OK

14 kB

URL GET HTTP/3
hentaila.tv/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 08 Jun 2023 23:49:24 GMT
vary: Accept-Encoding
etag: W/"64826904-3509"
expires: Thu, 30 May 2024 20:14:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 733152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6hQ7lP48hExTAOJl5a8t5lD7fsYH5ztLUOhG0Xa5WaKi3hpLc4rEqXV%2FEIdGitAT%2FlJl%2B97z0GQBN6qCALsKIfTkfpkYD4ydfDkTVQrH2lH1wtoIjmQWO9pA6M3QoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e81def3712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hentaila.tv/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

104.21.76.63

200 OK

7.9 kB

URL GET HTTP/3
hentaila.tv/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
JavaScript source, ASCII text, with very long lines (7872), with no line terminators
Size
7.9 kB (7872 bytes)
Hash
dd909e0a5dcec6bc82b110c8c004f27a
ff68a6fa0259e3fef36b118ea313e1b90f6cf011
a0d13e9b149df8ff65bc8a9b6acf46732bf3eb0f2a7ecec85dca6cf102dd900a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucfTOdjQypsLWbfQQylJ1aBwVkw6CHIs39zWxLDK1N6rsHEIbn7vK%2FvWN93%2BgTIIxDxTJf6CVzMGPUoxpxrPXEFJaMZHXW%2FrJbBD1gImc%2FXDVLR4xyL8onsChQal4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e822f5b712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

neverstoprotation.com/iframe/5ebd27f8848b1?iframe&ag_custom_domain=hentaila.tv

188.114.97.1

200 OK

1.9 kB

URL GET HTTP/2
neverstoprotation.com/iframe/5ebd27f8848b1?iframe&ag_custom_domain=hentaila.tv
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjectneverstoprotation.com
Fingerprint22:06:20:68:16:0A:5D:4C:CB:46:80:EB:FA:3D:17:B5:B4:D8:7B:90
ValidityFri, 05 Apr 2024 05:27:09 GMT - Thu, 04 Jul 2024 05:27:08 GMT

File type
HTML document, ASCII text, with very long lines (1950), with no line terminators
Size
1.9 kB (1893 bytes)
Hash
f6695497568db6f8c2c818f13347570f
17500a1767748055098510f4f8bf9457b7234085
e6e165770194c0ed6a26226cb72b8c8592bd2733e80da295a7229108cd2e3e66

HTTP Headers

GET /iframe/5ebd27f8848b1?iframe&ag_custom_domain=hentaila.tv HTTP/1.1
Host: neverstoprotation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: text/html
set-cookie: c_1e594af43a85011173c637c2fd615fc6=1; Expires=Fri, 10-May-24 07:54:02 GMT; Domain=neverstoprotation.com; Path=/; Secure; SameSite=None
z_c715ad7f519bf861752574aa0c54113b=1; Expires=Fri, 10-May-24 07:54:02 GMT; Domain=neverstoprotation.com; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTiELsno3RSd1cqSmBVojAfNME2WO3fPRzKCbEiCuPWqXjzdFOYbofDg9L4UTfrQ7Db1SleYcJteL4bFHJ6bGKY6kNy6WYsE8b02gNKTCAilhAXCCcx88orqldogJDAyE%2B9EsE5siww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e867ae3b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hentaila.tv/wp-content/plugins/player-logic/assets/css/player-logic.css?ver=1.5.6

104.21.76.63

200 OK

4.4 kB

URL GET HTTP/3
hentaila.tv/wp-content/plugins/player-logic/assets/css/player-logic.css?ver=1.5.6
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
ASCII text, with very long lines (4366), with no line terminators
Size
4.4 kB (4366 bytes)
Hash
fec34566611379c322fff0c2778473f7
d8568f86e2a5262076d94724b3eda71d60426058
768ff7784e15369a017f7e542894aea7e7aa1540059c963527a9aef5a1b9d8bb

HTTP Headers

GET /wp-content/plugins/player-logic/assets/css/player-logic.css?ver=1.5.6 HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=6911
etag: W/"65878266-1aff"
expires: Thu, 30 May 2024 17:30:34 GMT
last-modified: Sun, 24 Dec 2023 00:59:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 743007
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6GuYQdJUu6E%2FdgEu8WycP0E5KebG7Xtxrn27Jt1knQnEa9XfssUUdbrQoBUyzJ%2F35Y%2BdDWvJIuyKp8nnI%2Bd1MR%2FWw5ebarIjnX2fqi28L29FLbNa6gZDOLDcYxmOtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e7fbc75712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.magsrv.com/video-slider.js

