Report - oiwaeuawoieuoiwaueoiwoiu.blogspot.com/2022/12/blog-post.html

Report Overview

Submitted URL
oiwaeuawoieuoiwaueoiwoiu.blogspot.com/2022/12/blog-post.html
IP
142.250.74.33
ASN
#15169 GOOGLE
Submitted
2022-12-03 19:12:36
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.gaming-adult.com	315167	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	637 B	938 B	18.194.134.212
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.8 kB	104.18.32.68
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	2.1 kB	142.250.74.106
eggs-content.kinkoid.com	668083	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	885 kB	94.75.250.120
oiwaeuawoieuoiwaueoiwoiu.blogspot.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	880 B	20 kB	142.250.74.33
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	42 kB	34.120.237.76
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.43.253.52
images.hh-content.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	860 B	8.2 kB	104.152.112.111
p.typekit.net	620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	338 B	23.33.119.26
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
www.hentaiheroes.com	373902	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.8 kB	1.0 MB	94.75.250.120
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	93.184.220.29
t.co	569	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	973 B	2.4 kB	104.244.42.5
commissionepochknuckle.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	3.9 kB	192.243.59.20
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	32 kB	142.250.74.42
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	993 B	52 kB	142.250.74.35
hh2.hh-content.com	490552	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.7 kB	183 kB	104.152.112.111
use.typekit.net	494	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	1.3 kB	95.101.11.120
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
eggs-ext.kinkoid.com	552669	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	555 B	275 B	94.75.250.120

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-03	medium	commissionepochknuckle.com	Sinkholed
2022-12-03	medium	commissionepochknuckle.com	Sinkholed

JavaScript (20)

	URL	Size	First Seen	Last Seen
	t.co/66LpecUWQk	125 B	2023-03-08	2023-03-08
Pretty URL t.co/66LpecUWQk IP 104.244.42.5 ASN #13414 TWITTER Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:29:23 Last Seen2023-03-08 15:29:23 Times Seen1 Hash 34c80ae990876c3fa2b4904117790eb9 4f9baaa19bbd779f889db295f9c53ab302b9b160 62101fb229078a582823c6d4f0baab79b6e2d22f4bd46385061b6a33daf6438c Loading...

	commissionepochknuckle.com/spchbtsy?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=15217392	2.1 kB	2023-03-07	2023-04-05
Pretty URL commissionepochknuckle.com/spchbtsy?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=15217392 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392	282 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen9 Hash eb8aff3709acb0f74ca084fc25705401 76b21aecb131f668c31b0b85c77573df22564daa db55d66890b6ffa5a5985df1397837bca74f22660470407b15ea5ef5b7db4219 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-18 04:09:01 Times Seen259518 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.hentaiheroes.com/js/chat.js?v=66997040	417 kB	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/js/chat.js?v=66997040 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:08 Times Seen1 Hash 8f73aff380e06800a6b1bfb18fd0ff79 89cb07ebbad970ae373187074a7f99fd10de26fe fa8159f6b107cec1ec5764868efcc2d0472b34e87ff5c6b6cb7f0e5fdbe515fa Loading...

	www.hentaiheroes.com/home.html	635 B	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/home.html IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:09 Times Seen1 Hash aa17fcec618137be7c38acd1eab3735f 04ce377fcb2bceaba484d9d6d498b5c33382d817 fe0603aa4cda50606aec66e21ef56283cb296ab7bfb7572ac471035418b75345 Loading...

	commissionepochknuckle.com/spchbtsy?key=31f0c7cd163cdd848223ea704ab7c9c6	357 B	2023-03-08	2023-03-08
Pretty URL commissionepochknuckle.com/spchbtsy?key=31f0c7cd163cdd848223ea704ab7c9c6 IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:29:23 Last Seen2023-03-08 15:32:52 Times Seen1 Hash ad5d2adbde4f0a6c59a9c6ca2182fe3b eab6b18f03aea93ccf1f2ee355795799a1b90464 52ae745e476fd7415deb9c734ce192af654ec9ee9817656775aeb0551909782c Loading...

	ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js	228 kB	2023-03-07	2024-04-18
Pretty URL ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:06 Last Seen2024-04-18 03:56:38 Times Seen1956 Hash fd255415839568e52a48da5de5af244c abd6f85a04584792d77e4791c441ff49e9e28c0d 9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1 Loading...

	www.hentaiheroes.com/home.html	191 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/home.html IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen9 Hash 40815edb83a0c9f9b97bcbe37cd10f34 851a1de353b1fa51ea13362a06efd0fd2bab9674 492149eb4a544a13a0616d36a6a6d5b479407ce6d66649dba5d3e9c79e848963 Loading...

	www.hentaiheroes.com/home.html	4.5 kB	2023-03-08	2023-03-08
Pretty URL www.hentaiheroes.com/home.html IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:29:23 Last Seen2023-03-08 15:29:23 Times Seen1 Hash c1e518c98a2e12e57613d189c8f20aff 385cd281da7fe848832361951425912420a3828d 1eb629675b4e6dd0e5eeaac1139611655acb451ae32dd847cd127a882bf3d845 Loading...

	www.hentaiheroes.com/js/screenfull.js?v=66997040	2.9 kB	2023-03-07	2024-02-05
Pretty URL www.hentaiheroes.com/js/screenfull.js?v=66997040 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:20 Last Seen2024-02-05 22:18:33 Times Seen112 Hash 67dbfe9b672c902f618ccb6440d6e8c4 5ee56f41df8abdd06f7fb5a668b95e9cb8076209 6f575774986ea35312c5d750b761fd82298bbfd8664f810d43e499d8c9bdb266 Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392	603 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen9 Hash 3557b9760f3d69a5bfadfae6511cc233 8324cc62723d39c36afc3a4fde6186d19cc7a6cb 72fcce08b7302a94277b130b6c0f996e95856edbdbce4471b4b180c995890f46 Loading...

	www.hentaiheroes.com/js/quest.js?v=66997040	31 kB	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/js/quest.js?v=66997040 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:08 Times Seen1 Hash 60a4e1bb597fd34403f3a295d4f0bcc8 3410f3fbb1618ab8424ce7287f6504bb12b9e437 4607f345ef63d7ac755f7644c837c93892f660be6b567cdda477c6f2c31553d1 Loading...

	www.hentaiheroes.com/js/guest.js?v=66997039	1.4 kB	2023-03-07	2023-07-04
Pretty URL www.hentaiheroes.com/js/guest.js?v=66997039 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:20 Last Seen2023-07-04 17:49:38 Times Seen61 Hash e0b082b77c7be4355a7049a6a7c5f353 d915737134d98b3a965cd5fa5cdaca6f65b5057c 9e09472f0d52ddb3a3d195366f5595855fd08ece7a60d3dfb5b38ea02363bfef Loading...

	oiwaeuawoieuoiwaueoiwoiu.blogspot.com/2022/12/blog-post.html	54 B	2023-03-08	2023-03-08
Pretty URL oiwaeuawoieuoiwaueoiwoiu.blogspot.com/2022/12/blog-post.html IP 142.250.74.33 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:29:23 Last Seen2023-03-08 15:29:23 Times Seen1 Hash 2e12a3ffc6a886fd79c7fa4b446e8ff7 b173b7cdd8daed2bef1b12a4552eb85d3dee7ff6 4a8dcaf460890d804f09fed0c9953a64a890be75187c8d4c7a0d4c678687e040 Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392	372 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen5 Hash 6a064ea2edd05fa1f76073af9c6bb531 a1ed97aa3e5a0eed66917059ef7e7946ab8684e5 fb4c198e5d9f593b38e0355209b01b862147319f2e1c2d9385839005f928d22e Loading...

	www.hentaiheroes.com/phoenix-tr_labels-en-1412.js	46 kB	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/phoenix-tr_labels-en-1412.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:09 Times Seen1 Hash d866bd1c4267da86998ee7ebf2eeff38 c71a8832bcc44534f10cf69d48589874352eb168 b67094600c0a827b4e4d00471d95536d444b1827e40120bc0417e544be1bbfa7 Loading...

	www.hentaiheroes.com/js/default.js?v=66997040	1.9 MB	2023-03-08	2023-03-08
Pretty URL www.hentaiheroes.com/js/default.js?v=66997040 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2023-03-08 20:18:52 Times Seen1 Hash 06aa6269676d6712c0ce292305e32cc3 1f25d48717e4f2cf468c2a1af30f0f9355352018 0d817d985269ea83cacdfdf4c7737c24deec8d4fabec6c0efa5382e94bae0728 Loading...

	eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate	14 kB	2023-03-08	2024-02-07
Pretty URL eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2024-02-07 05:38:08 Times Seen1 Hash 0e2ee7dcd3c08aadd1997cf6b73177e0 7162c2103f222b3973fe4e5b096f30cb5263a340 d8ca24273ef503416d51bedb22f7c6e3171912e082bb079f395fede04d41b337 Loading...

		Size	First Seen	Last Seen
	#1 Write - 120e61e6b4c2f5e8544b8c78d722a904	621 B	2023-03-07	2024-02-05
Pretty Observations First Seen2023-03-07 14:38:20 Last Seen2024-02-05 22:18:33 Times Seen59 Hash 120e61e6b4c2f5e8544b8c78d722a904 574db9117bb739ac8dfe7218b4b0d4aac79d2f16 af36037d076d94f2c9f53b219d848056bcef43f86667ae5e550f57c75bf61caa Loading...

HTTP Transactions (82)

URL IP Response Size

oiwaeuawoieuoiwaueoiwoiu.blogspot.com/2022/12/blog-post.html

142.250.74.33

301 Moved Permanently

201 B

URL HTTP/1.1
oiwaeuawoieuoiwaueoiwoiu.blogspot.com/2022/12/blog-post.html
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
201 B (201 bytes)
Hash
d92a540c858e0d0cf8fd40d147487b0f
6986aff46d1d0c7d3f0571513def71e5df921c3b
d4332cb8249cd480d4655e87967ce67a30256b3994f1e4459154a6adc371628e

HTTP Headers

GET /2022/12/blog-post.html HTTP/1.1
Host: oiwaeuawoieuoiwaueoiwoiu.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://oiwaeuawoieuoiwaueoiwoiu.blogspot.com/2022/12/blog-post.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 03 Dec 2022 19:12:24 GMT
Expires: Sat, 03 Dec 2022 19:12:24 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 201
Server: GSE

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4927
Expires: Sat, 03 Dec 2022 20:34:31 GMT
Date: Sat, 03 Dec 2022 19:12:24 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2424
Cache-Control: max-age=143952
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:12:24 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:11:36 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 18:18:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3248
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4986
Expires: Sat, 03 Dec 2022 20:35:30 GMT
Date: Sat, 03 Dec 2022 19:12:24 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: fAPOpt7XTFN4I0EZA2zb0ezkRPwYfRLdtYTqyELA/5bKuaQCEahzquDFwaJXu7L9B88Ai/3uU3aajUKqnzItFg==
x-amz-request-id: Z67327NH3TDFVPJ9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 18:46:40 GMT
age: 1544
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
82b76ca589dab1a017603e72a3b88a48
508aec57479a19c4074271246a27c6f0e311ee1e
809cde0622aec8a90e3c00512194696b02eb85d6c9536dbbe8557642d2149d95

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:12:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 19:12:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

oiwaeuawoieuoiwaueoiwoiu.blogspot.com/2022/12/blog-post.html

142.250.74.33

200 OK

18 kB

URL HTTP/2
oiwaeuawoieuoiwaueoiwoiu.blogspot.com/2022/12/blog-post.html
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6565)
Size
18 kB (18318 bytes)
Hash
dbc4ff1c031b1184a2d13bd726d4529a
746728a8683b49fcd2027f1cf3631dd9eaa736f5
13c05737cdc2d5df16bb0a1cd74157642eee1b8629b26ad7c6ec9ee7f19ddc80

HTTP Headers

GET /2022/12/blog-post.html HTTP/1.1
Host: oiwaeuawoieuoiwaueoiwoiu.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 03 Dec 2022 19:12:24 GMT
date: Sat, 03 Dec 2022 19:12:24 GMT
cache-control: private, max-age=0
last-modified: Sat, 03 Dec 2022 02:49:57 GMT
etag: W/"5656e5fc09303b16d8b2ae90939a0d5d1c5dbee9be6f31948347a05cd2408a8a"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 18318
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
82b76ca589dab1a017603e72a3b88a48
508aec57479a19c4074271246a27c6f0e311ee1e
809cde0622aec8a90e3c00512194696b02eb85d6c9536dbbe8557642d2149d95

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:12:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 19:11:18 GMT
cache-control: public,max-age=3600
age: 67
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
0aa4d9affe7a391bc9e050267c005f02
f5a68f47540ee51f03ed4a2082e02329eda55e9e
b8e5a8c3ea5944de508556599eef8ea20a65983e0f5ad2ac3ea142d002ab46a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6599
Cache-Control: max-age=153134
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:12:25 GMT
Etag: "638b3900-139"
Expires: Mon, 05 Dec 2022 13:44:39 GMT
Last-Modified: Sat, 03 Dec 2022 11:54:40 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2457
Cache-Control: max-age=138923
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:12:25 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:47:48 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

t.co/66LpecUWQk

104.244.42.5

200 OK

226 B

URL HTTP/2
t.co/66LpecUWQk
IP
104.244.42.5:0
ASN
#13414 TWITTER

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (395), with no line terminators
Size
226 B (226 bytes)
Hash
e7fa10a8a4fdb1d6fb444188e6410511
9f1ff986ed6f671265885a961636656f2646784a
fd849c2ab881802f87857d900723307552975a8e5f8db4756d32c4671e5797a2

HTTP Headers

GET /66LpecUWQk HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oiwaeuawoieuoiwaueoiwoiu.blogspot.com/
Cookie: muc=83e03787-a70c-4c6d-9e23-4bb99fd165b1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:25 GMT
perf: 7626143928
vary: Origin
server: tsa_o
expires: Sat, 03 Dec 2022 19:17:25 GMT
set-cookie: muc=83e03787-a70c-4c6d-9e23-4bb99fd165b1; Max-Age=34214400; Expires=Wed, 03 Jan 2024 19:12:25 GMT; Domain=t.co; Secure; SameSite=None
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 226
content-encoding: gzip
x-transaction-id: fa21a3976934cc1b
x-xss-protection: 0
strict-transport-security: max-age=0
x-response-time: 117
x-connection-hash: f43614d43980768ce8be50d3a5a9124df6effaf7d2b542f9ee08d7218d36313d
X-Firefox-Spdy: h2

t.co/favicon.ico

104.244.42.5

200 OK

1.2 kB

URL HTTP/2
t.co/favicon.ico
IP
104.244.42.5:0
ASN
#13414 TWITTER

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
630d203cdeba06df4c0e289c8c8094f6
eee14e8a36b0512c12ba26c0516b4553618dea36
bbce71345828a27c5572637dbe88a3dd1e065266066600c8a841985588bf2902

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.co/66LpecUWQk
Cookie: muc=83e03787-a70c-4c6d-9e23-4bb99fd165b1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:25 UTC
perf: 7626143928
server: tsa_o
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0
content-length: 1150
x-transaction-id: 14bb51a9b44f7363
strict-transport-security: max-age=0
x-response-time: 101
x-connection-hash: f43614d43980768ce8be50d3a5a9124df6effaf7d2b542f9ee08d7218d36313d
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.43.253.52

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.253.52:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9tuUCUi0XwNwMxgyPM2c6w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iHaloqNtB0r0K9I9vI6qevkiyhk=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26ad9c62b4cd73e9f25c99911047ed7d
e1859f5c89419541b663e126c3e355b75c839dc9
73826ede46b4d6f78bb3fabe52eb80bbbed741075e5fd9d367bb7caf4009fb7d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73826EDE46B4D6F78BB3FABE52EB80BBBED741075E5FD9D367BB7CAF4009FB7D"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 04 Dec 2022 01:12:26 GMT
Date: Sat, 03 Dec 2022 19:12:26 GMT
Connection: keep-alive

commissionepochknuckle.com/spchbtsy?key=31f0c7cd163cdd848223ea704ab7c9c6

192.243.59.20

200 OK

1.2 kB

URL HTTP/1.1
commissionepochknuckle.com/spchbtsy?key=31f0c7cd163cdd848223ea704ab7c9c6
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.2 kB (1223 bytes)
Hash
f3a011a171045453049e1bbc80802a76
ce9538283df7dd5d6728b391a7fbd02b6db1b5dd
4be0af14bb35f68ee046eb4850db0b9dce5d683cc3059fc6dfb8e344a0f9bafa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /spchbtsy?key=31f0c7cd163cdd848223ea704ab7c9c6 HTTP/1.1
Host: commissionepochknuckle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 03 Dec 2022 19:12:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15217392; expires=Sun, 04 Dec 2022 19:12:26 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIxNzM5MiwiayI6IjMxZjBjN2NkMTYzY2RkODQ4MjIzZWE3MDRhYjdjOWM2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMTE5MzEwLCJwaWQiOjE2MzM0NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoic3BjaGJ0c3kiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdC5jby8ifX0.s2z9BgDtLLum2Fhu8SgCFK8ElWeEY_TR_66XXiMrmnw; expires=Sat, 03 Dec 2022 19:13:26 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 045d0c69af8c4087d39373bfd125e1aa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5969
Expires: Sat, 03 Dec 2022 20:51:55 GMT
Date: Sat, 03 Dec 2022 19:12:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5969
Expires: Sat, 03 Dec 2022 20:51:55 GMT
Date: Sat, 03 Dec 2022 19:12:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5969
Expires: Sat, 03 Dec 2022 20:51:55 GMT
Date: Sat, 03 Dec 2022 19:12:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5969
Expires: Sat, 03 Dec 2022 20:51:55 GMT
Date: Sat, 03 Dec 2022 19:12:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5354 bytes)
Hash
1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 11:01:04 GMT
age: 29482
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9715 bytes)
Hash
45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 76880
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7657 bytes)
Hash
3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 76979
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 51018
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bd85z5A6C0nxpDjeSEPp1NHJxXFO5sy1OgTLz7KpdWz61TNrfyQ47Q==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:53:20 GMT
age: 55146
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 65702
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

commissionepochknuckle.com/spchbtsy?shu=b9456c4b738b6ee45d0fe3b4faa1bae7947ea3983f6090815e50d5dfacafa8de3702332d84aef36d1a792e950e7f432397533617ef7e3894df1aa8774cdefbb0e4fce82a773cdb3a2473ea897525c6cfafd58b84&pst=1670094806&rmtc=t&uuid=&pii=&in=false&key=31f0c7cd163cdd848223ea704ab7c9c6&refer=https%3A%2F%2Ft.co%2F

192.243.59.20

302 Found

0 B

URL HTTP/1.1
commissionepochknuckle.com/spchbtsy?shu=b9456c4b738b6ee45d0fe3b4faa1bae7947ea3983f6090815e50d5dfacafa8de3702332d84aef36d1a792e950e7f432397533617ef7e3894df1aa8774cdefbb0e4fce82a773cdb3a2473ea897525c6cfafd58b84&pst=1670094806&rmtc=t&uuid=&pii=&in=false&key=31f0c7cd163cdd848223ea704ab7c9c6&refer=https%3A%2F%2Ft.co%2F
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /spchbtsy?shu=b9456c4b738b6ee45d0fe3b4faa1bae7947ea3983f6090815e50d5dfacafa8de3702332d84aef36d1a792e950e7f432397533617ef7e3894df1aa8774cdefbb0e4fce82a773cdb3a2473ea897525c6cfafd58b84&pst=1670094806&rmtc=t&uuid=&pii=&in=false&key=31f0c7cd163cdd848223ea704ab7c9c6&refer=https%3A%2F%2Ft.co%2F HTTP/1.1
Host: commissionepochknuckle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://commissionepochknuckle.com/spchbtsy?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=15217392
Cookie: u_pl=15217392; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIxNzM5MiwiayI6IjMxZjBjN2NkMTYzY2RkODQ4MjIzZWE3MDRhYjdjOWM2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMTE5MzEwLCJwaWQiOjE2MzM0NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoic3BjaGJ0c3kiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdC5jby8ifX0.s2z9BgDtLLum2Fhu8SgCFK8ElWeEY_TR_66XXiMrmnw; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx/1.17.9
Date: Sat, 03 Dec 2022 19:12:26 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=15217392&country_code=NO&cost_cpa=6.000000&externalid=193ffdc80355cdc3221b2d8c52604802
Set-Cookie: pdhtkv=true; expires=Sun, 04 Dec 2022 19:12:26 GMT
uncs=1; expires=Sun, 04 Dec 2022 19:12:26 GMT
pdhtkv28=true; expires=Sun, 04 Dec 2022 19:12:26 GMT
uncs28=1; expires=Sun, 04 Dec 2022 19:12:26 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c030cabc0d0bb0c5adbd0883e79bd4d0
Strict-Transport-Security: max-age=0; includeSubdomains

www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=15217392&country_code=NO&cost_cpa=6.000000&externalid=193ffdc80355cdc3221b2d8c52604802

18.194.134.212

302 Found

0 B

URL HTTP/2
www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=15217392&country_code=NO&cost_cpa=6.000000&externalid=193ffdc80355cdc3221b2d8c52604802
IP
18.194.134.212:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=15217392&country_code=NO&cost_cpa=6.000000&externalid=193ffdc80355cdc3221b2d8c52604802 HTTP/1.1
Host: www.gaming-adult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://commissionepochknuckle.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sat, 03 Dec 2022 19:12:26 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392
pragma: no-cache
set-cookie: 7204697f-4e8d-41d7-be50-8876231cc9f1-v4=4Ek7poeBfWRhsuRX_-ZwzCdlbkI63Urxe2y1BkT1X_w; Max-Age=86400; Expires=Sun, 04-Dec-2022 19:12:26 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=EoufuMidweFCkOxW5VbSbJrt%2BKMd%2FwYuNU2ueeGm4brUp4%2B69zWIPPv5yFfoOM42L1Xg8GBUvm6ie2LyFfE%2BLloiTgO9b9lx%2FQJyt%2BsiCVq%2FYzePLagm49z0HgfDMce0oYT0oteGf%2BvnZT3EVuIWkw%3D%3D; Max-Age=31536000; Expires=Sun, 03-Dec-2023 19:12:26 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
98a41bbcebf8dbe1787a0edacd0bd2d4
648590f24e0f7dda45c99d24211a328266c546aa
8fd50190b554430bbdfe2fa671c8f15eb33ea7ca8fd3d1c7f25b7ceaa0e788cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 19:12:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 08:28:37 GMT
Expires: Fri, 09 Dec 2022 08:28:36 GMT
Etag: "648590f24e0f7dda45c99d24211a328266c546aa"
Cache-Control: max-age=479168,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773e9d2918fffac0-OSL

www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392

94.75.250.120

200 OK

2.2 kB

URL HTTP/2
www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
2.2 kB (2151 bytes)
Hash
145f7219b2ba7fa9d587f50247b77e66
12ca9710d442d2d9bbffa62e5cdb03241fbaa4cf
ba205d1c385038a2a67a6b268c661a50501ad3606a76f3f28a099527bef22e95

HTTP Headers

GET /?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://commissionepochknuckle.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: HH_SESS_13=n52mncjgurf3i1lodl6g410r0p; expires=Sun, 04-Dec-2022 03:12:27 GMT; Max-Age=28800; path=/; secure; SameSite=None
lang=en; expires=Sun, 03-Dec-2023 19:12:27 GMT; Max-Age=31536000; path=/; secure; SameSite=None
ref_id=1962391; expires=Sun, 03-Dec-2023 19:12:27 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc1=w4boj20r9imejrtkidfr0tgo; expires=Sun, 03-Dec-2023 19:12:27 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc2=Adsterra-David; expires=Sun, 03-Dec-2023 19:12:27 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc3=NO; expires=Sun, 03-Dec-2023 19:12:27 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc5=15217392; expires=Sun, 03-Dec-2023 19:12:27 GMT; Max-Age=31536000; path=/; secure; SameSite=None
source=96bfc843-3d0a-43e6-983d-914746b3a7f8; expires=Sun, 03-Dec-2023 19:12:27 GMT; Max-Age=31536000; path=/; secure; SameSite=None
campaign=693838; expires=Sun, 03-Dec-2023 19:12:27 GMT; Max-Age=31536000; path=/; secure; SameSite=None
HAPBK=web10|Y4ufn; path=/; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
content-length: 2151
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/screenfull.js?v=66997040

94.75.250.120

200 OK

935 B

URL HTTP/2
www.hentaiheroes.com/js/screenfull.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (2863), with no line terminators
Size
935 B (935 bytes)
Hash
4dfe9ff40759d6d7316a51d4c38e5f9e
e1e3d4777637e222b1200a6d6bc67135492f9dd0
5ba0c79e328a50335bcd5850178c1f0cb70cd5478e738950a925081d04c49c50

HTTP Headers

GET /js/screenfull.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392
Cookie: HH_SESS_13=n52mncjgurf3i1lodl6g410r0p; lang=en; ref_id=1962391; tc1=w4boj20r9imejrtkidfr0tgo; tc2=Adsterra-David; tc3=NO; tc5=15217392; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y4ufn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:08 GMT
etag: "b2f-5eed449036db1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 935
content-type: application/javascript
X-Firefox-Spdy: h2

www.hentaiheroes.com/css/chat.css?v=66997038

94.75.250.120

200 OK

15 kB

URL HTTP/2
www.hentaiheroes.com/css/chat.css?v=66997038
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
15 kB (14842 bytes)
Hash
36c678f83bdb35473b9ca7b60cffea3e
d6e1c0aa9490f6acb63c7ca263da98685833c103
8bd55f9d7cd0dbc923ec33bc23bb91ba660e28e1c2841ddaab0f214c3d570eb2

HTTP Headers

GET /css/chat.css?v=66997038 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392
Cookie: HH_SESS_13=n52mncjgurf3i1lodl6g410r0p; lang=en; ref_id=1962391; tc1=w4boj20r9imejrtkidfr0tgo; tc2=Adsterra-David; tc3=NO; tc5=15217392; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y4ufn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:47 GMT
etag: "1ed5a-5eed447bb2e9a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14842
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

142.250.74.42

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 11:24:15 GMT
expires: Tue, 28 Nov 2023 11:24:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 460092
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script

142.250.74.106

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1309 bytes)
Hash
d27ceee1de0b2975e8e84ee3ae848894
71df1e025eca715c99832744116356436edfe7e8
b3ab2673d573bcc688cd91e0d89802c2c410a06847f575a3f35249210d293e90

HTTP Headers

GET /css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 19:12:27 GMT
date: Sat, 03 Dec 2022 19:12:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.hentaiheroes.com/home.html

94.75.250.120

200 OK

4.4 kB

URL HTTP/2
www.hentaiheroes.com/home.html
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1409)
Size
4.4 kB (4379 bytes)
Hash
99dfd27fbf2ce7e3233a03674cbd0766
8a60167d0067c1c5cc436ca7f6216afc6fc4bf4a
c2f316fc0549ad00cd2b0f1c8f6bb96497cd0a2fa63bcfd218174a2c9a6e49d8

HTTP Headers

GET /home.html HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392
Cookie: HH_SESS_13=n52mncjgurf3i1lodl6g410r0p; lang=en; ref_id=1962391; tc1=w4boj20r9imejrtkidfr0tgo; tc2=Adsterra-David; tc3=NO; tc5=15217392; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y4ufn
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
content-length: 4379
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2

142.250.74.35

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 27984, version 1.0\012- data
Size
28 kB (27984 bytes)
Hash
9c01ef3c4862a40bf29bd780e7e88da4
54db29d9cf8092d9c50d477c5d9d9e199c944453
dc6d951120092f271275422fbff657a219671695d03bdd251761e05ee9e86589

HTTP Headers

GET /s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 00:07:21 GMT
expires: Sat, 02 Dec 2023 00:07:21 GMT
cache-control: public, max-age=31536000
age: 155106
last-modified: Thu, 21 Apr 2022 17:07:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/quest.js?v=66997040

94.75.250.120

200 OK

7.6 kB

URL HTTP/2
www.hentaiheroes.com/js/quest.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (31025), with no line terminators
Size
7.6 kB (7571 bytes)
Hash
d65d7a20c194bf8c9125428dd44b1576
7bff10651a28b670fc525d24ecff7dde31ca303b
2003ec1e3f70928e8364fa4da4e6a0fbe39f298c162538c653d8f99e241cbeec

HTTP Headers

GET /js/quest.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=n52mncjgurf3i1lodl6g410r0p; lang=en; ref_id=1962391; tc1=w4boj20r9imejrtkidfr0tgo; tc2=Adsterra-David; tc3=NO; tc5=15217392; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y4ufn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:05 GMT
etag: "7931-5eed448d20d19-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7571
content-type: application/javascript
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/guest.js?v=66997039

94.75.250.120

200 OK

529 B

URL HTTP/2
www.hentaiheroes.com/js/guest.js?v=66997039
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (1367), with no line terminators
Size
529 B (529 bytes)
Hash
7348e55be15dc16f98e50b2826ece833
4186367a3694585077625c655a9c503cdabbd545
ea3aab4a54f71ce834d19887b7b10988bb3ba09ed818f92b80ee64150bf59972

HTTP Headers

GET /js/guest.js?v=66997039 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=n52mncjgurf3i1lodl6g410r0p; lang=en; ref_id=1962391; tc1=w4boj20r9imejrtkidfr0tgo; tc2=Adsterra-David; tc3=NO; tc5=15217392; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y4ufn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:53 GMT
etag: "557-5eed4481d632f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 529
content-type: application/javascript
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f77f379ab403eb0f175d3abf51eacc1e
4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f
16e42cd2de65fb2e13c9bff46834ea94ec3038bfe3c958f8297676c920d4225d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 19:12:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 15:14:35 GMT
Expires: Thu, 08 Dec 2022 15:14:34 GMT
Etag: "4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f"
Cache-Control: max-age=417126,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773e9d2aba1bfac0-OSL

hh2.hh-content.com/clubs/ic_xCross.png

104.152.112.111

200 OK

1.3 kB

URL HTTP/2
hh2.hh-content.com/clubs/ic_xCross.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 82 x 74, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1264 bytes)
Hash
8ae89c096a2186b9ed393a2baa1e8886
53917bc9a063bc304440ec6ae17fb1c583c8f9c4
02c88820b0f0b1292dfc9a5ad88c8cbbfd7941a41ca69f00b769b41deb198be6

HTTP Headers

GET /clubs/ic_xCross.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/png
content-length: 1264
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6139-0-3676-h-0-0---;7619-25-38667----0-0-1
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f77f379ab403eb0f175d3abf51eacc1e
4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f
16e42cd2de65fb2e13c9bff46834ea94ec3038bfe3c958f8297676c920d4225d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 19:12:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 15:14:35 GMT
Expires: Thu, 08 Dec 2022 15:14:34 GMT
Etag: "4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f"
Cache-Control: max-age=417126,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773e9d2c0aeefac0-OSL

hh2.hh-content.com/pictures/design/mob_rotation.gif

104.152.112.111

200 OK

104 kB

URL HTTP/2
hh2.hh-content.com/pictures/design/mob_rotation.gif
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
GIF image data, version 89a, 500 x 443\012- data
Size
104 kB (104376 bytes)
Hash
56deb21462c0875468e3d21f85bb61f9
97cb9c682beb7c0f9c7396d47472c9e263e0677a
f849636c8b1d9a0fb7fde5dde56795c2428291e5e76a53ce4c53974e6c32afa8

HTTP Headers

GET /pictures/design/mob_rotation.gif HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/gif
content-length: 104376
last-modified: Fri, 12 Mar 2021 15:25:52 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43335-h-0-0---;7619-25-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/ic_loading_carrot.svg

104.152.112.111

200 OK

3.7 kB

URL HTTP/2
hh2.hh-content.com/ic_loading_carrot.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
3.7 kB (3743 bytes)
Hash
c7ea21734a64fecf0b2b8f54e582e036
2383ef4319d210f37b256cdd05a6e75de60091bc
bd50e89429493ff3043675f67cbbdeea7da18da0ef2a8e0de870eb39dac8dd25

HTTP Headers

GET /ic_loading_carrot.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/svg+xml
content-length: 3743
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-28233-h-0-0---;7619-25-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/quest/ic_eyeopen.svg

104.152.112.111

200 OK

1.1 kB

URL HTTP/2
hh2.hh-content.com/quest/ic_eyeopen.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1142 bytes)
Hash
d024138a612c10f6f1f53a59ee5e3dd2
eeaf38bfbcc7b8eb245647db978e61db286bcc30
54dc51810c4190a40a490c712bc60a7a2764e6213f8c1b7230836d83de5de996

HTTP Headers

GET /quest/ic_eyeopen.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/svg+xml
content-length: 1142
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7846-0-3619-h-0-0---;7619-25-38667----0-0-0
X-Firefox-Spdy: h2

images.hh-content.com/hentai/pictures/design/logo-apple-touch-icon.png

104.152.112.111

200 OK

4.0 kB

URL HTTP/2
images.hh-content.com/hentai/pictures/design/logo-apple-touch-icon.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Size
4.0 kB (4006 bytes)
Hash
4a10bda5a21000b2c5a222d78bcc279b
666fa6f947e14d6404c69058ee3f322d9afba40c
cb1fc8b83789ab447f0e774105cdc070ea28d30c0771497ed0cc1496c8dd5c08

HTTP Headers

GET /hentai/pictures/design/logo-apple-touch-icon.png HTTP/1.1
Host: images.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/png
content-length: 4006
last-modified: Thu, 17 Dec 2020 17:04:14 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: images.hh-content.com
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-7897-h-0-0---;7619-23-38667----0-0-1
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/design/ic_favicon_32px.png

104.152.112.111

200 OK

576 B

URL HTTP/2
hh2.hh-content.com/pictures/design/ic_favicon_32px.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
576 B (576 bytes)
Hash
f76e95aa42153a9047cd4b8bcca0be00
f67a235e807ec1d016d394d9d3790a95846e89fd
cd37f4f58b91e31ceb237b9470026a39bb96cf967b5886698bb2e38e65bf34e2

HTTP Headers

GET /pictures/design/ic_favicon_32px.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/png
content-length: 576
last-modified: Mon, 18 Jun 2018 08:55:04 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-7897-h-0-0---;7619-23-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/quest/ic_eyeclosed.svg

104.152.112.111

200 OK

1.4 kB

URL HTTP/2
hh2.hh-content.com/quest/ic_eyeclosed.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.4 kB (1424 bytes)
Hash
ee4ad4b4410fcc5898cab08a69780cd6
a8ed6e8ef5b181c240270cbcc7aa155405eb3003
1221af76045abbae2c6505da09d58cdee9ece408c45c084198f4b6646e60cb84

HTTP Headers

GET /quest/ic_eyeclosed.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/svg+xml
content-length: 1424
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-28234-h-0-0---;7619-23-38667----0-0-0
X-Firefox-Spdy: h2

images.hh-content.com/hentai/pictures/design/logo2.png

104.152.112.111

200 OK

3.4 kB

URL HTTP/2
images.hh-content.com/hentai/pictures/design/logo2.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 566 x 250, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3449 bytes)
Hash
bb30651d4829e8d4aa2d2fe1da64b9c9
1607a6cec035df2fc2779732d7505f4c9ecdb5a2
0a9d9b559f56759b74032fa25a5f422cb094864a26e93f7b366a0f0dc8675782

HTTP Headers

GET /hentai/pictures/design/logo2.png HTTP/1.1
Host: images.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/png
content-length: 3449
last-modified: Tue, 23 Mar 2021 12:09:15 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: images.hh-content.com
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4185-h-0-0---;7619-23-38667----0-0-0
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f77f379ab403eb0f175d3abf51eacc1e
4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f
16e42cd2de65fb2e13c9bff46834ea94ec3038bfe3c958f8297676c920d4225d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 19:12:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 15:14:35 GMT
Expires: Thu, 08 Dec 2022 15:14:34 GMT
Etag: "4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f"
Cache-Control: max-age=417126,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773e9d2bdbb90afe-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f77f379ab403eb0f175d3abf51eacc1e
4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f
16e42cd2de65fb2e13c9bff46834ea94ec3038bfe3c958f8297676c920d4225d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 19:12:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 15:14:35 GMT
Expires: Thu, 08 Dec 2022 15:14:34 GMT
Etag: "4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f"
Cache-Control: max-age=417126,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773e9d2bdfc2b51b-OSL

hh2.hh-content.com/design/ic_legal.svg

104.152.112.111

200 OK

2.3 kB

URL HTTP/2
hh2.hh-content.com/design/ic_legal.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.3 kB (2320 bytes)
Hash
e12db90b345490737b33530778cf44ee
e873e0209b1a08f5d87dd0534d6fd3311c9f766f
b8f586101e80adb692675c6b21adaad397a7ba1033d45d61d2f0189b78c6cb91

HTTP Headers

GET /design/ic_legal.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/svg+xml
content-length: 2320
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-7898-h-0-0---;7619-29-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_join.svg

104.152.112.111

200 OK

1.4 kB

URL HTTP/2
hh2.hh-content.com/design/ic_join.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (401), with CRLF line terminators
Size
1.4 kB (1411 bytes)
Hash
8ba97dba6572f93deebde7fe83bd5b69
f4cda4f98492c210aa990cf6063e8a79590ae011
f5557fa48f8dcff13b38b1b5055d04768470bc01be5a1a0971fd9293042b1b79

HTTP Headers

GET /design/ic_join.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/svg+xml
content-length: 1411
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43338-h-0-0---;7619-29-38667----0-0-0
X-Firefox-Spdy: h2

fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2

142.250.74.35

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22144, version 1.0\012- data
Size
22 kB (22144 bytes)
Hash
f3ad3b3081bb38a18628d88ddf39b8b6
befa33190a885871d06ebf259dc12d0d325fd74c
252063af6ade8b9a744cde4ddad0fc21ea53b8ba711eed121a0c2e8610ea9c93

HTTP Headers

GET /s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:44:16 GMT
expires: Sun, 03 Dec 2023 14:44:16 GMT
cache-control: public, max-age=31536000
age: 16091
last-modified: Tue, 26 Apr 2022 15:48:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_fullscreen.svg

104.152.112.111

200 OK

9.1 kB

URL HTTP/2
hh2.hh-content.com/design/ic_fullscreen.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
9.1 kB (9108 bytes)
Hash
0831c44a1a21d67c02ef25bc69e5b889
b160e53081718dfbde5d57fc71d3d09e7d263eac
ceb0ca832f16fdb1647cbf5d34d6c095dd6ad6b8b842dc2cf7317f15dcbe2f76

HTTP Headers

GET /design/ic_fullscreen.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/svg+xml
content-length: 9108
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4181-h-0-0---;7619-26-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/menu/sound_on.svg

104.152.112.111

200 OK

2.3 kB

URL HTTP/2
hh2.hh-content.com/design/menu/sound_on.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.3 kB (2269 bytes)
Hash
c89b911deef6444f334ee6bec8b70bae
8e9121d4a8eb7cac274a7cc6b9665531d908e604
7c114f2ad2ce1fb762d9a537d35c75de9901a6885e00a77aa1b9486dd8169c8f

HTTP Headers

GET /design/menu/sound_on.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/svg+xml
content-length: 2269
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43339-h-0-0---;7619-26-38667----0-0-1
X-Firefox-Spdy: h2

hh2.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png

104.152.112.111

200 OK

500 B

URL HTTP/2
hh2.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
500 B (500 bytes)
Hash
0be950aa354017dc58d2523c5d7bb687
d0fc1a220cdc3975fa92ac6f5f7b118048c54902
10bc9639649542c420fdec036e7aceedb3b16a0081c33fc97125c07b90f2b6b8

HTTP Headers

GET /design/quest_fullscreen/quest_exit_fullscreen.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/png
content-length: 500
last-modified: Fri, 23 Sep 2022 06:45:28 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4181-h-0-0---;7619-26-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/design/form/ic_XP.png

104.152.112.111

200 OK

4.4 kB

URL HTTP/2
hh2.hh-content.com/pictures/design/form/ic_XP.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
4.4 kB (4352 bytes)
Hash
5a8d57bde80c34a9a0f49ae67eeba882
e7112c1c1ba4b0013ae4089568ba14390a304bbf
645ef1f9c9ef97db46d9ff931b84312e6853df6c6a5e5406677b370d391aa8ad

HTTP Headers

GET /pictures/design/form/ic_XP.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/png
content-length: 4352
last-modified: Tue, 29 May 2018 11:40:00 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4181-h-0-0---;7619-26-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/design/ic_soft_currency.png

104.152.112.111

200 OK

4.8 kB

URL HTTP/2
hh2.hh-content.com/pictures/design/ic_soft_currency.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
4.8 kB (4783 bytes)
Hash
628032e842e346860ba4132a5b66fe93
d441605bb3c43621520525758d75b9c9bc99831a
1fbde569f6ce61dc1302f088318f2d1acdc24b85475e998bda540fc131c4f04a

HTTP Headers

GET /pictures/design/ic_soft_currency.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
content-type: image/png
content-length: 4783
last-modified: Wed, 13 Mar 2019 16:03:42 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4181-h-0-0---;7619-26-38667----0-0-0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56976d12ca61d96e82f4a5cb23943951
f81e4099eb34a04be24ffb19eb3209369c340002
ab83665fa1d994a4f7999a406a21a10c5c0fccc620aa6e33daa4c08c9c0dff0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB83665FA1D994A4F7999A406A21A10C5C0FCCC620AA6E33DAA4C08C9C0DFF0E"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4777
Expires: Sat, 03 Dec 2022 20:32:04 GMT
Date: Sat, 03 Dec 2022 19:12:27 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f77f379ab403eb0f175d3abf51eacc1e
4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f
16e42cd2de65fb2e13c9bff46834ea94ec3038bfe3c958f8297676c920d4225d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 19:12:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 15:14:35 GMT
Expires: Thu, 08 Dec 2022 15:14:34 GMT
Etag: "4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f"
Cache-Control: max-age=417126,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773e9d2bdfc3b51b-OSL

hh2.hh-content.com/design/ic_login.svg

104.152.112.111

200 OK

8.7 kB

URL HTTP/2
hh2.hh-content.com/design/ic_login.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
8.7 kB (8722 bytes)
Hash
5915a8ebac160e3953e4467dedec30b8
df20474ef16fc034e7c9bf27bb1bff222d106032
fec09101a2dbd6d4956c64c59f4898b448ec8dc884cbc01976ce6e6fa6eeb118

HTTP Headers

GET /design/ic_login.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:28 GMT
content-type: image/svg+xml
content-length: 8722
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4181-h-0-0---;7619-25-38667----0-0-0
X-Firefox-Spdy: h2

www.hentaiheroes.com/ajax.php

94.75.250.120

200 OK

16 B

URL HTTP/2
www.hentaiheroes.com/ajax.php
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

HTTP Headers

POST /ajax.php HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 60
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=n52mncjgurf3i1lodl6g410r0p; lang=en; ref_id=1962391; tc1=w4boj20r9imejrtkidfr0tgo; tc2=Adsterra-David; tc3=NO; tc5=15217392; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y4ufn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:28 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-length: 16
content-type: application/json; charset=utf-8
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/audio/bg_music_2.ogg

104.152.112.111

206 Partial Content

31 kB

URL HTTP/2
hh2.hh-content.com/pictures/audio/bg_music_2.ogg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
data
Size
31 kB (31368 bytes)
Hash
9f239050435104f4eb479ed551bc572e
6fb1f2be5cc8d1c7a37ad1817dc93352032aba7e
254539f96da4f49640a68355510591e55b42825ae910fe5b8f58961f93b7a416

HTTP Headers

GET /pictures/audio/bg_music_2.ogg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=1802240-
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Sat, 03 Dec 2022 19:12:28 GMT
content-type: audio/ogg
content-length: 31368
last-modified: Mon, 22 Feb 2021 09:58:57 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
content-range: bytes 1802240-1833607/1833608
x-cdn-diag: ams5-7846-0-3619-h-0-0---;7619-23-38667----0-0-0
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/show.svg

94.75.250.120

200 OK

510 B

URL HTTP/2
eggs-content.kinkoid.com/authentication/show.svg
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (510), with no line terminators
Size
510 B (510 bytes)
Hash
aae407daa4dba9e5d6b2ddf37a0f1b41
fa37c7736d6c33b9e62349cc65d0252bc715cb47
84bc80996a1db1c515d60d9fb037042d6220adc9b5be3bf279b06013fc9d6aa2

HTTP Headers

GET /authentication/show.svg HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Sat, 03 Dec 2022 19:12:28 GMT
content-type: image/svg+xml
content-length: 510
last-modified: Tue, 14 Jul 2020 06:31:15 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hentaiheroes.com/img/quests/1/1/1600x/p1a.jpg

94.75.250.120

200 OK

193 kB

URL HTTP/2
www.hentaiheroes.com/img/quests/1/1/1600x/p1a.jpg
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 177x177, segment length 16, baseline, precision 8, 1600x901, components 3\012- data
Size
193 kB (192758 bytes)
Hash
d00a1903e9c415f1c097542e6ab0c351
f69ae329a2a2ec5c5f42fa158bb054d574957b76
2a7edbb6fad5b083768732db4c83b406461cfcfedf1bdf1f26d0ba6d18a0e05a

HTTP Headers

GET /img/quests/1/1/1600x/p1a.jpg HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=n52mncjgurf3i1lodl6g410r0p; lang=en; ref_id=1962391; tc1=w4boj20r9imejrtkidfr0tgo; tc2=Adsterra-David; tc3=NO; tc5=15217392; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y4ufn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
server: Apache
cache-control: private, max-age=2629000, pre-check=2629000
pragma: private
expires: Sat, 31 Jan 70 11:16:40 +0100
strict-transport-security: max-age=31536000
content-type: image/jpg
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hentai/logo.png

94.75.250.120

200 OK

3.4 kB

URL HTTP/2
eggs-content.kinkoid.com/authentication/hentai/logo.png
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 270 x 123, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3379 bytes)
Hash
646617323d6d9e7cc959c516687af6d2
692b46ea8a5edbe527788e6b4e497363699cad5d
c95f6a0e76f202044aaf647ad9894d5822b322adf586f3b656c99aabcab6ee4e

HTTP Headers

GET /authentication/hentai/logo.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Sat, 03 Dec 2022 19:12:28 GMT
content-type: image/png
content-length: 3379
last-modified: Tue, 14 Jul 2020 06:31:34 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hentai/forgotten_password.png

94.75.250.120

200 OK

223 kB

URL HTTP/2
eggs-content.kinkoid.com/authentication/hentai/forgotten_password.png
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size
223 kB (222857 bytes)
Hash
8ca851d27cfc171809a2df1bcda0d298
4195c1ea0fe0be41c6611f7ac2d3ad04d0c0496f
cb7c3470a20fb0ca125356f550da9f2404aabcba21b595be4b0a147ff8dc542e

HTTP Headers

GET /authentication/hentai/forgotten_password.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Sat, 03 Dec 2022 19:12:28 GMT
content-type: image/png
content-length: 222857
last-modified: Tue, 14 Jul 2020 04:40:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

use.typekit.net/lfu1uah.css

95.101.11.120

200 OK

827 B

URL HTTP/2
use.typekit.net/lfu1uah.css
IP
95.101.11.120:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
827 B (827 bytes)
Hash
23cb3bd0e9baa58586be8877ed1fa4cf
4ba80bb386eced49c48a45d0f1760810178e4fbe
9170aa9c3289e5e5d09f40bc0941d772e3d4cde22e5f145eafdfa7b68118ad69

HTTP Headers

GET /lfu1uah.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 827
date: Sat, 03 Dec 2022 19:12:28 GMT
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/default.js?v=66997040

94.75.250.120

200 OK

820 kB

URL HTTP/2
www.hentaiheroes.com/js/default.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
820 kB (820139 bytes)
Hash
e83df31205fef6973f4a2a0d86cc5999
2d829713d3ff0c048487bdb4efa7484aa6b10b44
7e20f484e87b0a9e0548499b3e46b4d25aa99858a9068736a39ff7f2ee778243

HTTP Headers

GET /js/default.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=n52mncjgurf3i1lodl6g410r0p; lang=en; ref_id=1962391; tc1=w4boj20r9imejrtkidfr0tgo; tc2=Adsterra-David; tc3=NO; tc5=15217392; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y4ufn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:04 GMT
etag: "1ca4c8-5eed448b82c1c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hentai/register.png

94.75.250.120

200 OK

657 kB

URL HTTP/2
eggs-content.kinkoid.com/authentication/hentai/register.png
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size
657 kB (657088 bytes)
Hash
94e78471d96928c94b8a02a81744ac8d
eed3da5bce576f851fdc86811a9c02f68757ae87
9df1ddbf2d792fc3c08ab0313cb55f85d9206d897e0030d39f1ab5dcb2fa8fb6

HTTP Headers

GET /authentication/hentai/register.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Sat, 03 Dec 2022 19:12:28 GMT
content-type: image/png
content-length: 657088
last-modified: Tue, 14 Jul 2020 04:40:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css

23.33.119.26

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css
IP
23.33.119.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
date: Sat, 03 Dec 2022 19:12:28 GMT
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/chat.js?v=66997040

94.75.250.120

200 OK

0 B

URL HTTP/2
www.hentaiheroes.com/js/chat.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/chat.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=w4boj20r9imejrtkidfr0tgo&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=15217392
Cookie: HH_SESS_13=n52mncjgurf3i1lodl6g410r0p; lang=en; ref_id=1962391; tc1=w4boj20r9imejrtkidfr0tgo; tc2=Adsterra-David; tc3=NO; tc5=15217392; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y4ufn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:07 GMT
etag: "65b72-5eed448f28595-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

www.hentaiheroes.com/css/default.css?v=66997038

94.75.250.120

200 OK

0 B

URL HTTP/2
www.hentaiheroes.com/css/default.css?v=66997038
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/default.css?v=66997038 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=n52mncjgurf3i1lodl6g410r0p; lang=en; ref_id=1962391; tc1=w4boj20r9imejrtkidfr0tgo; tc2=Adsterra-David; tc3=NO; tc5=15217392; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y4ufn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:12:27 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:45 GMT
etag: "1a002d-5eed4479c4c5e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/audio/bg_music_2.ogg

104.152.112.111

206 Partial Content

0 B

URL HTTP/2
hh2.hh-content.com/pictures/audio/bg_music_2.ogg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pictures/audio/bg_music_2.ogg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Sat, 03 Dec 2022 19:12:28 GMT
content-type: audio/ogg
content-length: 1833608
last-modified: Mon, 22 Feb 2021 09:58:57 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
content-range: bytes 0-1833607/1833608
x-cdn-diag: ams5-7846-0-3619-h-0-0---;7619-25-38667----0-0-0
X-Firefox-Spdy: h2

eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate

94.75.250.120

200 OK

0 B

URL HTTP/2
eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /authentication/start_authentication?product_id=1&language=en&purpose=authenticate HTTP/1.1
Host: eggs-ext.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST, GET
access-control-max-age: 2592000
access-control-allow-headers: protocol
content-type: text/html; charset=utf-8
date: Sat, 03 Dec 2022 19:12:28 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations