r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16922
Expires: Sun, 06 Nov 2022 18:58:02 GMT
Date: Sun, 06 Nov 2022 14:16:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3076
Cache-Control: max-age=162379
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:00 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:22:19 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3083
Cache-Control: max-age=162386
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:00 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:22:26 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9548
Expires: Sun, 06 Nov 2022 16:55:08 GMT
Date: Sun, 06 Nov 2022 14:16:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8igobRsGN+FfwDCYeT2i33WTCfU0k9RlybjX97FA2ANhLPRgx5wQPOrQNOwALhTIhh8VkIZSRnc=
x-amz-request-id: PHBXFP1C9BMYX8E9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 13:47:39 GMT
age: 1701
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/
104.21.233.195301 Moved Permanently 162 B URL HTTP/1.1 hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/
IP 104.21.233.195:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ HTTP/1.1
Host: hentai-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 06 Nov 2022 14:16:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpPwrNhfem3KbqVvR3hYPpQrtGmpDkGFuJ4WSWGGwuZz9tECcPPjAGByoHTZhVMd5h2F4D9EtM2XCOXwOca5iirTh6NnWhf087Ncu%2BPrL2osul9RX0noIKZ1pdovKf2Tbg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 765e71ca185f7470-LHR
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5b0034d81c83dcb5f631c55834cace7e
c1da2df4938d56381bd1abf1c8f60b79e91bb322
6b60179e4cf239cf648662b21263e6569cc88310ea9b4840fc2c6db1a4ecdc9c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5995
Cache-Control: max-age=121343
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Etag: "6366e135-118"
Expires: Mon, 07 Nov 2022 23:58:24 GMT
Last-Modified: Sat, 05 Nov 2022 22:18:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4399
Cache-Control: max-age=158649
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 10:20:10 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5b0034d81c83dcb5f631c55834cace7e
c1da2df4938d56381bd1abf1c8f60b79e91bb322
6b60179e4cf239cf648662b21263e6569cc88310ea9b4840fc2c6db1a4ecdc9c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5995
Cache-Control: max-age=121343
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Etag: "6366e135-118"
Expires: Mon, 07 Nov 2022 23:58:24 GMT
Last-Modified: Sat, 05 Nov 2022 22:18:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M86Q28D
142.250.74.168200 OK 48 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M86Q28D
IP 142.250.74.168:0
File type ASCII text, with very long lines (3560)
Hash ec670be7dccf1fb80ee77245eecf69a4
d99e483c08ce76a3cfe3ceff7b4fb79b792c75da
164825c8409954b683f4935487f4b5dd63ae1ce719ecf795673485745d1ac9ba
GET /gtm.js?id=GTM-M86Q28D HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 14:16:01 GMT
expires: Sun, 06 Nov 2022 14:16:01 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48536
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-WK6ZNT
142.250.74.168200 OK 48 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WK6ZNT
IP 142.250.74.168:0
File type ASCII text, with very long lines (3060)
Hash bbddb5b493d66a94f320b10f52b133ba
b7ad985d0123fed47e330ab8e96ae4fde17a7b0e
a6cd3061a45617e8bb1321de75a2980ab15ed6ff9a47fd44df1595119266915d
GET /gtm.js?id=GTM-WK6ZNT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 14:16:01 GMT
expires: Sun, 06 Nov 2022 14:16:01 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Vn/vcmNHhyegVf7GIcYCdg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QcZD6JN+C3DENiTdYRLp9bTBjX0=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a78c7467c322e799f8513654eb5582b1
21306833405b7c7175d64802acc12876afe22317
4a760590021c35fd8dca03afe99c2ad37e6269881ddd09dbdb658cdf3c8bf76d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A760590021C35FD8DCA03AFE99C2AD37E6269881DDD09DBDB658CDF3C8BF76D"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8405
Expires: Sun, 06 Nov 2022 16:36:06 GMT
Date: Sun, 06 Nov 2022 14:16:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a78c7467c322e799f8513654eb5582b1
21306833405b7c7175d64802acc12876afe22317
4a760590021c35fd8dca03afe99c2ad37e6269881ddd09dbdb658cdf3c8bf76d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A760590021C35FD8DCA03AFE99C2AD37E6269881DDD09DBDB658CDF3C8BF76D"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8405
Expires: Sun, 06 Nov 2022 16:36:06 GMT
Date: Sun, 06 Nov 2022 14:16:01 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ccc5fc7881ae121dc64d4ab30839f884
186c3eda3d6b466b7ae72e32e65aa82579421ca3
9116e12bf9b747761061f6ac5f32d4564890485edd1a8e6e3bce3c99fde2cf6b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 20:27:02 GMT
Expires: Fri, 11 Nov 2022 20:27:01 GMT
Etag: "186c3eda3d6b466b7ae72e32e65aa82579421ca3"
Cache-Control: max-age=453659,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765e71d0ffaab50f-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ccc5fc7881ae121dc64d4ab30839f884
186c3eda3d6b466b7ae72e32e65aa82579421ca3
9116e12bf9b747761061f6ac5f32d4564890485edd1a8e6e3bce3c99fde2cf6b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 20:27:02 GMT
Expires: Fri, 11 Nov 2022 20:27:01 GMT
Etag: "186c3eda3d6b466b7ae72e32e65aa82579421ca3"
Cache-Control: max-age=453659,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765e71d19ba91c02-OSL
poweredby.jads.co/js/jads.js
185.94.236.247301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
poweredby.jads.co/js/jads2.js
185.94.236.247200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.247:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ccc5fc7881ae121dc64d4ab30839f884
186c3eda3d6b466b7ae72e32e65aa82579421ca3
9116e12bf9b747761061f6ac5f32d4564890485edd1a8e6e3bce3c99fde2cf6b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 20:27:02 GMT
Expires: Fri, 11 Nov 2022 20:27:01 GMT
Etag: "186c3eda3d6b466b7ae72e32e65aa82579421ca3"
Cache-Control: max-age=453659,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765e71d1ce89b4f7-OSL
seizedpenholdercranny.com/f325dc2bdcd9ba00a1c3fc7fb719f96a/invoke.js
192.243.59.20403 Forbidden 0 B URL HTTP/1.1 seizedpenholdercranny.com/f325dc2bdcd9ba00a1c3fc7fb719f96a/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /f325dc2bdcd9ba00a1c3fc7fb719f96a/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
seizedpenholdercranny.com/a7/bf/87/a7bf874835d806f885e035b6acb3f0eb.js
192.243.59.20403 Forbidden 0 B URL HTTP/1.1 seizedpenholdercranny.com/a7/bf/87/a7bf874835d806f885e035b6acb3f0eb.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /a7/bf/87/a7bf874835d806f885e035b6acb3f0eb.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
seizedpenholdercranny.com/05/56/52/055652d312c99a6037d12337a6a1a7a4.js
192.243.59.20403 Forbidden 0 B URL HTTP/1.1 seizedpenholdercranny.com/05/56/52/055652d312c99a6037d12337a6a1a7a4.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /05/56/52/055652d312c99a6037d12337a6a1a7a4.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
192.243.59.20403 Forbidden 0 B URL HTTP/1.1 seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /5e6875da5961e81ed9244698fd54f94d/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
seizedpenholdercranny.com/7fd078e363f567e6039e684e541f9020/invoke.js
192.243.59.20403 Forbidden 0 B URL HTTP/1.1 seizedpenholdercranny.com/7fd078e363f567e6039e684e541f9020/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /7fd078e363f567e6039e684e541f9020/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==
185.162.85.2200 OK 0 B URL HTTP/2 tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==
IP 185.162.85.2:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw== HTTP/1.1
Host: tgpsew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 06 Nov 2022 14:16:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
X-Firefox-Spdy: h2
seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
192.243.59.20403 Forbidden 0 B URL HTTP/1.1 seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /5e6875da5961e81ed9244698fd54f94d/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
192.243.59.20403 Forbidden 0 B URL HTTP/1.1 seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /5e6875da5961e81ed9244698fd54f94d/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
region1.google-analytics.com/g/collect?v=2&tid=G-1PLLYQLZ1L>m=2oeb20&_p=2007868336&cid=1491090052.1667744160&ul=en-us&sr=1280x1024&_s=1&sid=1667744159&sct=1&seg=0&dl=https%3A%2F%2Fhentai-img.com%2Fimage%2Fdiana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3%2Fpage%2F18%2F&dt=Diana%20Bruce%20BMWW%20WonderBat%20-%20Injustice%2FInjustice2%2FArkham%2FDC%20-%2018%20-%20Hentai%20Image&en=page_view&_fv=1&_nsi=1&_ss=1&ep.useAmpClientId=true
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-1PLLYQLZ1L>m=2oeb20&_p=2007868336&cid=1491090052.1667744160&ul=en-us&sr=1280x1024&_s=1&sid=1667744159&sct=1&seg=0&dl=https%3A%2F%2Fhentai-img.com%2Fimage%2Fdiana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3%2Fpage%2F18%2F&dt=Diana%20Bruce%20BMWW%20WonderBat%20-%20Injustice%2FInjustice2%2FArkham%2FDC%20-%2018%20-%20Hentai%20Image&en=page_view&_fv=1&_nsi=1&_ss=1&ep.useAmpClientId=true
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-1PLLYQLZ1L>m=2oeb20&_p=2007868336&cid=1491090052.1667744160&ul=en-us&sr=1280x1024&_s=1&sid=1667744159&sct=1&seg=0&dl=https%3A%2F%2Fhentai-img.com%2Fimage%2Fdiana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3%2Fpage%2F18%2F&dt=Diana%20Bruce%20BMWW%20WonderBat%20-%20Injustice%2FInjustice2%2FArkham%2FDC%20-%2018%20-%20Hentai%20Image&en=page_view&_fv=1&_nsi=1&_ss=1&ep.useAmpClientId=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://hentai-img.com
date: Sun, 06 Nov 2022 14:16:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
seizedpenholdercranny.com/7fd078e363f567e6039e684e541f9020/invoke.js
192.243.59.20403 Forbidden 0 B URL HTTP/1.1 seizedpenholdercranny.com/7fd078e363f567e6039e684e541f9020/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /7fd078e363f567e6039e684e541f9020/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
192.243.59.20403 Forbidden 0 B URL HTTP/1.1 seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /5e6875da5961e81ed9244698fd54f94d/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cluy7ejv5qzoc1a3hapiat&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6301746768908481
62.122.171.6200 OK 1.1 kB URL HTTP/2 kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cluy7ejv5qzoc1a3hapiat&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6301746768908481
IP 62.122.171.6:0
File type HTML document, ASCII text, with very long lines (2794), with no line terminators
Hash c34e8bbff8d881d37eb9511e6da27354
5749ba3a0843cf9966273cdeb59b4c6e12c228e3
1dfc59dc8a763af09b45213d754b257605f61124eeb8fcb5d2a8ea82550e6635
GET /get/1863026?zoneid=1863026&jp=_cluy7ejv5qzoc1a3hapiat&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6301746768908481 HTTP/1.1
Host: kgdvs9ov3l2aasw4nuts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:02 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2211060916a0b0b6a42e0140b58054d99786; Path=/; Expires=Mon, 06 Nov 2023 14:16:02 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9459
Expires: Sun, 06 Nov 2022 16:53:41 GMT
Date: Sun, 06 Nov 2022 14:16:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9459
Expires: Sun, 06 Nov 2022 16:53:41 GMT
Date: Sun, 06 Nov 2022 14:16:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9459
Expires: Sun, 06 Nov 2022 16:53:41 GMT
Date: Sun, 06 Nov 2022 14:16:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9459
Expires: Sun, 06 Nov 2022 16:53:41 GMT
Date: Sun, 06 Nov 2022 14:16:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3929fb3c2f0dad9409e9b247ab891518
b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JpXdvmvvQH1vfmG3IY6l-viZNIwPCuCBMdnRl78XNVFNE2FgSxqXJA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:14:38 GMT
age: 57684
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==
185.162.85.2200 OK 0 B URL HTTP/2 tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==
IP 185.162.85.2:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw== HTTP/1.1
Host: tgpsew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 06 Nov 2022 14:16:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1rzBJigxxARLwKhQ_2PvkVnWD2wUH9UPfyVKIe9lmvtmtMRwWjR21g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:20 GMT
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
age: 57522
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 03:24:54 GMT
age: 39068
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP 34.120.237.76:0
Hash 1a199e0a298bde82f2cd088893621f86
f80bef4820d108abe01cf0131c8531f6b396e31b
6a304290b335f53f62c582571e21bf2571f45283b0cf49468c2b837c5d7cbd52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OR8zISm84Iz0FL3Km-aQOHSnjROX2-S_lKloAhMAThT17igEWRbxkA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 59502
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gjEERXiPH4yDHtW87u7qRDYz1A2DKKlkYXKVC3F9VshnRvhh2wSaSQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:08:57 GMT
age: 58025
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 09:11:34 GMT
age: 18268
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==
185.162.85.2200 OK 0 B URL HTTP/2 tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==
IP 185.162.85.2:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw== HTTP/1.1
Host: tgpsew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
X-Firefox-Spdy: h2
seizedpenholdercranny.com/05/56/52/055652d312c99a6037d12337a6a1a7a4.js
192.243.59.20403 Forbidden 0 B URL HTTP/1.1 seizedpenholdercranny.com/05/56/52/055652d312c99a6037d12337a6a1a7a4.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /05/56/52/055652d312c99a6037d12337a6a1a7a4.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:03 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cld1dvtxovd5m9qdcqbzaw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8272071605951561
62.122.171.6200 OK 1.1 kB URL HTTP/2 kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cld1dvtxovd5m9qdcqbzaw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8272071605951561
IP 62.122.171.6:0
File type HTML document, ASCII text, with very long lines (2794), with no line terminators
Hash a2d4e78a9e116d008ce98a95a0c94e9c
63c383f48be7d544b5fddb27d81b1a80cb47a57a
a490a98b14931fd547e41785eba0ceac37f1ce50de3e3cc0a4ed605882028ea4
GET /get/1863026?zoneid=1863026&jp=_cld1dvtxovd5m9qdcqbzaw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8272071605951561 HTTP/1.1
Host: kgdvs9ov3l2aasw4nuts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Cookie: UID=2211060916a0b0b6a42e0140b58054d99786
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
prhzxq.com/wnload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==&t1809=a
185.162.85.14200 OK 0 B URL HTTP/2 prhzxq.com/wnload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==&t1809=a
IP 185.162.85.14:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wnload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==&t1809=a HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fb3ff64b07de3c9234ed0464308ca4f8
3ae2c63658d7710b6281740bbf03598a19fc2f0b
8cecf14b555b844ef4001d772e5a1cd9bd4607d104c7f285370eefc65d2fb599
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3336
Cache-Control: max-age=145712
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:03 GMT
Etag: "63674acb-118"
Expires: Tue, 08 Nov 2022 06:44:35 GMT
Last-Modified: Sun, 06 Nov 2022 05:48:59 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 280
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash dea056e741a51b904bd5985967a5fa6c
cf2e9e2ffbfa7e487a24f4cc835ce7045489036e
e6af924f1e246c597fa2b9fb4b0aa052d0c9932e711280699bfff9ccc22f2b07
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 05:56:25 GMT
Expires: Fri, 11 Nov 2022 05:56:24 GMT
Etag: "cf2e9e2ffbfa7e487a24f4cc835ce7045489036e"
Cache-Control: max-age=401420,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765e71dd5c9ab50f-OSL
cdn.tsyndicate.com/sdk/v1/bi.js
8.254.252.210200 OK 3.3 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/bi.js
IP 8.254.252.210:0
File type C source, ASCII text, with very long lines (7738)
Hash 5aeb7a05ea5e045c01ea950119cc59ec
f67d9780bf337f85d3e1edd4db32a1a0b39eee00
3c21c1d6f1ed0813bbcf9510c45a68dab51ab206ba2b710e795865fe7b9a9bf8
GET /sdk/v1/bi.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: application/javascript
content-length: 3312
last-modified: Wed, 02 Nov 2022 12:54:39 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6362688f-1e83"
age: 349746
accept-ranges: bytes
X-Firefox-Spdy: h2
kiynew.com/admc?a=2&pid=1097448&sid=1107262&wid=233936&fp=9e4947f35751465411fd1a4f5c358c78&tz=0
185.162.85.1200 OK 0 B URL HTTP/2 kiynew.com/admc?a=2&pid=1097448&sid=1107262&wid=233936&fp=9e4947f35751465411fd1a4f5c358c78&tz=0
IP 185.162.85.1:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /admc?a=2&pid=1097448&sid=1107262&wid=233936&fp=9e4947f35751465411fd1a4f5c358c78&tz=0 HTTP/1.1
Host: kiynew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 06 Nov 2022 14:16:03 GMT
content-length: 0
access-control-allow-origin: https://hentai-img.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hentai-cosplays.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal
172.67.159.253200 OK 833 B URL HTTP/2 hentai-cosplays.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal
IP 172.67.159.253:0
File type HTML document, ASCII text
Hash 9f934e95a89f8bb851690e0b09d6d88e
6a746028801b96881299fd14ce2e16cb43cec31f
bb830eafe76393bc212cffc1341deeb06fa46e38298c0a35bd4a1f79843971e8
POST /api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal HTTP/1.1
Host: hentai-cosplays.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent, User-Agent
link: <https://hentai-cosplays.com/search/tag/anal/>; rel="canonical"
access-control-allow-origin: *
fastcgi-cache: HIT
x-frame-options: SAMEORIGIN, SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBJaoiUsN7J8VSA6QZqRW4b9y2oxIRR9FEC8E3AOT%2Bq%2BlOzrSzTpUTH9laV9iEx3zlXx7F8lFlMXuVTjRLhUgd%2FjnQIpAD5h68E1lh7NSsSGSLShbdWHzhCJs7tH0jUjd5speeGi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71deaf12b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 06 Nov 2022 12:41:09 GMT
expires: Sun, 06 Nov 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 5694
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 3b1d5b045ac562db2488148742100542
cccc5fd7170882ce41c3bd83ce14fc4d38238b84
7d95261eaadd07d0129afcc595838d8abac7158f8460ef70a2a76cdfe130fb32
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 15:56:18 GMT
Expires: Sat, 12 Nov 2022 15:56:17 GMT
Etag: "cccc5fd7170882ce41c3bd83ce14fc4d38238b84"
Cache-Control: max-age=523813,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765e71e0ab281c02-OSL
tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=Diana,Bruce,BMWW,WonderBat,Injustice,Injustice2,Arkham,&subid=1863026-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0
136.243.134.97200 OK 5.3 kB URL HTTP/2 tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=Diana,Bruce,BMWW,WonderBat,Injustice,Injustice2,Arkham,&subid=1863026-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0
IP 136.243.134.97:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3932)
Hash e69b0c814c76a8130da7460ddf2a1142
adf58fdd26d13becdccafc416564a1866142a925
3cf4c54aed111e4868fbd913ce80f4888890ebb2d80f556b56a807ff925f0638
GET /iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=Diana,Bruce,BMWW,WonderBat,Injustice,Injustice2,Arkham,&subid=1863026-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 1bc9bfcb2d086799
set-cookie: ts_uid=6258fbfb-3df1-4477-a3ab-7d1ef2aade4b; expires=Sat, 06 May 2023 14:16:03 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsHEDxwwYNRh26aMg; expires=Mon, 07 Nov 2022 14:16:03 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=818858
185.94.236.247200 OK 1.9 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=818858
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Hash 39e49f0b8b8659b2f9338016d8090d5d
dc9acacc95afcc6a1cdfa3888b52dfff0a457cf3
28aa1a4f215c96c3b9bfda0d8a17e41a3773fc9e2dc0f817f83b6eab03bc7180
GET /adshow.php?adzone=818858 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; expires=Mon, 06-Nov-2023 14:16:02 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzg7aToxNjY4MDAzMzYyO30%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 842c72cb340239a72af3417e7f8164bb
993e6ec5fc63c97ae8f18f8e532917ad2542ee06
fec14353381b2a276e7864de7d89101dc19ed5f96acdc33a9217bb90def72c45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5025
Cache-Control: max-age=97723
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Etag: "636688be-139"
Expires: Mon, 07 Nov 2022 17:24:47 GMT
Last-Modified: Sat, 05 Nov 2022 16:01:02 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
216.58.207.206200 OK 94 B URL HTTP/2 ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
IP 216.58.207.206:0
File type JSON data\012- , ASCII text
Hash c2144a6b5539facf69724cd8b26dcd81
4893942b88fdcc2e7c9ae52ecc1da5774855b27f
b293ac83010e12a3b2c3efc7185fb005ab4c64c1fa023747a3cb05d53b772115
POST /v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM HTTP/1.1
Host: ampcid.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 33
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 06 Nov 2022 14:16:04 GMT
server: ESF
cache-control: private
content-length: 94
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://hentai-img.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.jads.co/ads/juicyads_black.gif
69.16.175.10200 OK 2.2 kB URL HTTP/2 i.jads.co/ads/juicyads_black.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 62 x 24\012- data
Hash 4dffc647a404d4297cd77b3974cd666e
c4a02f126e24601bd9288a4080eea39adb472e6f
b1e12c59a9b1d3e8447d6a7aeb584101c71751561b98f3f0162f58f1e617c7fb
GET /ads/juicyads_black.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YToxOntpOjEzMTk2Nzg7aToxNjY4MDAzMzYyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:04 GMT
etag: "1456941299"
cache-control: max-age=20426288
content-length: 2193
content-type: image/gif
last-modified: Wed, 02 Mar 2016 17:54:59 GMT
accept-ranges: bytes
x-hw: 1667744164.dop207.sk1.t,1667744164.cds225.sk1.hn,1667744164.cds263.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.jads.co/network/user81419/47386-1642692260-0719830001642692260.gif
69.16.175.10200 OK 92 kB URL HTTP/2 i.jads.co/network/user81419/47386-1642692260-0719830001642692260.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 300 x 250\012- data
Hash efce1909a426b6848e64f728ff234d1f
44b701160776dd5d73fdc33abdb725e567806c48
443431deee747fc76f1cde9f5d23eba8f9284dbbd6aae342f7367386bd606da8
GET /network/user81419/47386-1642692260-0719830001642692260.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YToxOntpOjEzMTk2Nzg7aToxNjY4MDAzMzYyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:04 GMT
etag: "1642692260"
cache-control: max-age=9017729
content-length: 91468
content-type: image/gif
last-modified: Thu, 20 Jan 2022 15:24:20 GMT
accept-ranges: bytes
x-hw: 1667744164.dop207.sk1.t,1667744164.cds225.sk1.hn,1667744164.cds228.sk1.c
X-Firefox-Spdy: h2
i.jads.co/1x1.gif
69.16.175.10200 OK 43 B IP 69.16.175.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YToxOntpOjEzMTk2Nzg7aToxNjY4MDAzMzYyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:04 GMT
etag: "1457030838"
cache-control: max-age=19481102
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1667744164.dop207.sk1.t,1667744164.cds225.sk1.hn,1667744164.cds217.sk1.c
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:04 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10457713
X-HW: 1667744164.dop231.sk1.t,1667744164.cds015.sk1.shn,1667744164.cds015.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:04 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10421307
X-HW: 1667744164.dop224.sk1.t,1667744164.cds067.sk1.shn,1667744164.cds067.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/24/124/814208/1027236/1027236_logo.png
205.185.208.20200 OK 3.2 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/24/124/814208/1027236/1027236_logo.png
IP 205.185.208.20:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c291fddf374f420d3645fe505286658
6539ef9a49e9a2af5c91f21ccfd8c404be9a56d7
530eeb89457746b4902702ebce75ce75a441f7812a48109aa585204c80cdef03
GET /a7/creatives/24/124/814208/1027236/1027236_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:04 GMT
Connection: Keep-Alive
ETag: "1648065983"
Content-Length: 3236
Content-Type: image/png
Last-Modified: Wed, 23 Mar 2022 20:06:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10419479
X-HW: 1667744164.dop212.sk1.t,1667744164.cds210.sk1.shn,1667744164.cds210.sk1.c
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ampcid.google.no/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
142.250.74.110200 OK 23 B URL HTTP/2 ampcid.google.no/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
IP 142.250.74.110:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
POST /v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM HTTP/1.1
Host: ampcid.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 33
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 06 Nov 2022 14:16:04 GMT
server: ESF
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://hentai-img.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/a7/creatives/24/124/814208/1027236/1027236_video.mp4
205.185.208.20206 Partial Content 500 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/24/124/814208/1027236/1027236_video.mp4
IP 205.185.208.20:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 500 kB (500419 bytes)
Hash 44e5f830d5d1f375bb9d855537e814ed
cd051f8ef2cff4f3a918ecb0a46eaab471527d28
ead5ac046fc34503734d1ddd54437d44b78671a5ea6268dd994fbf99052f4271
GET /a7/creatives/24/124/814208/1027236/1027236_video.mp4 HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Sun, 06 Nov 2022 14:16:04 GMT
Connection: Keep-Alive
ETag: "1648066132"
Content-Length: 500419
Content-Range: bytes 0-500418/500419
Content-Type: video/mp4
Last-Modified: Wed, 23 Mar 2022 20:08:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10395865
X-HW: 1667744164.dop231.sk1.t,1667744164.cds015.sk1.shn,1667744164.cds015.sk1.c
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
poweredby.jads.co/adshow.php?adzone=681607
185.94.236.247200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=681607
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (409), with CRLF, LF line terminators
Hash 2b8c645ba650ff02caf55e670b4bd31a
e5df76da81f15d7f0bfd7d7320e214c336ee7575
3224f23c8f737e8f59a2c88cfec212c59bd9881d57388cd7ee2b671685353624
GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; expires=Mon, 06-Nov-2023 14:16:02 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzYyO30%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTI0Iiwic2lkIjoiMTAwMDUzNjMiLCJuaWRzIjoiMzkwNTMiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMjcyMzYiLCJzdiI6IjI2NDUiLCJyZWZfZG1uIjoidHN5bmRpY2F0ZS5jb20iLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiQUZGIiwiY3JjIjoiNSIsImNuIjoiMzAwWDI1MF9BTkdFTE9fQklHU1BPVFMiLCJuaWQiOiIzOTA1MyIsImV4dF9wdWIiOiIiLCJjcnAiOiI1MCIsInRpZCI6IjIiLCJpdCI6IjA2XC9Ob3ZcLzIwMjI6MTQ6MTY6MDQgKzAwMDAiLCJjYyI6IjEiLCJzbmNpZCI6IjEwNDc1MCIsImNpZCI6IjM4NTMzIiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTk5NzA1MCIsImlpZCI6ImVmYjY3Y2UwMjhlZDVlMzE4ZDliZjEyNzRmNWRkYWIyIiwiZXh0X2lpZCI6IiJ9?unique_view=1
66.254.114.171200 OK 44 B URL HTTP/2 a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTI0Iiwic2lkIjoiMTAwMDUzNjMiLCJuaWRzIjoiMzkwNTMiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMjcyMzYiLCJzdiI6IjI2NDUiLCJyZWZfZG1uIjoidHN5bmRpY2F0ZS5jb20iLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiQUZGIiwiY3JjIjoiNSIsImNuIjoiMzAwWDI1MF9BTkdFTE9fQklHU1BPVFMiLCJuaWQiOiIzOTA1MyIsImV4dF9wdWIiOiIiLCJjcnAiOiI1MCIsInRpZCI6IjIiLCJpdCI6IjA2XC9Ob3ZcLzIwMjI6MTQ6MTY6MDQgKzAwMDAiLCJjYyI6IjEiLCJzbmNpZCI6IjEwNDc1MCIsImNpZCI6IjM4NTMzIiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTk5NzA1MCIsImlpZCI6ImVmYjY3Y2UwMjhlZDVlMzE4ZDliZjEyNzRmNWRkYWIyIiwiZXh0X2lpZCI6IiJ9?unique_view=1
IP 66.254.114.171:0
Hash 46ecf9d696a1bc3b0bc9ee688eaaf95d
5d01f30056514f78b67e7591808dd200eb24f965
b9a429cbc756964c7aadaee5626ff7709843905ddb13f34199e38974e6f4e3e4
GET /track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTI0Iiwic2lkIjoiMTAwMDUzNjMiLCJuaWRzIjoiMzkwNTMiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMjcyMzYiLCJzdiI6IjI2NDUiLCJyZWZfZG1uIjoidHN5bmRpY2F0ZS5jb20iLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiQUZGIiwiY3JjIjoiNSIsImNuIjoiMzAwWDI1MF9BTkdFTE9fQklHU1BPVFMiLCJuaWQiOiIzOTA1MyIsImV4dF9wdWIiOiIiLCJjcnAiOiI1MCIsInRpZCI6IjIiLCJpdCI6IjA2XC9Ob3ZcLzIwMjI6MTQ6MTY6MDQgKzAwMDAiLCJjYyI6IjEiLCJzbmNpZCI6IjEwNDc1MCIsImNpZCI6IjM4NTMzIiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTk5NzA1MCIsImlpZCI6ImVmYjY3Y2UwMjhlZDVlMzE4ZDliZjEyNzRmNWRkYWIyIiwiZXh0X2lpZCI6IiJ9?unique_view=1 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi
Cookie: adtool_guid=Ch5KEmNnwaQNGiIEORHCAg==; RNLBSERVERID=ded7041
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 06 Nov 2022 14:16:04 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
x-request-id: 6367C1A4-42FE72AB01BBE7F0-FFCF765
X-Firefox-Spdy: h2
i.jads.co/network/user81419/47386-1642692278-0950151001642692278.gif
69.16.175.10200 OK 131 kB URL HTTP/2 i.jads.co/network/user81419/47386-1642692278-0950151001642692278.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 131 kB (130640 bytes)
Hash 96f98a033b3ad783020a5025b13acf2e
cfc5f149793ed9ea5f95c87865316d7b8376e2bf
3aa5120f48e5cadfd2bfd5d5947ef4ecff76bc4928f17281f90f5cac9de4f161
GET /network/user81419/47386-1642692278-0950151001642692278.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzYyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:04 GMT
etag: "1642692278"
cache-control: max-age=6537108
content-length: 130640
content-type: image/gif
last-modified: Thu, 20 Jan 2022 15:24:38 GMT
accept-ranges: bytes
x-hw: 1667744164.dop207.sk1.t,1667744164.cds225.sk1.hn,1667744164.cds204.sk1.c
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=hentai-img.com&et=138
148.251.152.17200 OK 0 B URL HTTP/2 pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=hentai-img.com&et=138
IP 148.251.152.17:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=hentai-img.com&et=138 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Cookie: ts_uid=6258fbfb-3df1-4477-a3ab-7d1ef2aade4b; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsHEDxwwYNRh26aMg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:04 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&gjid=2014844024&_gid=1398077576.1667744162&_u=YCDAgAABAAQCAG~&z=1311809904
64.233.162.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&gjid=2014844024&_gid=1398077576.1667744162&_u=YCDAgAABAAQCAG~&z=1311809904
IP 64.233.162.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&gjid=2014844024&_gid=1398077576.1667744162&_u=YCDAgAABAAQCAG~&z=1311809904 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hentai-img.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&gjid=2047073273&_gid=1398077576.1667744162&_u=YADAAAAAAAQCAC~&z=559751049
64.233.162.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&gjid=2047073273&_gid=1398077576.1667744162&_u=YADAAAAAAAQCAC~&z=559751049
IP 64.233.162.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&gjid=2047073273&_gid=1398077576.1667744162&_u=YADAAAAAAAQCAC~&z=559751049 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://hentai-img.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kgdvs9ov3l2aasw4nuts.com/chicken.gif?z=1863026&pb=5ca06dcdc64d7ec011cf1fc3b7362a691667751363&psp=zWTN21LNIlXNU7uNDVXew7CEb_wxXmyfug6K8TnPgxtn0zhu2WBdQ7zKE8KM7D2Xe6Y-l6yfOVcBcuCKkvMAFST2DAfNEXERpOyTP5SvWrE4-IlKeXp07R5q7pARYjvwiV0QyGr_D1DdAFiPHq8wYQgzAH1_i9hQBGtX_wLLpElnLTtOQsnqYf2Dr9XaCE9vPhJPf89XYGZuYUjFiZXS3DbGfr_vGH-Ak2vjhaJGsKOpldRmLE-muLvpJ8b77RQRvpSa9kZkumtdKQwSLMv-WzauFi44VSFa-VF9VUVzowwLkak_CQmjLV7HpxEfW2VheqT0xDtNtBsmkHIwhv13SNk97E7_h3MZxqVAlyxEbdRaCqlxpuxrlpOfrNeUa9_6pEHASOSstlgg1VoYk8OyOfYEbc0U1AcLKCFWKNZtcJ_YeClbK5zpi83Az4GHy9X5qIDPnSXl6tncdzVw7yLEturg05L1HmbDNuPUURx46c5KjR45nsyM8NBgjiun2c26qW-Uh4RMqCZhmC1m5vuHL-q0tMpfFzshg6_qlmCUfPCIAgMCkb2JRn12_6gj-8EEgXXdTjcvwRdu_A==&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 kgdvs9ov3l2aasw4nuts.com/chicken.gif?z=1863026&pb=5ca06dcdc64d7ec011cf1fc3b7362a691667751363&psp=zWTN21LNIlXNU7uNDVXew7CEb_wxXmyfug6K8TnPgxtn0zhu2WBdQ7zKE8KM7D2Xe6Y-l6yfOVcBcuCKkvMAFST2DAfNEXERpOyTP5SvWrE4-IlKeXp07R5q7pARYjvwiV0QyGr_D1DdAFiPHq8wYQgzAH1_i9hQBGtX_wLLpElnLTtOQsnqYf2Dr9XaCE9vPhJPf89XYGZuYUjFiZXS3DbGfr_vGH-Ak2vjhaJGsKOpldRmLE-muLvpJ8b77RQRvpSa9kZkumtdKQwSLMv-WzauFi44VSFa-VF9VUVzowwLkak_CQmjLV7HpxEfW2VheqT0xDtNtBsmkHIwhv13SNk97E7_h3MZxqVAlyxEbdRaCqlxpuxrlpOfrNeUa9_6pEHASOSstlgg1VoYk8OyOfYEbc0U1AcLKCFWKNZtcJ_YeClbK5zpi83Az4GHy9X5qIDPnSXl6tncdzVw7yLEturg05L1HmbDNuPUURx46c5KjR45nsyM8NBgjiun2c26qW-Uh4RMqCZhmC1m5vuHL-q0tMpfFzshg6_qlmCUfPCIAgMCkb2JRn12_6gj-8EEgXXdTjcvwRdu_A==&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1863026&pb=5ca06dcdc64d7ec011cf1fc3b7362a691667751363&psp=zWTN21LNIlXNU7uNDVXew7CEb_wxXmyfug6K8TnPgxtn0zhu2WBdQ7zKE8KM7D2Xe6Y-l6yfOVcBcuCKkvMAFST2DAfNEXERpOyTP5SvWrE4-IlKeXp07R5q7pARYjvwiV0QyGr_D1DdAFiPHq8wYQgzAH1_i9hQBGtX_wLLpElnLTtOQsnqYf2Dr9XaCE9vPhJPf89XYGZuYUjFiZXS3DbGfr_vGH-Ak2vjhaJGsKOpldRmLE-muLvpJ8b77RQRvpSa9kZkumtdKQwSLMv-WzauFi44VSFa-VF9VUVzowwLkak_CQmjLV7HpxEfW2VheqT0xDtNtBsmkHIwhv13SNk97E7_h3MZxqVAlyxEbdRaCqlxpuxrlpOfrNeUa9_6pEHASOSstlgg1VoYk8OyOfYEbc0U1AcLKCFWKNZtcJ_YeClbK5zpi83Az4GHy9X5qIDPnSXl6tncdzVw7yLEturg05L1HmbDNuPUURx46c5KjR45nsyM8NBgjiun2c26qW-Uh4RMqCZhmC1m5vuHL-q0tMpfFzshg6_qlmCUfPCIAgMCkb2JRn12_6gj-8EEgXXdTjcvwRdu_A==&abvar=0&os=0 HTTP/1.1
Host: kgdvs9ov3l2aasw4nuts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2211060916a0b0b6a42e0140b58054d99786
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:04 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Mon, 07 Nov 2022 14:16:04 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=681607
185.94.236.247200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=681607
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (409), with CRLF, LF line terminators
Hash 4d2c30e5bbc0c5a2bd1d64d116883041
44e96225b4c26b07cd41212a8a2282480899c565
c99f3196e104df5e575f5b86edace4dfb3ccf4882fbcf8b7a50f25e941e4b643
GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=4860b9c90bd8ba28bd37779840a52737; expires=Mon, 06-Nov-2023 14:16:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:04 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzY0O30%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=681607
185.94.236.247200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=681607
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (409), with CRLF, LF line terminators
Hash 4d2c30e5bbc0c5a2bd1d64d116883041
44e96225b4c26b07cd41212a8a2282480899c565
c99f3196e104df5e575f5b86edace4dfb3ccf4882fbcf8b7a50f25e941e4b643
GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=4860b9c90bd8ba28bd37779840a52737; expires=Mon, 06-Nov-2023 14:16:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:04 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzY0O30%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=681607
185.94.236.247200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=681607
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (409), with CRLF, LF line terminators
Hash 4d2c30e5bbc0c5a2bd1d64d116883041
44e96225b4c26b07cd41212a8a2282480899c565
c99f3196e104df5e575f5b86edace4dfb3ccf4882fbcf8b7a50f25e941e4b643
GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=4860b9c90bd8ba28bd37779840a52737; expires=Mon, 06-Nov-2023 14:16:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:04 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzY0O30%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=681607
185.94.236.247200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=681607
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (409), with CRLF, LF line terminators
Hash 1d3e337452f2303a43488959356ef07e
c24da0002a2d20a953137689b3f664f3e5145187
99abd58002f76f160ff2d07b468eaf8aa7a2c8abeeb7cde2d56adc4213ab3e84
GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=4860b9c90bd8ba28bd37779840a52737; expires=Mon, 06-Nov-2023 14:16:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:04 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzY0O30%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi
66.254.114.171200 OK 11 kB URL HTTP/2 a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi
IP 66.254.114.171:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (22123), with CRLF, LF line terminators
Hash c538ad30e4df17586558721a384c5cfb
e8448b1ccff2e75e6ad84bdfbb988419eabe0bcf
57d4b9c9e6e92975f89253f9bdae187d1fa1e2e24efd95472df1c9a888ca5f5e
GET /get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 06 Nov 2022 14:16:04 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KEmNnwaQNGiIEORHCAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7041; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 6367C1A4-42FE72AB01BBE7F0-FFCF71B
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=818859
185.94.236.247200 OK 2.1 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=818859
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Hash b0eedf3ed87804da4beff01f0dc71151
36bb1bfccb77ec4a9b5d7aac1f817b37da47aeaa
e6b65359c82b9392a8ead18c1d201a7e1bf95bc1892024e572d8de5a2f67d2ae
GET /adshow.php?adzone=818859 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=b9ef267fb73f7f1a9be3923c7fd71d43; expires=Mon, 06-Nov-2023 14:16:01 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps203=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjYzMTM3MTtpOjE2NjgwMDMzNjE7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:01 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:01 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user1037/203-1520185091.jpg
69.16.175.10200 OK 32 kB URL HTTP/2 i.jads.co/network/user1037/203-1520185091.jpg
IP 69.16.175.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash df593708df9b8edbd671cb6035557bfe
26c12d2cc657295f4c32af67af64489bbf971968
00cd95d259469a99e07015415c28f0435fc3b5d8640fe1b3e45e75fb9b3bb528
GET /network/user1037/203-1520185091.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=b9ef267fb73f7f1a9be3923c7fd71d43; imps47386=1; juicy_data_1=YToxOntpOjYzMTM3MTtpOjE2NjgwMDMzNjE7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps203=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:06 GMT
etag: "1520185091"
cache-control: max-age=269420
content-length: 32245
content-type: image/jpeg
last-modified: Sun, 04 Mar 2018 17:38:11 GMT
accept-ranges: bytes
x-hw: 1667744166.dop207.sk1.t,1667744166.cds225.sk1.hn,1667744166.cds221.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user1037/203-1520185101.jpg
69.16.175.10200 OK 24 kB URL HTTP/2 i.jads.co/network/user1037/203-1520185101.jpg
IP 69.16.175.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 9d43d8ef4d6605e218bf318e21923b8c
e8cae62be698d197f2f23ad36815f4e2d3f45881
11114dddf1cf3603f2782c8b8ba1d5dd4403147e9030053c6e268819f56f2f64
GET /network/user1037/203-1520185101.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=b9ef267fb73f7f1a9be3923c7fd71d43; imps47386=1; juicy_data_1=YToxOntpOjYzMTM3MTtpOjE2NjgwMDMzNjE7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps203=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:06 GMT
etag: "1520185101"
cache-control: max-age=16693588
content-length: 23898
content-type: image/jpeg
last-modified: Sun, 04 Mar 2018 17:38:21 GMT
accept-ranges: bytes
x-hw: 1667744166.dop207.sk1.t,1667744166.cds225.sk1.hn,1667744166.cds068.sk1.c
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=681607
185.94.236.247200 OK 1.8 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=681607
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Hash 98439b3b0bf70b9d9c90e1bf8655ee03
992b95e762301face800dcc4d1547e532a3550c9
ac8ce3dc8feb9c2e0da3128ffc2d8ca876c736fc8cae1674c51802e262522f34
GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0feada4a4f95cdd3afe13ca04a8a74db; expires=Mon, 06-Nov-2023 14:16:05 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:05 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzY1O30%3D; expires=Wed, 09-Nov-2022 14:16:05 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:05 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=818854
185.94.236.247200 OK 2.1 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=818854
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Hash 53b7f5c6733b896929ef940afd0a45c6
81466999ee1fa6ea80b6bdb372668fda0c3c4a86
43b89aead38101f9f047607bdd187045becdb77fe3b397a18d78fda588732c52
GET /adshow.php?adzone=818854 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; expires=Mon, 06-Nov-2023 14:16:02 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps49239=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps203=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps49919=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps49239=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTo0OntpOjEzODM2MDE7aToxNjY4MDAzMzYyO2k6NjMxMzcyO2k6MTY2ODAwMzM2MjtpOjE0MDA0MDY7aToxNjY4MDAzMzYyO2k6MTM4MzYwNztpOjE2NjgwMDMzNjI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user175011/49239-1653319062-0283876001653319062.gif
69.16.175.10200 OK 240 kB URL HTTP/2 i.jads.co/network/user175011/49239-1653319062-0283876001653319062.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 240 kB (239622 bytes)
Hash 2c40ad6822f0c10585178b0b582629a2
d8b2da69b64c7fccc7c518107dafd96345d685ca
0736f5d80e8c76fd63a414b72cb9c208ce8bb1d4738e64ddee8f52b6a5d62877
GET /network/user175011/49239-1653319062-0283876001653319062.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YTo0OntpOjEzODM2MDE7aToxNjY4MDAzMzYyO2k6NjMxMzcyO2k6MTY2ODAwMzM2MjtpOjE0MDA0MDY7aToxNjY4MDAzMzYyO2k6MTM4MzYwNztpOjE2NjgwMDMzNjI7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps203=1; imps49239=1; imps49919=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:08 GMT
etag: "1653319062"
cache-control: max-age=21958737
content-length: 239622
content-type: image/gif
last-modified: Mon, 23 May 2022 15:17:42 GMT
accept-ranges: bytes
x-hw: 1667744168.dop207.sk1.t,1667744168.cds225.sk1.hn,1667744168.cds232.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user175011/49374-1656843681-0741904001656843681.gif
69.16.175.10200 OK 2.9 MB URL HTTP/2 i.jads.co/network/user175011/49374-1656843681-0741904001656843681.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 2.9 MB (2864925 bytes)
Hash c9029c3832f35b2db968623d539f998f
410e17f89edd94aa28b85b569a210d5d3c785a32
be92a44f9a2dce4685c9ace630e46d9e21852eab3a7f5aa41789d5c7b5d86990
GET /network/user175011/49374-1656843681-0741904001656843681.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YTo0OntpOjEzODM2MDE7aToxNjY4MDAzMzYyO2k6NjMxMzcyO2k6MTY2ODAwMzM2MjtpOjE0MDA0MDY7aToxNjY4MDAzMzYyO2k6MTM4MzYwNztpOjE2NjgwMDMzNjI7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps203=1; imps49239=1; imps49919=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:08 GMT
etag: "1656843682"
cache-control: max-age=20749063
content-length: 2864925
content-type: image/gif
last-modified: Sun, 03 Jul 2022 10:21:22 GMT
accept-ranges: bytes
x-hw: 1667744168.dop207.sk1.t,1667744168.cds225.sk1.hn,1667744168.cds229.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user175011/49239-1653319047-0342622001653319047.gif
69.16.175.10200 OK 1.7 MB URL HTTP/2 i.jads.co/network/user175011/49239-1653319047-0342622001653319047.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 1.7 MB (1706541 bytes)
Hash d521173117a0bb743184202f4e2d03f6
3670f11801c442460acd97ec38320b15f153a8b3
153304ba9bf2c859adf351ac3e035178726965b9cf00a50a5f57c5786884aefb
GET /network/user175011/49239-1653319047-0342622001653319047.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YTo0OntpOjEzODM2MDE7aToxNjY4MDAzMzYyO2k6NjMxMzcyO2k6MTY2ODAwMzM2MjtpOjE0MDA0MDY7aToxNjY4MDAzMzYyO2k6MTM4MzYwNztpOjE2NjgwMDMzNjI7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps203=1; imps49239=1; imps49919=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:08 GMT
etag: "1653319047"
cache-control: max-age=21958737
content-length: 1706541
content-type: image/gif
last-modified: Mon, 23 May 2022 15:17:27 GMT
accept-ranges: bytes
x-hw: 1667744168.dop207.sk1.t,1667744168.cds225.sk1.hn,1667744168.cds001.sk1.c
X-Firefox-Spdy: h2
porn-images-xxx.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal
172.67.133.111200 OK 0 B URL HTTP/2 porn-images-xxx.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal
IP 172.67.133.111:0
POST /api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal HTTP/1.1
Host: porn-images-xxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent
link: <https://porn-images-xxx.com/search/tag/anal/>; rel="canonical"
access-control-allow-origin: *
fastcgi-cache: HIT
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWAiwjKVmaWHjpk2THbZbk3F6B29KLHrdy4clZ7wFkNkCYTBJKdQhf%2F4xkikYUeDs%2FYRfxa6HVSt9OorXtoDDjTs6gbtm5oxglTf90mwIGcXnYTNaRqMbHkfzOkWrn%2FtTtcgI9tJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71de7e97b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ndroip.com/na/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsInNyYyI6Mn0=eyJ.js
172.67.129.54200 OK 0 B URL HTTP/2 ndroip.com/na/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsInNyYyI6Mn0=eyJ.js
IP 172.67.129.54:0
GET /na/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsInNyYyI6Mn0=eyJ.js HTTP/1.1
Host: ndroip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hentai-img.com
e-tag: 6bd95a97c01e922ea920fca2a41d51f9
cache-control: public, max-age=14400, proxy-revalidate
cf-cache-status: HIT
age: 14
last-modified: Sun, 06 Nov 2022 14:15:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfKY07IwBcd%2BjYq6lL4aZpewQBYZOKdhsrKjZRYJ%2BdL0iA58tGNreQIfIUcTJvXo6mLdzF3C1hsNNLvljUMfXv%2FqjWus5bKlS8BJYJDM0U2Y6BPoT8QjgjqAc%2FLh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71d0a84b0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kgdvs9ov3l2aasw4nuts.com/lv/esnk/1863026/code.js
62.122.171.6200 OK 0 B URL HTTP/2 kgdvs9ov3l2aasw4nuts.com/lv/esnk/1863026/code.js
IP 62.122.171.6:0
GET /lv/esnk/1863026/code.js HTTP/1.1
Host: kgdvs9ov3l2aasw4nuts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:01 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 09:37:02 GMT
vary: Accept-Encoding
etag: W/"6343e7be-1e77a"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
cloudflare.com/cdn-cgi/trace
104.16.133.229200 OK 0 B URL HTTP/2 cloudflare.com/cdn-cgi/trace
IP 104.16.133.229:0
GET /cdn-cgi/trace HTTP/1.1
Host: cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:02 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 765e71d61c03b4e8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
porn-images-xxx.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal
172.67.133.111200 OK 0 B URL HTTP/2 porn-images-xxx.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal
IP 172.67.133.111:0
POST /api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal HTTP/1.1
Host: porn-images-xxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent
link: <https://porn-images-xxx.com/search/tag/anal/>; rel="canonical"
access-control-allow-origin: *
fastcgi-cache: HIT
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVSjlwEr5rVOAybewr5wl4U02TjSVMKXaV5XYlXd5lZKfS0CHxYdnVUr7xCpdQ0vK1nyger7UXrXrYmMl%2B4T2Ah4zkj430Rnsqsb%2B2Udo2JGwuu5TUAmzqBs1XR8XUB%2BFBBdlMSM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71de7e9bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/
104.21.233.196200 OK 0 B URL HTTP/2 hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/
IP 104.21.233.196:0
GET /image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ HTTP/1.1
Host: hentai-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent, User-Agent
set-cookie: previous_detail=718802; path=/
adsense=pc-ca-ipp%3D1667693540; expires=Tue, 08-Nov-2022 12:12:20 GMT; Max-Age=216000; path=/; domain=.hentai-img.com
pvcla=1; path=/
fastcgi-cache: MISS
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IU1KgcabzbUWlctiqJ3YqmMrcl1DJzUnbyBuhfJmT2oi607QyDNvz1D7eVithPGw%2BEUZ34VB5xBbvK9THtvzNfkR86sjCgtEGrsrrwXfNkmAQjw3z3J6OAUJVFil%2Ba65FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71ccdcb0f40f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
msgose.com/pw/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsInNyYyI6Mn0=eyJ.js
104.21.48.29200 OK 0 B URL HTTP/2 msgose.com/pw/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsInNyYyI6Mn0=eyJ.js
IP 104.21.48.29:0
GET /pw/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsInNyYyI6Mn0=eyJ.js HTTP/1.1
Host: msgose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hentai-img.com
e-tag: 6bd95a97c01e922ea920fca2a41d51f9
cache-control: max-age=14400
cf-cache-status: HIT
age: 3616
last-modified: Sun, 06 Nov 2022 13:15:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsfs1MMMVORLMnEeIXqGyN%2FdLhVDt0k4poik5bJossvtcbJY7XMKZU%2F3pMgRgKhx%2FN7hf4xXqGuS1reJi6Hjirqc79iRgaUpCIxWUkeIVuEBQnwcfkDmSiS03A12"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71d06d01b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2