185.76.9.23

200 OK

46 kB

URL GET HTTP/2
a.magsrv.com/video-slider.js
IP
185.76.9.23:443
ASN
#60068 Datacamp Limited

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (31701)
Size
46 kB (45757 bytes)
Hash
3f6b75fbd59723a6564e74a91ce3ddea
c59f2fe6bc1834557e544c2b787778597ee40e80
ea8030a37b36fb35f4055a90eedae594932e6caa9c037927aa9b861debf4e6aa

HTTP Headers

GET /video-slider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"c59f2fe6bc1834557e544c2b787"
accept-ch: 
expires: Wed, 08 May 2024 13:37:01 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3EAMAAAwBuUwKEwH3BwAAAAwBJRPCNAH34QAAAA
x-77-nzt-ray: af585630750c56d019813c66ac6bc838
x-accel-expires: @1715251257
x-accel-date: 1715240457
x-77-cache: HIT
x-77-age: 784
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 784
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

hentaila.tv/wp-content/plugins/script-manager/assets/js/script-manager.js?ver=1.2.22

104.21.76.63

200 OK

12 kB

URL GET HTTP/3
hentaila.tv/wp-content/plugins/script-manager/assets/js/script-manager.js?ver=1.2.22
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
C++ source, ASCII text, with very long lines (1718)
Size
12 kB (11929 bytes)
Hash
19638a41f95c62eb22c63e7459a8e397
8cd7a602607b5fa5ddcba8dcbce7b6d98dfe19aa
c7272196124cb814ef2cc93563f180843b3a07f276d180811fcf666ef315890d

HTTP Headers

GET /wp-content/plugins/script-manager/assets/js/script-manager.js?ver=1.2.22 HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/ver/warau-kangofu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=14148
etag: W/"65652e4c-3744"
expires: Thu, 30 May 2024 20:14:49 GMT
last-modified: Tue, 28 Nov 2023 00:03:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 733152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t90z6VLkxOtdeJpj1qCiidbC%2BFDqaUj7oTyvQ0Oq2A1WN8q7i8g02oy%2FjfTnKhrwu3YNLkvC%2BNKEZmrUCP5UqoGhaFvaTiVbd3eB%2B8y7OxJGajY0hWeizn7gfhLfHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e81deef712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s.magsrv.com/splash.php?idzone=4664014&cookieconsent=true

95.211.229.248

200 OK

6.2 kB

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=4664014&cookieconsent=true
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
XML document, ASCII text, with very long lines (6305), with no line terminators
Size
6.2 kB (6235 bytes)
Hash
7a6752e894e7ff11a88a8642364584bd
431f38a58a671573c07fb1c70a528bff4028143d
b44afb7a6a93e4ab54cc5cfbeb2cfab07a51f103857d332fbb571c0a5deda5fc

HTTP Headers

GET /splash.php?idzone=4664014&cookieconsent=true HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaila.tv
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 May 2024 07:54:02 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22663c811a4acdd7.612420122172663373%22%3B%7D; expires=Sat, 09 May 2026 07:54:02 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C4664014%7C96852230%7C201340%7C%7C110%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Chentaila.tv%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1715241242%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C89aa5b265bdfde77375d4a76ef0bceb9%7Cok%22%7D; expires=Wed, 07 Aug 2024 07:54:02 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://hentaila.tv
Access-Control-Allow-Credentials: true
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

hentaila.tv/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

104.21.76.63

200 OK

7.9 kB

URL GET HTTP/3
hentaila.tv/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
IP
104.21.76.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaila.tv
Fingerprint39:5D:9C:EA:6F:43:86:AD:5F:A1:71:A0:A2:1C:CA:2D:94:93:C7:EC
ValiditySat, 06 Apr 2024 01:34:17 GMT - Fri, 05 Jul 2024 01:34:16 GMT

File type
JavaScript source, ASCII text, with very long lines (7863), with no line terminators
Size
7.9 kB (7863 bytes)
Hash
6063b43a1e1a95e8e4452be8f3e9e6fb
d9a2bd34425c71cfa53266ec925f9549cbb6d48c
94290e07b11976425337be33bc46a7f394a74cc6176649667801eb0c2f327312

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/1.1
Host: hentaila.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=pRakM3TgzKfk53QD47hpsRBUK3pyyuyTidL1bMmu35s-1715241242-1.0.1.1-V_SrjXVpHSLqq5s_qkWWwK61zQBsg2_YVbEVYp0rOIy73JE4Vr35ksFWguFQhveIXZIJi8nJeJrbNCbXeTZ1vA; _ga_HLNJTN8DZ6=GS1.1.1715241242.1.0.1715241242.0.0.0; _ga=GA1.1.1869079405.1715241242; manga_view_5508=ok
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZLJNICX9a0hkOK%2FKYBg2x9vPC2Xgi%2FHLgvXRH2dLT3nzMllxMMOeHyaztOrxC13leY8ffObBLquEv8aQjixA0SCs%2FEy9fMIwmiC9FQom%2FlBsP3G4qiLIUojp0RFtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e84ba15712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

creative.mnaspm.com/widgets/v4/Universal/main.4bdf944b186b14514dc3.css

172.64.147.206

200 OK

13 kB

URL GET HTTP/3
creative.mnaspm.com/widgets/v4/Universal/main.4bdf944b186b14514dc3.css
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
ASCII text, with very long lines (13312), with no line terminators
Size
13 kB (13312 bytes)
Hash
aa0f936bb3d7beb37fa4fc125e1d410d
0a93bcc3f9c1024eae6ffad33d9375dca852e0c9
9ebf719550e36d6eab7dbe337bca3cdfbea70f4cf988819ea45e63ea48b90334

HTTP Headers

GET /widgets/v4/Universal/main.4bdf944b186b14514dc3.css HTTP/1.1
Host: creative.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2024 08:14:47 GMT
etag: W/"662f56f7-3400"
expires: Thu, 09 May 2024 07:54:04 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 4
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e88f92b1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.mnaspm.com/api/models?landing=WidgetV4Universal&masterSmartpopId=1605&quality=240p&smartpopId=3072&sortBy=mlRank&tag=girls&webp=1&forceClient=1&stripcashR=0&limit=2&usePreroll=0

172.64.147.206

200 OK

3.2 kB

URL GET HTTP/3
go.mnaspm.com/api/models?landing=WidgetV4Universal&masterSmartpopId=1605&quality=240p&smartpopId=3072&sortBy=mlRank&tag=girls&webp=1&forceClient=1&stripcashR=0&limit=2&usePreroll=0
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3482), with no line terminators
Size
3.2 kB (3234 bytes)
Hash
3f98ca5f9bcc77aa6c94226a5b415882
36c46c86fddaeba6c101026e4db46e614314e606
26b6c627af8442bf4165d050f956d3e488da5cc419769a1609fef342c48ac437

HTTP Headers

GET /api/models?landing=WidgetV4Universal&masterSmartpopId=1605&quality=240p&smartpopId=3072&sortBy=mlRank&tag=girls&webp=1&forceClient=1&stripcashR=0&limit=2&usePreroll=0 HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Thu, 09 May 2024 07:53:44 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=0H28upDCGznfDm9XVD3VBZigQJNzkRqgQxQqrUyj1kQ; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:03 GMT; HttpOnly
server: cloudflare
cf-ray: 88101e8adacd1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.mnaspm.com/event/ml

172.64.147.206

200 OK

47 B

URL POST HTTP/3
go.mnaspm.com/event/ml
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
ASCII text, with no line terminators
Size
47 B (47 bytes)
Hash
8f0fa399780c2cfe215942ac44c407ce
9669febd775c3d2e53d18253a58427706321d2e7
30f6d4582a73a634ec6cb36dbc7aafe1e1955633f7af3ebdf874f7a2ad152b3c

HTTP Headers

POST /event/ml HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 280
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtr4j9PoyecweyjPgwrJJsRNr7MYG; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:03 GMT; HttpOnly
server: cloudflare
cf-ray: 88101e8d5cac1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.hentaihaven.xxx/images/esphnt/v/c/s_bakunyuu-shimai.jpg

104.26.8.94

200 OK

21 kB

URL GET HTTP/3
img.hentaihaven.xxx/images/esphnt/v/c/s_bakunyuu-shimai.jpg
IP
104.26.8.94:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hentaila.tv/ver/warau-kangofu/
Certificate
IssuerGoogle Trust Services LLC
Subjecthentaihaven.xxx
FingerprintC0:47:BA:43:33:22:50:8D:F0:5A:79:F4:03:02:8A:AE:FE:88:0B:7F
ValidityThu, 04 Apr 2024 04:38:58 GMT - Wed, 03 Jul 2024 04:38:57 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 204x300, components 3
Size
21 kB (21126 bytes)
Hash
411ba8722d4c1e59a9cf44eb8505be20
e067ba00cd3655f5ad6c73f56f0636568661d030
33b8b5c320884d3cc132d14d754e9502d8997648b49d8edb588074ddbba1b041

HTTP Headers

GET /images/esphnt/v/c/s_bakunyuu-shimai.jpg HTTP/1.1
Host: img.hentaihaven.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaila.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:01 GMT
content-type: image/jpeg
content-length: 21126
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=22739
etag: "6525b5e0-58d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 10 Oct 2023 20:36:48 GMT
cf-cache-status: HIT
age: 41215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2BY4B0n%2FJ4IU7cc6snR3b64TQOlRIUroHONwJ2hGw3DdUToxGbKaGwGVkF1yP0Ou0srlhXEyBUbmUKUJ6icDWIV3KmtdS4pIbLc2kwtvnvTMTh0oBlBhQle0fTcBjnv3bc%2FJ03E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e81ae925688-OSL
alt-svc: h3=":443"; ma=86400

bigstoreminigames.space/bnr/4/f87/d3280b/f87d3280b9a5bbacba0f9d68ce0f3406.jpg

0.0.0.0

0 B

URL GET
bigstoreminigames.space/bnr/4/f87/d3280b/f87d3280b9a5bbacba0f9d68ce0f3406.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://neverstoprotation.com/iframe/5ebd27f8848b1?iframe&ag_custom_domain=hentaila.tv
Certificate
IssuerLet's Encrypt
Subjectbigstoreminigames.space
Fingerprint95:FE:47:6D:B5:53:60:39:97:F1:99:25:7C:50:80:7E:BD:62:59:8B
ValiditySat, 20 Apr 2024 16:24:19 GMT - Fri, 19 Jul 2024 16:24:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bnr/4/f87/d3280b/f87d3280b9a5bbacba0f9d68ce0f3406.jpg HTTP/1.1
Host: bigstoreminigames.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://neverstoprotation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:02 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 51513
last-modified: Wed, 08 May 2024 17:35:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cxcqHGmfTf7z4sH4vsC2VJpbHOp6bza21wYT2PgB1bEN1el1uy%2B3qpFPCxgIm8xSK88eas6RUucWTVWv69%2BpPgdk2ZpGC6IsztIarlSj4W0kRsr1r10XI2ASL62Je8ZOepJQmsy%2F%2FAiOlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88101e881ce25685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.mnaspm.com/config?url=https%3A%2F%2Fcreative.mnaspm.com%2Fwidgets%2Fv4%2FUniversal%3Faction%3DsbSignupWithModel%26ax%3D0%26campaignId%3D73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3%26campaignType%3Dsmartpop%26creativeId%3Da000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000%26iterationId%3D868084%26kbLimit%3D1000%26masterSmartpopId%3D1605%26memberId%3DopddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--%26mlView%3D1%26p1%3D5808898%26quality%3D240p%26ruleId%3D3%26smartpopId%3D3072%26sortBy%3DmlRank%26sourceId%3D4692220p1%253D%257Bcampaign%26tag%3Dgirls%26usePreroll%3D0%26userId%3D1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9%26variationId%3D33202%26webp%3D1

104.18.40.50

200 OK

6.1 kB

URL GET HTTP/2
go.mnaspm.com/config?url=https%3A%2F%2Fcreative.mnaspm.com%2Fwidgets%2Fv4%2FUniversal%3Faction%3DsbSignupWithModel%26ax%3D0%26campaignId%3D73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3%26campaignType%3Dsmartpop%26creativeId%3Da000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000%26iterationId%3D868084%26kbLimit%3D1000%26masterSmartpopId%3D1605%26memberId%3DopddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--%26mlView%3D1%26p1%3D5808898%26quality%3D240p%26ruleId%3D3%26smartpopId%3D3072%26sortBy%3DmlRank%26sourceId%3D4692220p1%253D%257Bcampaign%26tag%3Dgirls%26usePreroll%3D0%26userId%3D1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9%26variationId%3D33202%26webp%3D1
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3&campaignType=smartpop&creativeId=a000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000&iterationId=868084&kbLimit=1000&masterSmartpopId=1605&memberId=opddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--&mlView=1&p1=5808898&quality=240p&ruleId=3&smartpopId=3072&sortBy=mlRank&sourceId=4692220p1%3D%7Bcampaign&tag=girls&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33202&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
ASCII text, with very long lines (7996), with no line terminators
Size
6.1 kB (6085 bytes)
Hash
72e62f65d5f3b7a1e4dbf8c60a88fed4
ac12dd58437ac390b8acc0c00e322d3c5f375e67
037cc14df4362450326048e230e4f6fa1c4c8725e3a6e11f7521155d5ef9eef2

HTTP Headers

GET /config?url=https%3A%2F%2Fcreative.mnaspm.com%2Fwidgets%2Fv4%2FUniversal%3Faction%3DsbSignupWithModel%26ax%3D0%26campaignId%3D73000fb03f0408f156f57c5bb1d2c227a69b57f5b5d628392bd2eabd45e007b3%26campaignType%3Dsmartpop%26creativeId%3Da000348f48d6d4943856fe06420f1be401093fb232b9ed4dec80870eb0874000%26iterationId%3D868084%26kbLimit%3D1000%26masterSmartpopId%3D1605%26memberId%3DopddNHdLHTPHNVS4ASOprunnnldbPRLPdPa6V1EsqppZXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSuldK6ayaqemaemdznSuldK6V0rpXSuldK6V0vEs11G2e9MtGm_FMs2k9VvF001OdW9VLg.wA--%26mlView%3D1%26p1%3D5808898%26quality%3D240p%26ruleId%3D3%26smartpopId%3D3072%26sortBy%3DmlRank%26sourceId%3D4692220p1%253D%257Bcampaign%26tag%3Dgirls%26usePreroll%3D0%26userId%3D1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9%26variationId%3D33202%26webp%3D1 HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Thu, 09 May 2024 07:54:03 GMT
cf-cache-status: MISS
set-cookie: __cflb=02DiuDFRFiBZBvMSLtqFVfs5Aboo4dwjpx1A2fj8jaFZe; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:03 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 88101e89d8a05691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.mnaspm.com/event/ml

172.64.147.206

200 OK

47 B

URL POST HTTP/3
go.mnaspm.com/event/ml
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&ax=0&campaignId=519fe30cdea876d1b02b3e92894492ca6c8136dabaff4c3273c5dd7492202a01&campaignType=smartpop&creativeId=9f55185b24a423ec1b525b9abe384d10de03ad15e948694fc2d21d5c6998ab95&iterationId=867695&masterSmartpopId=1914&memberId=opddNHdLHTPHNVS4ASOprunnltdbPRLPdPW6V1Esqp6pXTTSupmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6afa3Omii623XiqWezWWia3iyjeimma6p0rutwGz7.zjMhznSuldK6V0rpXSupssnrrndK6ayaqemaemdznSuldK6V0rpXSuldK6V1t1Vm_EtPEstlPFe29dkuc81u9WmdPFNTg.w-&mlView=1&p1=5808896&quality=240p&ruleId=17&smartpopId=432&sourceId=5808896&tag=girls&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=33200&webp=1
Certificate
IssuerGoogle Trust Services LLC
Subjectmnaspm.com
Fingerprint41:FC:20:C5:2D:89:14:17:87:EB:2D:BA:2E:DE:61:87:1E:53:19:CE
ValiditySun, 14 Apr 2024 17:19:29 GMT - Sat, 13 Jul 2024 17:19:28 GMT

File type
ASCII text, with no line terminators
Size
47 B (47 bytes)
Hash
fc96ecff286e35cff8d8518c4a5a90ee
a116dbcb4a150e0a7d47fabd9022cdd0248c6908
e5b5f0986d0b6913d061c290cc161e5794a1866e89c7270d3f7fbfb3c08e534d

HTTP Headers

POST /event/ml HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 170
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 07:54:03 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVE9SipefN9YVHPomLrrGFC4sBD6; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 07:54:03 GMT; HttpOnly
server: cloudflare
cf-ray: 88101e8dace81c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations