Report - hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/

Report Overview

Submitted URL
hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/
IP
104.21.233.196
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-06 14:16:13
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	35.165.41.15
kiynew.com	104178	2020-12-03T22:06:24Z	2023-03-10T12:06:33Z	457 B	206 B	185.162.85.1
hw-cdn2.adtng.com	11917	2020-02-20T17:50:17Z	2023-03-10T11:20:25Z	402 B	17 kB	209.197.3.25
ndroip.com	195406	2020-10-13T13:55:32Z	2023-03-06T04:31:46Z	419 B	818 B	172.67.129.54
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	3.8 kB	7.7 kB	142.250.74.35
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	759 B	98 kB	142.250.74.168
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	371 B	21 kB	142.250.74.174
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	1.0 kB	1.4 kB	142.250.74.164
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
tsyndicate.com	13042	2017-03-16T10:04:54Z	2023-03-10T14:19:10Z	631 B	6.2 kB	136.243.134.97
poweredby.jads.co	30525	2019-12-04T11:34:12Z	2023-03-09T23:02:05Z	5.1 kB	27 kB	185.94.236.247
porn-images-xxx.com	262958	2020-05-31T11:59:36Z	2023-03-09T05:53:11Z	966 B	1.7 kB	172.67.133.111
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.7 kB	7.1 kB	23.36.76.226
seizedpenholdercranny.com	unknown	2022-07-29T04:41:03Z	2023-01-26T09:58:28Z	4.0 kB	5.1 kB	192.243.59.20
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-10T05:19:43Z	827 B	561 B	216.239.32.36
kgdvs9ov3l2aasw4nuts.com	399838	2021-08-16T15:02:29Z	2023-02-28T04:22:42Z	2.7 kB	5.9 kB	62.122.171.6
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	74 kB	34.120.237.76
pxl.tsyndicate.com	14763	2017-07-05T15:51:06Z	2023-03-10T15:01:19Z	601 B	139 B	148.251.152.17
msgose.com	159174	2020-11-20T14:23:17Z	2023-03-03T21:46:31Z	419 B	792 B	104.21.48.29
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	2.4 kB	4.8 kB	93.184.220.29
a.adtng.com	15165	2018-07-26T21:17:41Z	2023-03-10T08:57:16Z	1.8 kB	12 kB	66.254.114.171
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-10T12:41:09Z	1.2 kB	1.4 kB	64.233.162.154
cloudflare.com	342	2012-05-22T15:19:15Z	2023-03-10T12:38:00Z	390 B	325 B	104.16.133.229
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
cdn.tsyndicate.com	16265	2017-07-04T08:00:09Z	2023-03-10T11:19:23Z	365 B	3.6 kB	8.254.252.210
hentai-cosplays.com	735719	2020-06-06T11:25:37Z	2023-03-10T12:36:15Z	483 B	1.7 kB	172.67.159.253
ampcid.google.com	1698	2017-08-05T10:11:00Z	2023-03-10T14:39:40Z	495 B	767 B	216.58.207.206
i.jads.co	46788	2019-12-04T09:50:06Z	2023-03-09T23:02:06Z	5.9 kB	5.1 MB	69.16.175.10
ampcid.google.no	unknown	2017-10-25T05:35:10Z	2023-03-10T15:38:08Z	494 B	696 B	142.250.74.110
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-10T07:09:08Z	1.0 kB	1.4 kB	142.250.74.35
hentai-img.com	192333	2020-05-31T11:17:45Z	2023-03-07T10:12:04Z	932 B	1.8 kB	104.21.233.195
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	1.7 kB	4.8 kB	172.64.155.188
tgpsew.com	153534	2020-10-22T02:40:54Z	2023-03-08T20:20:00Z	1.9 kB	498 B	185.162.85.2
prhzxq.com	unknown	2022-06-29T13:43:14Z	2023-03-09T18:27:33Z	632 B	238 B	185.162.85.14
hw-cdn2.ang-content.com	165651	2019-03-25T23:41:04Z	2023-03-09T23:36:09Z	1.3 kB	510 kB	205.185.208.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-06	medium	seizedpenholdercranny.com	Sinkholed
2022-11-06	medium	seizedpenholdercranny.com	Sinkholed
2022-11-06	medium	seizedpenholdercranny.com	Sinkholed
2022-11-06	medium	seizedpenholdercranny.com	Sinkholed
2022-11-06	medium	seizedpenholdercranny.com	Sinkholed
2022-11-06	medium	seizedpenholdercranny.com	Sinkholed
2022-11-06	medium	seizedpenholdercranny.com	Sinkholed
2022-11-06	medium	seizedpenholdercranny.com	Sinkholed
2022-11-06	medium	seizedpenholdercranny.com	Sinkholed
2022-11-06	medium	seizedpenholdercranny.com	Sinkholed

JavaScript (38)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-WK6ZNT	125 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-WK6ZNT IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:27:19 Last Seen2023-03-10 22:27:20 Times Seen1 Hash 7f7929f7a473ee4530e097ad69f30b28 d611b6910022533c2e740ad812bbd9612d1a3957 5387fe0774a55ffa3eca31319e50e0f853c738b3e732cdca6dc5a75b854a2f47 Loading...

	a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi	16 kB	2023-03-07	2024-01-10
Pretty URL a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi IP 66.254.114.171 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-10 17:29:43 Times Seen1642 Hash 70706313fb93351e8f1040eaabd75e27 ced0e6419eeb845fec13844780ee3431cbe6b63c 3c3f577d6cf858ea89de2dfdecbefc739187b49010823b1b6ed1b5a5ae304a50 Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	63 B	2023-03-08	2024-03-30
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:11 Last Seen2024-03-30 19:32:50 Times Seen25 Hash 15ce914bf1e316a306728b1c376f4b20 52efacf03ddab611eb25e43fb87805e5677d1551 1185ef6a2db51e08b2957437f5c51dbe022b3f51660a2bca87ee61cf290af06d Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	771 B	2023-03-10	2023-03-10
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:27:19 Last Seen2023-03-10 22:27:19 Times Seen1 Hash 792038fdbcdaac5cd6af4b2dea2ae10b b635005d88850b2c1ab7c9324c10200ec19c8545 9dc30a765174573e6bc7a51c2f1d554cc905d7e0cc383e1b01ffe6918e31e9f0 Loading...

	lcdn.tsyndicate.com/sdk/v1/b.b.js	7.9 kB	2023-03-07	2023-03-25
Pretty URL lcdn.tsyndicate.com/sdk/v1/b.b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-03-25 23:13:01 Times Seen5 Hash 8e7ac6fe743dd5356daad6f46b3e749f 790516585a7edc398f729ee37c688391c32f5048 7553acd7d60bb34b871df81991e5cc5bdbe0c9fd03b8111ff793cc8f23e63547 Loading...

	hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js	5.0 kB	2023-03-07	2024-04-22
Pretty URL hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js IP 205.185.208.20 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-22 01:12:42 Times Seen5107 Hash 5e5817bcf4c82c7c85d1d88636d221ce b5c32cc6c931c33c1297884016e13d3b9a5bf261 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	63 B	2023-03-08	2024-01-28
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:11 Last Seen2024-01-28 03:08:23 Times Seen27 Hash fbb1b4b32b97f86a5dc6b8e414af391d b4d103199cdfb00edc953a3eba8ea979f993867b ec8e1079154d2ec8bcfedae2edf4ab3f6d7cf02edae2e950358641bc82044774 Loading...

	tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=Diana,Bruce,BMWW,WonderBat,Injustice,Injustice2,Arkham,&subid=1863026-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0	1.4 kB	2023-03-07	2024-04-26
Pretty URL tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=Diana,Bruce,BMWW,WonderBat,Injustice,Injustice2,Arkham,&subid=1863026-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0 IP 136.243.134.97 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-04-26 09:01:51 Times Seen380 Hash 14fa693079da3ccca307e41d81f3cff6 ccd262db0e922a1134cf4fe73e53253fcb08044f dfa8e052e287f78786228442ae9b898f1dcc222decb8fb0705a8ef50bf73ebb1 Loading...

	a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi	1.1 kB	2023-03-10	2023-03-10
Pretty URL a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi IP 66.254.114.171 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:27:19 Last Seen2023-03-10 22:27:19 Times Seen1 Hash acb441cd3af40abc891d4b519f373128 3d39252d16c6f3080074188ba7a68d7ebbe30c34 1f19ef5368d1b8e1cda685fc2ffdedcf81cdc4baa0b74d10175606f5a5608e71 Loading...

	static.hentai-img.com/js/pc/default/init.js?t=20170430	83 B	2023-03-08	2024-03-30
Pretty URL static.hentai-img.com/js/pc/default/init.js?t=20170430 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:11 Last Seen2024-03-30 19:32:52 Times Seen99 Hash bdcf1b85c383e21e8200c806447402f3 a09f26d588d18aaf3ebf37177270e74255a61f10 8bc58db2b1a5ef5f7564afb9b7a0ded88c285b383534a51072eb2b076633e8f9 Loading...

	ndroip.com/na/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsInNyYyI6Mn0=eyJ.js	138 kB	2023-03-10	2024-02-07
Pretty URL ndroip.com/na/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsInNyYyI6Mn0=eyJ.js IP 172.67.129.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:27:19 Last Seen2024-02-07 03:27:15 Times Seen4 Hash 903212225970b1ab06488ac125a9d12e 7b46a5463f0a4b21512ad5d52095add686c6e4c9 375ec1b90aa1ffce6a58ebc53387d570bf364f09b20ba95a9f6d2ab3e654d63b Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	583 B	2023-03-08	2024-03-30
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:11 Last Seen2024-03-30 19:32:52 Times Seen56 Hash 1c2826c929502045005cdb85520c71b7 abe96c4864f9f3f322ee670af7f99f42e7381107 1236e392dd5bddaf61cbdb6af4c3736141ef526a7190544c5d27c09775ebcdd9 Loading...

	www.googletagmanager.com/gtag/js?id=G-1PLLYQLZ1L&l=dataLayer&cx=c	216 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-1PLLYQLZ1L&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:27:19 Last Seen2023-03-10 22:27:19 Times Seen1 Hash c1186551ba45e815e7ec7ee28ba8b497 9a07338608518b728e384112ac3a09df924e3627 95a4596cac2e3b7f9ebad1196001d5c67a4adf085f465003048b1be6af8e7fff Loading...

	kgdvs9ov3l2aasw4nuts.com/lv/esnk/1863026/code.js	125 kB	2023-03-10	2023-03-10
Pretty URL kgdvs9ov3l2aasw4nuts.com/lv/esnk/1863026/code.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:23:12 Last Seen2023-03-10 22:27:20 Times Seen1 Hash 51369444accb042ddf0f9ee8e84ad84d f15c06628cd70faa5d2d57e5ef558c970b43aaff 4fd8d29acd6cc8ddb12900f542cfa18f8f9c690552150c17f2bbd1f725e95f5a Loading...

	kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cluy7ejv5qzoc1a3hapiat&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6301746768908481	2.8 kB	2023-03-10	2023-03-10
Pretty URL kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cluy7ejv5qzoc1a3hapiat&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6301746768908481 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:27:19 Last Seen2023-03-10 22:27:19 Times Seen1 Hash eb8ae6ee107974f30ea8e41981f8042c d09df05978e9a56b446903ad4068c06cfd9554e2 72d77eedb43937242d9571bd97aa5022b5a675db44a4ce659bbf99bdce0adbd4 Loading...

	kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cld1dvtxovd5m9qdcqbzaw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8272071605951561	2.8 kB	2023-03-10	2023-03-10
Pretty URL kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cld1dvtxovd5m9qdcqbzaw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8272071605951561 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:27:19 Last Seen2023-03-10 22:27:19 Times Seen1 Hash 830cc20d87235d7817a3f512aae8e0a2 10bff140506f2375ad702b6b2aaa04cf9729b033 577d9f51507ce479cd80a0952343a5131177500a7a0392eda192e2f96ef9c7f2 Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	771 B	2023-03-10	2023-03-10
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:27:19 Last Seen2023-03-10 22:27:19 Times Seen1 Hash 7cb1602079687b10f3b0e84cf0bedcca bb5a08fb1d8a77274fa7141496a9545d491ba704 40d7d01aa9f380169bd6204a19f86635a3491064722fdb8fbd9f6582b542af07 Loading...

	pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XkECPDxhgbMXC0yDFmTJkWNGrMiNEijJgcMlrIqFEGxg0zY8iQkXGDhoiHc8SkIaNQxxYRIW3MgNFRJg2bOWjgENHlYZg6YzLmiBFjZsExLcTMMCMGJRkbNsLiEEOjBZmGYszM0GkGRsGfEMnYWWgjhw0ZD-HUEbNwBg7DVuHAKSyjoog5cCbqMAxjxkrAIsa0WayDRgwbN5RaJWOG4kMxbtws5GmDhtIZD9u4waiD54y-gWXTjuE55MM6MTKioUMHzhwdL16EcWGQzmwXY960eXGmDJ0XMWBoV6n0B500bcr0aAiTxtaUNWis5FJHe8cwdMb08AxaKXv3NsLAEdNDuhs0R-SBRBRHYGEEHARdcYcWbpABxxoxfKFHGjDEgYQecFRRxRR2kNdGHjiUIUUZQrihRRI0LBFHHEHMUQMRYtSwxBM0VLGGGDFEUQcbMNzxBBNfNCFHGEaQMYQVd7RRhRROPFFGFTfYEWANaMAQBBVYfDaFFWq8QYMaR9RAxxdnVJEEEVJUkQZecLRhmghvtPkmGdIJV4YbdISRRgvgnQFdnQ-NAd9CW6xUlQhwyJGVDjC4oJ1jcS3U6HaBtvlFootO-igOOTwkhx2cdfRQGWPIyaij7tXgkAh11LGmDiL8VQMOZJHVwlxmsEQDDTfc0NIMLrVww1tlmCFDGAaVQQNhD6XBmUYxuJBDozTI4EJDPnn6hbNaRTutC9Vemx5edYSRURNvTMgGG2G8UIOjIKBwRRoNvnHHHCA4QQUI2Tm6AwjzutHav3gMDMKnDMHwLgwpgHAEqWu88YIMMGRXccUgGJGGHMW-gQd2CjuKV0kZNYnXG3J8QTKsJj_ExqIiFOEEXgfZ8QXHbFBUQ6-H2YCDdp6eoVpts97wUM1fiCHHQjjgcHQZNrfxBhmr4QDS0XK8UdhDbxRFQ2BZ45HHQl-LwHFpsA5X3HHJEYSnnny24Wd00-F1R0Zd_YwXGngzle1jn2aUdZ50oNxCHW6kQYdM75IxRlc0w3zQF45DbpGbDKHV666fwSYCHW3IQJHmPdFnWGOj3VwGZF8MmjlopXc-qs1hsIEQHUUVSsOhLkkmwkFmXMXGRIG9LGmgtMHQhwIBAQ%3D%3D&s=ec6dcc3eeb001ef87c0f7091bb135ec6061fd268031c43e37f29529527426ee21667744163&w=t&r=1&d=325&priv=false	24 B	2023-03-07	2024-04-26
Pretty URL pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XkECPDxhgbMXC0yDFmTJkWNGrMiNEijJgcMlrIqFEGxg0zY8iQkXGDhoiHc8SkIaNQxxYRIW3MgNFRJg2bOWjgENHlYZg6YzLmiBFjZsExLcTMMCMGJRkbNsLiEEOjBZmGYszM0GkGRsGfEMnYWWgjhw0ZD-HUEbNwBg7DVuHAKSyjoog5cCbqMAxjxkrAIsa0WayDRgwbN5RaJWOG4kMxbtws5GmDhtIZD9u4waiD54y-gWXTjuE55MM6MTKioUMHzhwdL16EcWGQzmwXY960eXGmDJ0XMWBoV6n0B500bcr0aAiTxtaUNWis5FJHe8cwdMb08AxaKXv3NsLAEdNDuhs0R-SBRBRHYGEEHARdcYcWbpABxxoxfKFHGjDEgYQecFRRxRR2kNdGHjiUIUUZQrihRRI0LBFHHEHMUQMRYtSwxBM0VLGGGDFEUQcbMNzxBBNfNCFHGEaQMYQVd7RRhRROPFFGFTfYEWANaMAQBBVYfDaFFWq8QYMaR9RAxxdnVJEEEVJUkQZecLRhmghvtPkmGdIJV4YbdISRRgvgnQFdnQ-NAd9CW6xUlQhwyJGVDjC4oJ1jcS3U6HaBtvlFootO-igOOTwkhx2cdfRQGWPIyaij7tXgkAh11LGmDiL8VQMOZJHVwlxmsEQDDTfc0NIMLrVww1tlmCFDGAaVQQNhD6XBmUYxuJBDozTI4EJDPnn6hbNaRTutC9Vemx5edYSRURNvTMgGG2G8UIOjIKBwRRoNvnHHHCA4QQUI2Tm6AwjzutHav3gMDMKnDMHwLgwpgHAEqWu88YIMMGRXccUgGJGGHMW-gQd2CjuKV0kZNYnXG3J8QTKsJj_ExqIiFOEEXgfZ8QXHbFBUQ6-H2YCDdp6eoVpts97wUM1fiCHHQjjgcHQZNrfxBhmr4QDS0XK8UdhDbxRFQ2BZ45HHQl-LwHFpsA5X3HHJEYSnnny24Wd00-F1R0Zd_YwXGngzle1jn2aUdZ50oNxCHW6kQYdM75IxRlc0w3zQF45DbpGbDKHV666fwSYCHW3IQJHmPdFnWGOj3VwGZF8MmjlopXc-qs1hsIEQHUUVSsOhLkkmwkFmXMXGRIG9LGmgtMHQhwIBAQ%3D%3D&s=ec6dcc3eeb001ef87c0f7091bb135ec6061fd268031c43e37f29529527426ee21667744163&w=t&r=1&d=325&priv=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-26 23:29:06 Times Seen11353 Hash 0959ba36d476b6dc1994ba3c678b07c4 d30b94da72daa02766965206a85b7e0356375f5e 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 07:01:12 Times Seen37113787 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=Diana,Bruce,BMWW,WonderBat,Injustice,Injustice2,Arkham,&subid=1863026-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0	2.6 kB	2023-03-10	2023-03-10
Pretty URL tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=Diana,Bruce,BMWW,WonderBat,Injustice,Injustice2,Arkham,&subid=1863026-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0 IP 136.243.134.97 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:27:19 Last Seen2023-03-10 22:27:19 Times Seen1 Hash 2a689ebbcf7ac339722178af79ce0988 60db1055434858ba058ae4a11a251f994803025a 2e08b47c4b98d5d00b0b16fc7874239b7e26bc6a6802d5b38d5d6b88649b1d7d Loading...

	static.hentai-img.com/js/common/jquery.lazyload.min.js	3.4 kB	2023-03-07	2024-04-26
Pretty URL static.hentai-img.com/js/common/jquery.lazyload.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:01 Last Seen2024-04-26 17:39:27 Times Seen1644 Hash 5c01d7aff077b4ed0804b71c2e3ab4a1 56b4c94cff0d5fdfca579eac85da28a767607644 80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	341 B	2023-03-08	2024-03-30
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:11 Last Seen2024-03-30 19:32:50 Times Seen38 Hash ccab3cef0a87636042b6f47a77ffc534 fb5fc32176de2365f2b1f7b60b1a8ef63f70331c 64cfe92d21e59801480dbe472bfe9b2d7a2781352af7fbbbe898bde38c4259af Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	63 B	2023-03-08	2024-03-30
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:11 Last Seen2024-03-30 19:32:51 Times Seen37 Hash d39aba29761a033d6f750237781a6001 526207e2c4b49dcccf6e7b7af6ec060773f4f338 2542a321203413204b141a3448716121d5cf684cf08e21f0d2c1a8483b2a2bdf Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	344 B	2023-03-08	2023-03-10
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:11 Last Seen2023-03-10 22:27:20 Times Seen1 Hash 6cda005e4d230231d4c541a2fe663c69 ca6d2e10fd30a936e427646082fab6a5e30cd051 118540ca8954b06589868b6c6a8d2f73041a9ce1ffd083309238a4a728ae5e98 Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	63 B	2023-03-08	2024-03-30
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:11 Last Seen2024-03-30 19:32:51 Times Seen34 Hash 1c489b8cc2667f09f3bac2ea3d7535d4 2ced57466127054b86251844f767617798413cac 5985a6e22b26eea450ec73a04a96f9ebb79f8d6a330685c25912e8f990dc6632 Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	771 B	2023-03-10	2023-03-10
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:27:19 Last Seen2023-03-10 22:27:20 Times Seen1 Hash 21b4e01f9f109f3adbae083c800c4adb bb0d015b5a6b9eb3382986539efd092e1cc84211 c125dfa13eac9df0cafb9346d6ec8505f5bf42641788107e9d5ebff6df6220e7 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-27 02:03:36 Times Seen1536 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	poweredby.jads.co/adshow.php?adzone=818858	1.9 kB	2023-03-07	2023-04-05
Pretty URL poweredby.jads.co/adshow.php?adzone=818858 IP 185.94.236.247 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-04-05 02:10:48 Times Seen259 Hash 5cd62169649c11f1057fd71c875fdd2f 6abb31f47f4927bf56249c39a3ef728c57385b68 1fdcbb5a37d7a7fb4938ab8f8a73fc7b68cadb81aecacdf7ad490525e6aea3fa Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	340 B	2023-03-08	2023-07-13
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:11 Last Seen2023-07-13 05:05:01 Times Seen11 Hash 2fd083fabf860dbae96eb9cca971357d 9e4b9864570949c96f79222ce12a38e85871ed34 864c1005ae4b09a55fed70fbaf7c7c4b755ad966e31ad099d7bcb00863ce58f5 Loading...

	poweredby.jads.co/js/jads.js	3.8 kB	2023-03-07	2024-04-27
Pretty URL poweredby.jads.co/js/jads.js IP 185.94.236.247 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2024-04-27 00:04:30 Times Seen8271 Hash bc8141c4650030c41f6a98026b12ce80 af5618f7e467a207d4c64627be580283ab5640cd 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51 Loading...

	hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/	344 B	2023-03-08	2023-03-10
Pretty URL hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ IP 104.21.233.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:48:13 Last Seen2023-03-10 22:27:19 Times Seen1 Hash 9964172ed335f61756253017f25dfb26 0329c952e5845327dfceca3b1fc6e83c6dc3b39f c9d959eeeac995d8e36e98d6aa304ea139111287e59d740b2151684b37b3ebd5 Loading...

	cdn.tsyndicate.com/sdk/v1/bi.js	7.8 kB	2023-03-10	2023-03-11
Pretty URL cdn.tsyndicate.com/sdk/v1/bi.js IP 8.254.252.210 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:31:39 Last Seen2023-03-11 11:45:40 Times Seen1 Hash 16e750eceea4516ba6051fb2d239ab2a c1ef8de9e9f6ba9b0955e294ebc6210b1faffb21 c209424fefcd29b9993f117e7de00eaa5e890beb2fb01e773904d56faef21edf Loading...

	a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi	1.3 kB	2023-03-10	2023-03-10
Pretty URL a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi IP 66.254.114.171 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:27:19 Last Seen2023-03-10 22:27:19 Times Seen1 Hash 17d2d05c9a2a0083e10c65a1d3046485 e8abda07a930a015688b2331d807ab822ab7522a b67e8a07537f068e1db4d2dd11265064e98bb1fe067490ca40d47f501a10b83b Loading...

	hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js	17 kB	2023-03-07	2024-04-22
Pretty URL hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js IP 209.197.3.25 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-22 01:12:42 Times Seen5483 Hash 48c80c7c28b5b00a8b4ff94a22b72fe3 d57303c2ad2fd5cedc5cb20f264a6965a7819cee 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Loading...

	static.hentai-img.com/js/common/jquery-2.2.4.min.js	86 kB	2023-03-07	2024-04-27
Pretty URL static.hentai-img.com/js/common/jquery-2.2.4.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 06:57:20 Times Seen384976 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

		Size	First Seen	Last Seen
	#1 Write - e1a43885b9fe834e948d5a3aa8a47aae	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 21:47:11 Last Seen2023-03-10 22:27:20 Times Seen1 Hash e1a43885b9fe834e948d5a3aa8a47aae 69a12038a27c5a1a48e4b826544691d0a6344391 bb67d3ad446b7671cf2a59049e56c37b0d236cb1d38deec76409dc49cba475a1 Loading...

	#2 Write - 51da9be7e445a720f8165980dcbc9980	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 21:48:14 Last Seen2023-03-10 22:27:19 Times Seen1 Hash 51da9be7e445a720f8165980dcbc9980 17d332425c75067899278886fa4b71f267da9406 b981e4b0711845a01cc6b5e0371a655b937f23c4ca10fdf5054d6c1b505241ab Loading...

	#3 Write - 446a561055578b09bee3acc3e05668f3	240 B	2023-03-08	2023-03-29
Pretty Observations First Seen2023-03-08 21:47:11 Last Seen2023-03-29 22:58:32 Times Seen3 Hash 446a561055578b09bee3acc3e05668f3 ba4ede386c511bf968642972dccb2a90e4a9e2a5 c353ec8713cbaf58a833dfe379ddd5cef2cbac518de5e08c2d309c72568af99c Loading...

HTTP Transactions (108)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16922
Expires: Sun, 06 Nov 2022 18:58:02 GMT
Date: Sun, 06 Nov 2022 14:16:00 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3076
Cache-Control: max-age=162379
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:00 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:22:19 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3083
Cache-Control: max-age=162386
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:00 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:22:26 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9548
Expires: Sun, 06 Nov 2022 16:55:08 GMT
Date: Sun, 06 Nov 2022 14:16:00 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8igobRsGN+FfwDCYeT2i33WTCfU0k9RlybjX97FA2ANhLPRgx5wQPOrQNOwALhTIhh8VkIZSRnc=
x-amz-request-id: PHBXFP1C9BMYX8E9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 13:47:39 GMT
age: 1701
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/

104.21.233.195

301 Moved Permanently

162 B

URL HTTP/1.1
hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/
IP
104.21.233.195:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ HTTP/1.1
Host: hentai-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 06 Nov 2022 14:16:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpPwrNhfem3KbqVvR3hYPpQrtGmpDkGFuJ4WSWGGwuZz9tECcPPjAGByoHTZhVMd5h2F4D9EtM2XCOXwOca5iirTh6NnWhf087Ncu%2BPrL2osul9RX0noIKZ1pdovKf2Tbg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 765e71ca185f7470-LHR
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5b0034d81c83dcb5f631c55834cace7e
c1da2df4938d56381bd1abf1c8f60b79e91bb322
6b60179e4cf239cf648662b21263e6569cc88310ea9b4840fc2c6db1a4ecdc9c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5995
Cache-Control: max-age=121343
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Etag: "6366e135-118"
Expires: Mon, 07 Nov 2022 23:58:24 GMT
Last-Modified: Sat, 05 Nov 2022 22:18:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4399
Cache-Control: max-age=158649
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 10:20:10 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5b0034d81c83dcb5f631c55834cace7e
c1da2df4938d56381bd1abf1c8f60b79e91bb322
6b60179e4cf239cf648662b21263e6569cc88310ea9b4840fc2c6db1a4ecdc9c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5995
Cache-Control: max-age=121343
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Etag: "6366e135-118"
Expires: Mon, 07 Nov 2022 23:58:24 GMT
Last-Modified: Sat, 05 Nov 2022 22:18:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-M86Q28D

142.250.74.168

200 OK

48 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-M86Q28D
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3560)
Size
48 kB (48536 bytes)
Hash
ec670be7dccf1fb80ee77245eecf69a4
d99e483c08ce76a3cfe3ceff7b4fb79b792c75da
164825c8409954b683f4935487f4b5dd63ae1ce719ecf795673485745d1ac9ba

HTTP Headers

GET /gtm.js?id=GTM-M86Q28D HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 14:16:01 GMT
expires: Sun, 06 Nov 2022 14:16:01 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48536
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-WK6ZNT

142.250.74.168

200 OK

48 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-WK6ZNT
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3060)
Size
48 kB (47764 bytes)
Hash
bbddb5b493d66a94f320b10f52b133ba
b7ad985d0123fed47e330ab8e96ae4fde17a7b0e
a6cd3061a45617e8bb1321de75a2980ab15ed6ff9a47fd44df1595119266915d

HTTP Headers

GET /gtm.js?id=GTM-WK6ZNT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 14:16:01 GMT
expires: Sun, 06 Nov 2022 14:16:01 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.165.41.15

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.41.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Vn/vcmNHhyegVf7GIcYCdg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QcZD6JN+C3DENiTdYRLp9bTBjX0=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a78c7467c322e799f8513654eb5582b1
21306833405b7c7175d64802acc12876afe22317
4a760590021c35fd8dca03afe99c2ad37e6269881ddd09dbdb658cdf3c8bf76d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A760590021C35FD8DCA03AFE99C2AD37E6269881DDD09DBDB658CDF3C8BF76D"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8405
Expires: Sun, 06 Nov 2022 16:36:06 GMT
Date: Sun, 06 Nov 2022 14:16:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a78c7467c322e799f8513654eb5582b1
21306833405b7c7175d64802acc12876afe22317
4a760590021c35fd8dca03afe99c2ad37e6269881ddd09dbdb658cdf3c8bf76d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A760590021C35FD8DCA03AFE99C2AD37E6269881DDD09DBDB658CDF3C8BF76D"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8405
Expires: Sun, 06 Nov 2022 16:36:06 GMT
Date: Sun, 06 Nov 2022 14:16:01 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ccc5fc7881ae121dc64d4ab30839f884
186c3eda3d6b466b7ae72e32e65aa82579421ca3
9116e12bf9b747761061f6ac5f32d4564890485edd1a8e6e3bce3c99fde2cf6b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 20:27:02 GMT
Expires: Fri, 11 Nov 2022 20:27:01 GMT
Etag: "186c3eda3d6b466b7ae72e32e65aa82579421ca3"
Cache-Control: max-age=453659,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765e71d0ffaab50f-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ccc5fc7881ae121dc64d4ab30839f884
186c3eda3d6b466b7ae72e32e65aa82579421ca3
9116e12bf9b747761061f6ac5f32d4564890485edd1a8e6e3bce3c99fde2cf6b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 20:27:02 GMT
Expires: Fri, 11 Nov 2022 20:27:01 GMT
Etag: "186c3eda3d6b466b7ae72e32e65aa82579421ca3"
Cache-Control: max-age=453659,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765e71d19ba91c02-OSL

poweredby.jads.co/js/jads.js

185.94.236.247

301 Moved Permanently

178 B

URL HTTP/1.1
poweredby.jads.co/js/jads.js
IP
185.94.236.247:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js

poweredby.jads.co/js/jads2.js

185.94.236.247

200 OK

1.7 kB

URL HTTP/1.1
poweredby.jads.co/js/jads2.js
IP
185.94.236.247:0
ASN
#42567 Mojohost B.v.

File type
ASCII text, with very long lines (3758), with no line terminators
Size
1.7 kB (1719 bytes)
Hash
558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54

HTTP Headers

GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ccc5fc7881ae121dc64d4ab30839f884
186c3eda3d6b466b7ae72e32e65aa82579421ca3
9116e12bf9b747761061f6ac5f32d4564890485edd1a8e6e3bce3c99fde2cf6b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 20:27:02 GMT
Expires: Fri, 11 Nov 2022 20:27:01 GMT
Etag: "186c3eda3d6b466b7ae72e32e65aa82579421ca3"
Cache-Control: max-age=453659,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765e71d1ce89b4f7-OSL

seizedpenholdercranny.com/f325dc2bdcd9ba00a1c3fc7fb719f96a/invoke.js

192.243.59.20

403 Forbidden

0 B

URL HTTP/1.1
seizedpenholdercranny.com/f325dc2bdcd9ba00a1c3fc7fb719f96a/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /f325dc2bdcd9ba00a1c3fc7fb719f96a/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

seizedpenholdercranny.com/a7/bf/87/a7bf874835d806f885e035b6acb3f0eb.js

192.243.59.20

403 Forbidden

0 B

URL HTTP/1.1
seizedpenholdercranny.com/a7/bf/87/a7bf874835d806f885e035b6acb3f0eb.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /a7/bf/87/a7bf874835d806f885e035b6acb3f0eb.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

seizedpenholdercranny.com/05/56/52/055652d312c99a6037d12337a6a1a7a4.js

192.243.59.20

403 Forbidden

0 B

URL HTTP/1.1
seizedpenholdercranny.com/05/56/52/055652d312c99a6037d12337a6a1a7a4.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /05/56/52/055652d312c99a6037d12337a6a1a7a4.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:01 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js

192.243.59.20

403 Forbidden

0 B

URL HTTP/1.1
seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5e6875da5961e81ed9244698fd54f94d/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

seizedpenholdercranny.com/7fd078e363f567e6039e684e541f9020/invoke.js

192.243.59.20

403 Forbidden

0 B

URL HTTP/1.1
seizedpenholdercranny.com/7fd078e363f567e6039e684e541f9020/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /7fd078e363f567e6039e684e541f9020/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==

185.162.85.2

200 OK

0 B

URL HTTP/2
tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==
IP
185.162.85.2:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw== HTTP/1.1
Host: tgpsew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 06 Nov 2022 14:16:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
X-Firefox-Spdy: h2

seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js

192.243.59.20

403 Forbidden

0 B

URL HTTP/1.1
seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5e6875da5961e81ed9244698fd54f94d/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js

192.243.59.20

403 Forbidden

0 B

URL HTTP/1.1
seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5e6875da5961e81ed9244698fd54f94d/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

region1.google-analytics.com/g/collect?v=2&tid=G-1PLLYQLZ1L&gtm=2oeb20&_p=2007868336&cid=1491090052.1667744160&ul=en-us&sr=1280x1024&_s=1&sid=1667744159&sct=1&seg=0&dl=https%3A%2F%2Fhentai-img.com%2Fimage%2Fdiana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3%2Fpage%2F18%2F&dt=Diana%20Bruce%20BMWW%20WonderBat%20-%20Injustice%2FInjustice2%2FArkham%2FDC%20-%2018%20-%20Hentai%20Image&en=page_view&_fv=1&_nsi=1&_ss=1&ep.useAmpClientId=true

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-1PLLYQLZ1L&gtm=2oeb20&_p=2007868336&cid=1491090052.1667744160&ul=en-us&sr=1280x1024&_s=1&sid=1667744159&sct=1&seg=0&dl=https%3A%2F%2Fhentai-img.com%2Fimage%2Fdiana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3%2Fpage%2F18%2F&dt=Diana%20Bruce%20BMWW%20WonderBat%20-%20Injustice%2FInjustice2%2FArkham%2FDC%20-%2018%20-%20Hentai%20Image&en=page_view&_fv=1&_nsi=1&_ss=1&ep.useAmpClientId=true
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-1PLLYQLZ1L&gtm=2oeb20&_p=2007868336&cid=1491090052.1667744160&ul=en-us&sr=1280x1024&_s=1&sid=1667744159&sct=1&seg=0&dl=https%3A%2F%2Fhentai-img.com%2Fimage%2Fdiana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3%2Fpage%2F18%2F&dt=Diana%20Bruce%20BMWW%20WonderBat%20-%20Injustice%2FInjustice2%2FArkham%2FDC%20-%2018%20-%20Hentai%20Image&en=page_view&_fv=1&_nsi=1&_ss=1&ep.useAmpClientId=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://hentai-img.com
date: Sun, 06 Nov 2022 14:16:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

seizedpenholdercranny.com/7fd078e363f567e6039e684e541f9020/invoke.js

192.243.59.20

403 Forbidden

0 B

URL HTTP/1.1
seizedpenholdercranny.com/7fd078e363f567e6039e684e541f9020/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /7fd078e363f567e6039e684e541f9020/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js

192.243.59.20

403 Forbidden

0 B

URL HTTP/1.1
seizedpenholdercranny.com/5e6875da5961e81ed9244698fd54f94d/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5e6875da5961e81ed9244698fd54f94d/invoke.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cluy7ejv5qzoc1a3hapiat&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6301746768908481

62.122.171.6

200 OK

1.1 kB

URL HTTP/2
kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cluy7ejv5qzoc1a3hapiat&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6301746768908481
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
HTML document, ASCII text, with very long lines (2794), with no line terminators
Size
1.1 kB (1063 bytes)
Hash
c34e8bbff8d881d37eb9511e6da27354
5749ba3a0843cf9966273cdeb59b4c6e12c228e3
1dfc59dc8a763af09b45213d754b257605f61124eeb8fcb5d2a8ea82550e6635

HTTP Headers

GET /get/1863026?zoneid=1863026&jp=_cluy7ejv5qzoc1a3hapiat&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6301746768908481 HTTP/1.1
Host: kgdvs9ov3l2aasw4nuts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:02 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2211060916a0b0b6a42e0140b58054d99786; Path=/; Expires=Mon, 06 Nov 2023 14:16:02 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9459
Expires: Sun, 06 Nov 2022 16:53:41 GMT
Date: Sun, 06 Nov 2022 14:16:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9459
Expires: Sun, 06 Nov 2022 16:53:41 GMT
Date: Sun, 06 Nov 2022 14:16:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9459
Expires: Sun, 06 Nov 2022 16:53:41 GMT
Date: Sun, 06 Nov 2022 14:16:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9459
Expires: Sun, 06 Nov 2022 16:53:41 GMT
Date: Sun, 06 Nov 2022 14:16:02 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8309 bytes)
Hash
3929fb3c2f0dad9409e9b247ab891518
b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JpXdvmvvQH1vfmG3IY6l-viZNIwPCuCBMdnRl78XNVFNE2FgSxqXJA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:14:38 GMT
age: 57684
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

185.162.85.2

200 OK

0 B

URL HTTP/2
tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==
IP
185.162.85.2:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw== HTTP/1.1
Host: tgpsew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 06 Nov 2022 14:16:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14415 bytes)
Hash
fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1rzBJigxxARLwKhQ_2PvkVnWD2wUH9UPfyVKIe9lmvtmtMRwWjR21g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:20 GMT
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
age: 57522
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7573 bytes)
Hash
b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 03:24:54 GMT
age: 39068
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
15 kB (15073 bytes)
Hash
1a199e0a298bde82f2cd088893621f86
f80bef4820d108abe01cf0131c8531f6b396e31b
6a304290b335f53f62c582571e21bf2571f45283b0cf49468c2b837c5d7cbd52

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OR8zISm84Iz0FL3Km-aQOHSnjROX2-S_lKloAhMAThT17igEWRbxkA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 59502
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11535 bytes)
Hash
b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gjEERXiPH4yDHtW87u7qRDYz1A2DKKlkYXKVC3F9VshnRvhh2wSaSQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:08:57 GMT
age: 58025
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 09:11:34 GMT
age: 18268
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

185.162.85.2

200 OK

0 B

URL HTTP/2
tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==
IP
185.162.85.2:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ntload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw== HTTP/1.1
Host: tgpsew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
X-Firefox-Spdy: h2

seizedpenholdercranny.com/05/56/52/055652d312c99a6037d12337a6a1a7a4.js

192.243.59.20

403 Forbidden

0 B

URL HTTP/1.1
seizedpenholdercranny.com/05/56/52/055652d312c99a6037d12337a6a1a7a4.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /05/56/52/055652d312c99a6037d12337a6a1a7a4.js HTTP/1.1
Host: seizedpenholdercranny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 14:16:03 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cld1dvtxovd5m9qdcqbzaw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8272071605951561

62.122.171.6

200 OK

1.1 kB

URL HTTP/2
kgdvs9ov3l2aasw4nuts.com/get/1863026?zoneid=1863026&jp=_cld1dvtxovd5m9qdcqbzaw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8272071605951561
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
HTML document, ASCII text, with very long lines (2794), with no line terminators
Size
1.1 kB (1069 bytes)
Hash
a2d4e78a9e116d008ce98a95a0c94e9c
63c383f48be7d544b5fddb27d81b1a80cb47a57a
a490a98b14931fd547e41785eba0ceac37f1ce50de3e3cc0a4ed605882028ea4

HTTP Headers

GET /get/1863026?zoneid=1863026&jp=_cld1dvtxovd5m9qdcqbzaw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8272071605951561 HTTP/1.1
Host: kgdvs9ov3l2aasw4nuts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Cookie: UID=2211060916a0b0b6a42e0140b58054d99786
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

prhzxq.com/wnload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==&t1809=a

185.162.85.14

200 OK

0 B

URL HTTP/2
prhzxq.com/wnload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==&t1809=a
IP
185.162.85.14:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wnload?a=1&e=aeyJwaWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsImQiOiJoZW50YWktaW1nLmNvbSIsImxpIjoxfQ==&tz=0&if=0&u=aHR0cHM6Ly9oZW50YWktaW1nLmNvbS9pbWFnZS9kaWFuYS1icnVjZS1ibXd3LXdvbmRlcmJhdC1pbmp1c3RpY2Vpbmp1c3RpY2UyYXJraGFtZGMtMy9wYWdlLzE4Lw==&t1809=a HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
fb3ff64b07de3c9234ed0464308ca4f8
3ae2c63658d7710b6281740bbf03598a19fc2f0b
8cecf14b555b844ef4001d772e5a1cd9bd4607d104c7f285370eefc65d2fb599

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3336
Cache-Control: max-age=145712
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:03 GMT
Etag: "63674acb-118"
Expires: Tue, 08 Nov 2022 06:44:35 GMT
Last-Modified: Sun, 06 Nov 2022 05:48:59 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 280

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
dea056e741a51b904bd5985967a5fa6c
cf2e9e2ffbfa7e487a24f4cc835ce7045489036e
e6af924f1e246c597fa2b9fb4b0aa052d0c9932e711280699bfff9ccc22f2b07

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 05:56:25 GMT
Expires: Fri, 11 Nov 2022 05:56:24 GMT
Etag: "cf2e9e2ffbfa7e487a24f4cc835ce7045489036e"
Cache-Control: max-age=401420,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765e71dd5c9ab50f-OSL

cdn.tsyndicate.com/sdk/v1/bi.js

8.254.252.210

200 OK

3.3 kB

URL HTTP/2
cdn.tsyndicate.com/sdk/v1/bi.js
IP
8.254.252.210:0
ASN
#3356 LEVEL3

File type
C source, ASCII text, with very long lines (7738)
Size
3.3 kB (3312 bytes)
Hash
5aeb7a05ea5e045c01ea950119cc59ec
f67d9780bf337f85d3e1edd4db32a1a0b39eee00
3c21c1d6f1ed0813bbcf9510c45a68dab51ab206ba2b710e795865fe7b9a9bf8

HTTP Headers

GET /sdk/v1/bi.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: application/javascript
content-length: 3312
last-modified: Wed, 02 Nov 2022 12:54:39 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6362688f-1e83"
age: 349746
accept-ranges: bytes
X-Firefox-Spdy: h2

kiynew.com/admc?a=2&pid=1097448&sid=1107262&wid=233936&fp=9e4947f35751465411fd1a4f5c358c78&tz=0

185.162.85.1

200 OK

0 B

URL HTTP/2
kiynew.com/admc?a=2&pid=1097448&sid=1107262&wid=233936&fp=9e4947f35751465411fd1a4f5c358c78&tz=0
IP
185.162.85.1:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /admc?a=2&pid=1097448&sid=1107262&wid=233936&fp=9e4947f35751465411fd1a4f5c358c78&tz=0 HTTP/1.1
Host: kiynew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 06 Nov 2022 14:16:03 GMT
content-length: 0
access-control-allow-origin: https://hentai-img.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

hentai-cosplays.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal

172.67.159.253

200 OK

833 B

URL HTTP/2
hentai-cosplays.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal
IP
172.67.159.253:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
833 B (833 bytes)
Hash
9f934e95a89f8bb851690e0b09d6d88e
6a746028801b96881299fd14ce2e16cb43cec31f
bb830eafe76393bc212cffc1341deeb06fa46e38298c0a35bd4a1f79843971e8

HTTP Headers

POST /api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal HTTP/1.1
Host: hentai-cosplays.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent, User-Agent
link: <https://hentai-cosplays.com/search/tag/anal/>; rel="canonical"
access-control-allow-origin: *
fastcgi-cache: HIT
x-frame-options: SAMEORIGIN, SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBJaoiUsN7J8VSA6QZqRW4b9y2oxIRR9FEC8E3AOT%2Bq%2BlOzrSzTpUTH9laV9iEx3zlXx7F8lFlMXuVTjRLhUgd%2FjnQIpAD5h68E1lh7NSsSGSLShbdWHzhCJs7tH0jUjd5speeGi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71deaf12b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 06 Nov 2022 12:41:09 GMT
expires: Sun, 06 Nov 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 5694
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
3b1d5b045ac562db2488148742100542
cccc5fd7170882ce41c3bd83ce14fc4d38238b84
7d95261eaadd07d0129afcc595838d8abac7158f8460ef70a2a76cdfe130fb32

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 15:56:18 GMT
Expires: Sat, 12 Nov 2022 15:56:17 GMT
Etag: "cccc5fd7170882ce41c3bd83ce14fc4d38238b84"
Cache-Control: max-age=523813,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765e71e0ab281c02-OSL

tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=Diana,Bruce,BMWW,WonderBat,Injustice,Injustice2,Arkham,&subid=1863026-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0

136.243.134.97

200 OK

5.3 kB

URL HTTP/2
tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=Diana,Bruce,BMWW,WonderBat,Injustice,Injustice2,Arkham,&subid=1863026-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0
IP
136.243.134.97:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3932)
Size
5.3 kB (5334 bytes)
Hash
e69b0c814c76a8130da7460ddf2a1142
adf58fdd26d13becdccafc416564a1866142a925
3cf4c54aed111e4868fbd913ce80f4888890ebb2d80f556b56a807ff925f0638

HTTP Headers

GET /iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=Diana,Bruce,BMWW,WonderBat,Injustice,Injustice2,Arkham,&subid=1863026-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 1bc9bfcb2d086799
set-cookie: ts_uid=6258fbfb-3df1-4477-a3ab-7d1ef2aade4b; expires=Sat, 06 May 2023 14:16:03 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsHEDxwwYNRh26aMg; expires=Mon, 07 Nov 2022 14:16:03 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

poweredby.jads.co/adshow.php?adzone=818858

185.94.236.247

200 OK

1.9 kB

URL HTTP/1.1
poweredby.jads.co/adshow.php?adzone=818858
IP
185.94.236.247:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Size
1.9 kB (1912 bytes)
Hash
39e49f0b8b8659b2f9338016d8090d5d
dc9acacc95afcc6a1cdfa3888b52dfff0a457cf3
28aa1a4f215c96c3b9bfda0d8a17e41a3773fc9e2dc0f817f83b6eab03bc7180

HTTP Headers

GET /adshow.php?adzone=818858 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; expires=Mon, 06-Nov-2023 14:16:02 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzg7aToxNjY4MDAzMzYyO30%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
842c72cb340239a72af3417e7f8164bb
993e6ec5fc63c97ae8f18f8e532917ad2542ee06
fec14353381b2a276e7864de7d89101dc19ed5f96acdc33a9217bb90def72c45

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5025
Cache-Control: max-age=97723
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Etag: "636688be-139"
Expires: Mon, 07 Nov 2022 17:24:47 GMT
Last-Modified: Sat, 05 Nov 2022 16:01:02 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313

ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

216.58.207.206

200 OK

94 B

URL HTTP/2
ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
c2144a6b5539facf69724cd8b26dcd81
4893942b88fdcc2e7c9ae52ecc1da5774855b27f
b293ac83010e12a3b2c3efc7185fb005ab4c64c1fa023747a3cb05d53b772115

HTTP Headers

POST /v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM HTTP/1.1
Host: ampcid.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 33
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 06 Nov 2022 14:16:04 GMT
server: ESF
cache-control: private
content-length: 94
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://hentai-img.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i.jads.co/ads/juicyads_black.gif

69.16.175.10

200 OK

2.2 kB

URL HTTP/2
i.jads.co/ads/juicyads_black.gif
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
GIF image data, version 89a, 62 x 24\012- data
Size
2.2 kB (2193 bytes)
Hash
4dffc647a404d4297cd77b3974cd666e
c4a02f126e24601bd9288a4080eea39adb472e6f
b1e12c59a9b1d3e8447d6a7aeb584101c71751561b98f3f0162f58f1e617c7fb

HTTP Headers

GET /ads/juicyads_black.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YToxOntpOjEzMTk2Nzg7aToxNjY4MDAzMzYyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:04 GMT
etag: "1456941299"
cache-control: max-age=20426288
content-length: 2193
content-type: image/gif
last-modified: Wed, 02 Mar 2016 17:54:59 GMT
accept-ranges: bytes
x-hw: 1667744164.dop207.sk1.t,1667744164.cds225.sk1.hn,1667744164.cds263.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.jads.co/network/user81419/47386-1642692260-0719830001642692260.gif

69.16.175.10

200 OK

92 kB

URL HTTP/2
i.jads.co/network/user81419/47386-1642692260-0719830001642692260.gif
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
GIF image data, version 89a, 300 x 250\012- data
Size
92 kB (91468 bytes)
Hash
efce1909a426b6848e64f728ff234d1f
44b701160776dd5d73fdc33abdb725e567806c48
443431deee747fc76f1cde9f5d23eba8f9284dbbd6aae342f7367386bd606da8

HTTP Headers

GET /network/user81419/47386-1642692260-0719830001642692260.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YToxOntpOjEzMTk2Nzg7aToxNjY4MDAzMzYyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:04 GMT
etag: "1642692260"
cache-control: max-age=9017729
content-length: 91468
content-type: image/gif
last-modified: Thu, 20 Jan 2022 15:24:20 GMT
accept-ranges: bytes
x-hw: 1667744164.dop207.sk1.t,1667744164.cds225.sk1.hn,1667744164.cds228.sk1.c
X-Firefox-Spdy: h2

i.jads.co/1x1.gif

69.16.175.10

200 OK

43 B

URL HTTP/2
i.jads.co/1x1.gif
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

HTTP Headers

GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YToxOntpOjEzMTk2Nzg7aToxNjY4MDAzMzYyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:04 GMT
etag: "1457030838"
cache-control: max-age=19481102
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1667744164.dop207.sk1.t,1667744164.cds225.sk1.hn,1667744164.cds217.sk1.c
X-Firefox-Spdy: h2

hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js

205.185.208.20

200 OK

5.0 kB

URL HTTP/1.1
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP
205.185.208.20:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (5027), with no line terminators
Size
5.0 kB (5027 bytes)
Hash
5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c

HTTP Headers

GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:04 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10457713
X-HW: 1667744164.dop231.sk1.t,1667744164.cds015.sk1.shn,1667744164.cds015.sk1.c
Access-Control-Allow-Origin: *

hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js

209.197.3.25

200 OK

17 kB

URL HTTP/1.1
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP
209.197.3.25:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (16885), with no line terminators
Size
17 kB (16885 bytes)
Hash
48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

HTTP Headers

GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:04 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10421307
X-HW: 1667744164.dop224.sk1.t,1667744164.cds067.sk1.shn,1667744164.cds067.sk1.c
Access-Control-Allow-Origin: *

hw-cdn2.ang-content.com/a7/creatives/24/124/814208/1027236/1027236_logo.png

205.185.208.20

200 OK

3.2 kB

URL HTTP/1.1
hw-cdn2.ang-content.com/a7/creatives/24/124/814208/1027236/1027236_logo.png
IP
205.185.208.20:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3236 bytes)
Hash
4c291fddf374f420d3645fe505286658
6539ef9a49e9a2af5c91f21ccfd8c404be9a56d7
530eeb89457746b4902702ebce75ce75a441f7812a48109aa585204c80cdef03

HTTP Headers

GET /a7/creatives/24/124/814208/1027236/1027236_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:16:04 GMT
Connection: Keep-Alive
ETag: "1648065983"
Content-Length: 3236
Content-Type: image/png
Last-Modified: Wed, 23 Mar 2022 20:06:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10419479
X-HW: 1667744164.dop212.sk1.t,1667744164.cds210.sk1.shn,1667744164.cds210.sk1.c
Access-Control-Allow-Origin: *

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ampcid.google.no/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

142.250.74.110

200 OK

23 B

URL HTTP/2
ampcid.google.no/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
23 B (23 bytes)
Hash
e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9

HTTP Headers

POST /v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM HTTP/1.1
Host: ampcid.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 33
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 06 Nov 2022 14:16:04 GMT
server: ESF
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://hentai-img.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hw-cdn2.ang-content.com/a7/creatives/24/124/814208/1027236/1027236_video.mp4

205.185.208.20

206 Partial Content

500 kB

URL HTTP/1.1
hw-cdn2.ang-content.com/a7/creatives/24/124/814208/1027236/1027236_video.mp4
IP
205.185.208.20:0
ASN
#20446 STACKPATH-CDN

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
500 kB (500419 bytes)
Hash
44e5f830d5d1f375bb9d855537e814ed
cd051f8ef2cff4f3a918ecb0a46eaab471527d28
ead5ac046fc34503734d1ddd54437d44b78671a5ea6268dd994fbf99052f4271

HTTP Headers

GET /a7/creatives/24/124/814208/1027236/1027236_video.mp4 HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 206 Partial Content
Date: Sun, 06 Nov 2022 14:16:04 GMT
Connection: Keep-Alive
ETag: "1648066132"
Content-Length: 500419
Content-Range: bytes 0-500418/500419
Content-Type: video/mp4
Last-Modified: Wed, 23 Mar 2022 20:08:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10395865
X-HW: 1667744164.dop231.sk1.t,1667744164.cds015.sk1.shn,1667744164.cds015.sk1.c
Access-Control-Allow-Origin: *

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

poweredby.jads.co/adshow.php?adzone=681607

185.94.236.247

200 OK

1.7 kB

URL HTTP/1.1
poweredby.jads.co/adshow.php?adzone=681607
IP
185.94.236.247:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (409), with CRLF, LF line terminators
Size
1.7 kB (1652 bytes)
Hash
2b8c645ba650ff02caf55e670b4bd31a
e5df76da81f15d7f0bfd7d7320e214c336ee7575
3224f23c8f737e8f59a2c88cfec212c59bd9881d57388cd7ee2b671685353624

HTTP Headers

GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; expires=Mon, 06-Nov-2023 14:16:02 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzYyO30%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTI0Iiwic2lkIjoiMTAwMDUzNjMiLCJuaWRzIjoiMzkwNTMiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMjcyMzYiLCJzdiI6IjI2NDUiLCJyZWZfZG1uIjoidHN5bmRpY2F0ZS5jb20iLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiQUZGIiwiY3JjIjoiNSIsImNuIjoiMzAwWDI1MF9BTkdFTE9fQklHU1BPVFMiLCJuaWQiOiIzOTA1MyIsImV4dF9wdWIiOiIiLCJjcnAiOiI1MCIsInRpZCI6IjIiLCJpdCI6IjA2XC9Ob3ZcLzIwMjI6MTQ6MTY6MDQgKzAwMDAiLCJjYyI6IjEiLCJzbmNpZCI6IjEwNDc1MCIsImNpZCI6IjM4NTMzIiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTk5NzA1MCIsImlpZCI6ImVmYjY3Y2UwMjhlZDVlMzE4ZDliZjEyNzRmNWRkYWIyIiwiZXh0X2lpZCI6IiJ9?unique_view=1

66.254.114.171

200 OK

44 B

URL HTTP/2
a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTI0Iiwic2lkIjoiMTAwMDUzNjMiLCJuaWRzIjoiMzkwNTMiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMjcyMzYiLCJzdiI6IjI2NDUiLCJyZWZfZG1uIjoidHN5bmRpY2F0ZS5jb20iLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiQUZGIiwiY3JjIjoiNSIsImNuIjoiMzAwWDI1MF9BTkdFTE9fQklHU1BPVFMiLCJuaWQiOiIzOTA1MyIsImV4dF9wdWIiOiIiLCJjcnAiOiI1MCIsInRpZCI6IjIiLCJpdCI6IjA2XC9Ob3ZcLzIwMjI6MTQ6MTY6MDQgKzAwMDAiLCJjYyI6IjEiLCJzbmNpZCI6IjEwNDc1MCIsImNpZCI6IjM4NTMzIiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTk5NzA1MCIsImlpZCI6ImVmYjY3Y2UwMjhlZDVlMzE4ZDliZjEyNzRmNWRkYWIyIiwiZXh0X2lpZCI6IiJ9?unique_view=1
IP
66.254.114.171:0
ASN
#29789 REFLECTED

File type
data
Size
44 B (44 bytes)
Hash
46ecf9d696a1bc3b0bc9ee688eaaf95d
5d01f30056514f78b67e7591808dd200eb24f965
b9a429cbc756964c7aadaee5626ff7709843905ddb13f34199e38974e6f4e3e4

HTTP Headers

GET /track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTI0Iiwic2lkIjoiMTAwMDUzNjMiLCJuaWRzIjoiMzkwNTMiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMjcyMzYiLCJzdiI6IjI2NDUiLCJyZWZfZG1uIjoidHN5bmRpY2F0ZS5jb20iLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiQUZGIiwiY3JjIjoiNSIsImNuIjoiMzAwWDI1MF9BTkdFTE9fQklHU1BPVFMiLCJuaWQiOiIzOTA1MyIsImV4dF9wdWIiOiIiLCJjcnAiOiI1MCIsInRpZCI6IjIiLCJpdCI6IjA2XC9Ob3ZcLzIwMjI6MTQ6MTY6MDQgKzAwMDAiLCJjYyI6IjEiLCJzbmNpZCI6IjEwNDc1MCIsImNpZCI6IjM4NTMzIiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTk5NzA1MCIsImlpZCI6ImVmYjY3Y2UwMjhlZDVlMzE4ZDliZjEyNzRmNWRkYWIyIiwiZXh0X2lpZCI6IiJ9?unique_view=1 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi
Cookie: adtool_guid=Ch5KEmNnwaQNGiIEORHCAg==; RNLBSERVERID=ded7041
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 06 Nov 2022 14:16:04 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
x-request-id: 6367C1A4-42FE72AB01BBE7F0-FFCF765
X-Firefox-Spdy: h2

i.jads.co/network/user81419/47386-1642692278-0950151001642692278.gif

69.16.175.10

200 OK

131 kB

URL HTTP/2
i.jads.co/network/user81419/47386-1642692278-0950151001642692278.gif
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
GIF image data, version 89a, 300 x 250\012- data
Size
131 kB (130640 bytes)
Hash
96f98a033b3ad783020a5025b13acf2e
cfc5f149793ed9ea5f95c87865316d7b8376e2bf
3aa5120f48e5cadfd2bfd5d5947ef4ecff76bc4928f17281f90f5cac9de4f161

HTTP Headers

GET /network/user81419/47386-1642692278-0950151001642692278.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzYyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:04 GMT
etag: "1642692278"
cache-control: max-age=6537108
content-length: 130640
content-type: image/gif
last-modified: Thu, 20 Jan 2022 15:24:38 GMT
accept-ranges: bytes
x-hw: 1667744164.dop207.sk1.t,1667744164.cds225.sk1.hn,1667744164.cds204.sk1.c
X-Firefox-Spdy: h2

pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=hentai-img.com&et=138

148.251.152.17

200 OK

0 B

URL HTTP/2
pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=hentai-img.com&et=138
IP
148.251.152.17:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=hentai-img.com&et=138 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Cookie: ts_uid=6258fbfb-3df1-4477-a3ab-7d1ef2aade4b; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsHEDxwwYNRh26aMg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:04 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&gjid=2014844024&_gid=1398077576.1667744162&_u=YCDAgAABAAQCAG~&z=1311809904

64.233.162.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&gjid=2014844024&_gid=1398077576.1667744162&_u=YCDAgAABAAQCAG~&z=1311809904
IP
64.233.162.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&gjid=2014844024&_gid=1398077576.1667744162&_u=YCDAgAABAAQCAG~&z=1311809904 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://hentai-img.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&gjid=2047073273&_gid=1398077576.1667744162&_u=YADAAAAAAAQCAC~&z=559751049

64.233.162.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&gjid=2047073273&_gid=1398077576.1667744162&_u=YADAAAAAAAQCAC~&z=559751049
IP
64.233.162.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&gjid=2047073273&_gid=1398077576.1667744162&_u=YADAAAAAAAQCAC~&z=559751049 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://hentai-img.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

kgdvs9ov3l2aasw4nuts.com/chicken.gif?z=1863026&pb=5ca06dcdc64d7ec011cf1fc3b7362a691667751363&psp=zWTN21LNIlXNU7uNDVXew7CEb_wxXmyfug6K8TnPgxtn0zhu2WBdQ7zKE8KM7D2Xe6Y-l6yfOVcBcuCKkvMAFST2DAfNEXERpOyTP5SvWrE4-IlKeXp07R5q7pARYjvwiV0QyGr_D1DdAFiPHq8wYQgzAH1_i9hQBGtX_wLLpElnLTtOQsnqYf2Dr9XaCE9vPhJPf89XYGZuYUjFiZXS3DbGfr_vGH-Ak2vjhaJGsKOpldRmLE-muLvpJ8b77RQRvpSa9kZkumtdKQwSLMv-WzauFi44VSFa-VF9VUVzowwLkak_CQmjLV7HpxEfW2VheqT0xDtNtBsmkHIwhv13SNk97E7_h3MZxqVAlyxEbdRaCqlxpuxrlpOfrNeUa9_6pEHASOSstlgg1VoYk8OyOfYEbc0U1AcLKCFWKNZtcJ_YeClbK5zpi83Az4GHy9X5qIDPnSXl6tncdzVw7yLEturg05L1HmbDNuPUURx46c5KjR45nsyM8NBgjiun2c26qW-Uh4RMqCZhmC1m5vuHL-q0tMpfFzshg6_qlmCUfPCIAgMCkb2JRn12_6gj-8EEgXXdTjcvwRdu_A==&abvar=0&os=0

62.122.171.6

200 OK

43 B

URL HTTP/2
kgdvs9ov3l2aasw4nuts.com/chicken.gif?z=1863026&pb=5ca06dcdc64d7ec011cf1fc3b7362a691667751363&psp=zWTN21LNIlXNU7uNDVXew7CEb_wxXmyfug6K8TnPgxtn0zhu2WBdQ7zKE8KM7D2Xe6Y-l6yfOVcBcuCKkvMAFST2DAfNEXERpOyTP5SvWrE4-IlKeXp07R5q7pARYjvwiV0QyGr_D1DdAFiPHq8wYQgzAH1_i9hQBGtX_wLLpElnLTtOQsnqYf2Dr9XaCE9vPhJPf89XYGZuYUjFiZXS3DbGfr_vGH-Ak2vjhaJGsKOpldRmLE-muLvpJ8b77RQRvpSa9kZkumtdKQwSLMv-WzauFi44VSFa-VF9VUVzowwLkak_CQmjLV7HpxEfW2VheqT0xDtNtBsmkHIwhv13SNk97E7_h3MZxqVAlyxEbdRaCqlxpuxrlpOfrNeUa9_6pEHASOSstlgg1VoYk8OyOfYEbc0U1AcLKCFWKNZtcJ_YeClbK5zpi83Az4GHy9X5qIDPnSXl6tncdzVw7yLEturg05L1HmbDNuPUURx46c5KjR45nsyM8NBgjiun2c26qW-Uh4RMqCZhmC1m5vuHL-q0tMpfFzshg6_qlmCUfPCIAgMCkb2JRn12_6gj-8EEgXXdTjcvwRdu_A==&abvar=0&os=0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

GET /chicken.gif?z=1863026&pb=5ca06dcdc64d7ec011cf1fc3b7362a691667751363&psp=zWTN21LNIlXNU7uNDVXew7CEb_wxXmyfug6K8TnPgxtn0zhu2WBdQ7zKE8KM7D2Xe6Y-l6yfOVcBcuCKkvMAFST2DAfNEXERpOyTP5SvWrE4-IlKeXp07R5q7pARYjvwiV0QyGr_D1DdAFiPHq8wYQgzAH1_i9hQBGtX_wLLpElnLTtOQsnqYf2Dr9XaCE9vPhJPf89XYGZuYUjFiZXS3DbGfr_vGH-Ak2vjhaJGsKOpldRmLE-muLvpJ8b77RQRvpSa9kZkumtdKQwSLMv-WzauFi44VSFa-VF9VUVzowwLkak_CQmjLV7HpxEfW2VheqT0xDtNtBsmkHIwhv13SNk97E7_h3MZxqVAlyxEbdRaCqlxpuxrlpOfrNeUa9_6pEHASOSstlgg1VoYk8OyOfYEbc0U1AcLKCFWKNZtcJ_YeClbK5zpi83Az4GHy9X5qIDPnSXl6tncdzVw7yLEturg05L1HmbDNuPUURx46c5KjR45nsyM8NBgjiun2c26qW-Uh4RMqCZhmC1m5vuHL-q0tMpfFzshg6_qlmCUfPCIAgMCkb2JRn12_6gj-8EEgXXdTjcvwRdu_A==&abvar=0&os=0 HTTP/1.1
Host: kgdvs9ov3l2aasw4nuts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2211060916a0b0b6a42e0140b58054d99786
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:04 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Mon, 07 Nov 2022 14:16:04 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72226994-1&cid=1491090052.1667744160&jid=1461158983&_u=YCDAgAABAAQCAG~&z=442385849 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168720792-1&cid=1491090052.1667744160&jid=1700274969&_u=YADAAAAAAAQCAC~&z=878862477 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

poweredby.jads.co/adshow.php?adzone=681607

185.94.236.247

200 OK

1.7 kB

URL HTTP/1.1
poweredby.jads.co/adshow.php?adzone=681607
IP
185.94.236.247:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (409), with CRLF, LF line terminators
Size
1.7 kB (1651 bytes)
Hash
4d2c30e5bbc0c5a2bd1d64d116883041
44e96225b4c26b07cd41212a8a2282480899c565
c99f3196e104df5e575f5b86edace4dfb3ccf4882fbcf8b7a50f25e941e4b643

HTTP Headers

GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=4860b9c90bd8ba28bd37779840a52737; expires=Mon, 06-Nov-2023 14:16:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:04 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzY0O30%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

poweredby.jads.co/adshow.php?adzone=681607

185.94.236.247

200 OK

1.7 kB

URL HTTP/1.1
poweredby.jads.co/adshow.php?adzone=681607
IP
185.94.236.247:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (409), with CRLF, LF line terminators
Size
1.7 kB (1651 bytes)
Hash
4d2c30e5bbc0c5a2bd1d64d116883041
44e96225b4c26b07cd41212a8a2282480899c565
c99f3196e104df5e575f5b86edace4dfb3ccf4882fbcf8b7a50f25e941e4b643

HTTP Headers

GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=4860b9c90bd8ba28bd37779840a52737; expires=Mon, 06-Nov-2023 14:16:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:04 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzY0O30%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

poweredby.jads.co/adshow.php?adzone=681607

185.94.236.247

200 OK

1.7 kB

URL HTTP/1.1
poweredby.jads.co/adshow.php?adzone=681607
IP
185.94.236.247:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (409), with CRLF, LF line terminators
Size
1.7 kB (1651 bytes)
Hash
4d2c30e5bbc0c5a2bd1d64d116883041
44e96225b4c26b07cd41212a8a2282480899c565
c99f3196e104df5e575f5b86edace4dfb3ccf4882fbcf8b7a50f25e941e4b643

HTTP Headers

GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=4860b9c90bd8ba28bd37779840a52737; expires=Mon, 06-Nov-2023 14:16:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:04 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzY0O30%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

poweredby.jads.co/adshow.php?adzone=681607

185.94.236.247

200 OK

1.7 kB

URL HTTP/1.1
poweredby.jads.co/adshow.php?adzone=681607
IP
185.94.236.247:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (409), with CRLF, LF line terminators
Size
1.7 kB (1651 bytes)
Hash
1d3e337452f2303a43488959356ef07e
c24da0002a2d20a953137689b3f664f3e5145187
99abd58002f76f160ff2d07b468eaf8aa7a2c8abeeb7cde2d56adc4213ab3e84

HTTP Headers

GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=4860b9c90bd8ba28bd37779840a52737; expires=Mon, 06-Nov-2023 14:16:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:04 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzY0O30%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi

66.254.114.171

200 OK

11 kB

URL HTTP/2
a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi
IP
66.254.114.171:0
ASN
#29789 REFLECTED

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (22123), with CRLF, LF line terminators
Size
11 kB (10728 bytes)
Hash
c538ad30e4df17586558721a384c5cfb
e8448b1ccff2e75e6ad84bdfbb988419eabe0bcf
57d4b9c9e6e92975f89253f9bdae187d1fa1e2e24efd95472df1c9a888ca5f5e

HTTP Headers

GET /get/10005363?time=1592491455431&atc=416763&apb=pcA-A6XJGacv7Mio7Is3AnPLBg97nKPuYAH4-1gwowXOaRQ9a4zkIZzLtjGyn3YwDPcRlO6u8NpzrFOazQbE-rHDWnKJTLr3lAOzEzpOABmL_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Sun, 06 Nov 2022 14:16:04 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KEmNnwaQNGiIEORHCAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7041; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 6367C1A4-42FE72AB01BBE7F0-FFCF71B
X-Firefox-Spdy: h2

poweredby.jads.co/adshow.php?adzone=818859

185.94.236.247

200 OK

2.1 kB

URL HTTP/1.1
poweredby.jads.co/adshow.php?adzone=818859
IP
185.94.236.247:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Size
2.1 kB (2086 bytes)
Hash
b0eedf3ed87804da4beff01f0dc71151
36bb1bfccb77ec4a9b5d7aac1f817b37da47aeaa
e6b65359c82b9392a8ead18c1d201a7e1bf95bc1892024e572d8de5a2f67d2ae

HTTP Headers

GET /adshow.php?adzone=818859 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=b9ef267fb73f7f1a9be3923c7fd71d43; expires=Mon, 06-Nov-2023 14:16:01 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps203=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjYzMTM3MTtpOjE2NjgwMDMzNjE7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:01 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:01 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

i.jads.co/network/user1037/203-1520185091.jpg

69.16.175.10

200 OK

32 kB

URL HTTP/2
i.jads.co/network/user1037/203-1520185091.jpg
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
32 kB (32245 bytes)
Hash
df593708df9b8edbd671cb6035557bfe
26c12d2cc657295f4c32af67af64489bbf971968
00cd95d259469a99e07015415c28f0435fc3b5d8640fe1b3e45e75fb9b3bb528

HTTP Headers

GET /network/user1037/203-1520185091.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=b9ef267fb73f7f1a9be3923c7fd71d43; imps47386=1; juicy_data_1=YToxOntpOjYzMTM3MTtpOjE2NjgwMDMzNjE7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps203=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:06 GMT
etag: "1520185091"
cache-control: max-age=269420
content-length: 32245
content-type: image/jpeg
last-modified: Sun, 04 Mar 2018 17:38:11 GMT
accept-ranges: bytes
x-hw: 1667744166.dop207.sk1.t,1667744166.cds225.sk1.hn,1667744166.cds221.sk1.c
X-Firefox-Spdy: h2

i.jads.co/network/user1037/203-1520185101.jpg

69.16.175.10

200 OK

24 kB

URL HTTP/2
i.jads.co/network/user1037/203-1520185101.jpg
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
24 kB (23898 bytes)
Hash
9d43d8ef4d6605e218bf318e21923b8c
e8cae62be698d197f2f23ad36815f4e2d3f45881
11114dddf1cf3603f2782c8b8ba1d5dd4403147e9030053c6e268819f56f2f64

HTTP Headers

GET /network/user1037/203-1520185101.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=b9ef267fb73f7f1a9be3923c7fd71d43; imps47386=1; juicy_data_1=YToxOntpOjYzMTM3MTtpOjE2NjgwMDMzNjE7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps203=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:06 GMT
etag: "1520185101"
cache-control: max-age=16693588
content-length: 23898
content-type: image/jpeg
last-modified: Sun, 04 Mar 2018 17:38:21 GMT
accept-ranges: bytes
x-hw: 1667744166.dop207.sk1.t,1667744166.cds225.sk1.hn,1667744166.cds068.sk1.c
X-Firefox-Spdy: h2

poweredby.jads.co/adshow.php?adzone=681607

185.94.236.247

200 OK

1.8 kB

URL HTTP/1.1
poweredby.jads.co/adshow.php?adzone=681607
IP
185.94.236.247:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Size
1.8 kB (1816 bytes)
Hash
98439b3b0bf70b9d9c90e1bf8655ee03
992b95e762301face800dcc4d1547e532a3550c9
ac8ce3dc8feb9c2e0da3128ffc2d8ca876c736fc8cae1674c51802e262522f34

HTTP Headers

GET /adshow.php?adzone=681607 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0feada4a4f95cdd3afe13ca04a8a74db; expires=Mon, 06-Nov-2023 14:16:05 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Mon, 07-Nov-2022 14:16:05 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzk7aToxNjY4MDAzMzY1O30%3D; expires=Wed, 09-Nov-2022 14:16:05 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:05 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

poweredby.jads.co/adshow.php?adzone=818854

185.94.236.247

200 OK

2.1 kB

URL HTTP/1.1
poweredby.jads.co/adshow.php?adzone=818854
IP
185.94.236.247:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Size
2.1 kB (2101 bytes)
Hash
53b7f5c6733b896929ef940afd0a45c6
81466999ee1fa6ea80b6bdb372668fda0c3c4a86
43b89aead38101f9f047607bdd187045becdb77fe3b397a18d78fda588732c52

HTTP Headers

GET /adshow.php?adzone=818854 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:16:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; expires=Mon, 06-Nov-2023 14:16:02 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps49239=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps203=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps49919=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps49239=1; expires=Mon, 07-Nov-2022 14:16:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTo0OntpOjEzODM2MDE7aToxNjY4MDAzMzYyO2k6NjMxMzcyO2k6MTY2ODAwMzM2MjtpOjE0MDA0MDY7aToxNjY4MDAzMzYyO2k6MTM4MzYwNztpOjE2NjgwMDMzNjI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 09-Nov-2022 14:16:02 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

i.jads.co/network/user175011/49239-1653319062-0283876001653319062.gif

69.16.175.10

200 OK

240 kB

URL HTTP/2
i.jads.co/network/user175011/49239-1653319062-0283876001653319062.gif
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
GIF image data, version 89a, 300 x 300\012- data
Size
240 kB (239622 bytes)
Hash
2c40ad6822f0c10585178b0b582629a2
d8b2da69b64c7fccc7c518107dafd96345d685ca
0736f5d80e8c76fd63a414b72cb9c208ce8bb1d4738e64ddee8f52b6a5d62877

HTTP Headers

GET /network/user175011/49239-1653319062-0283876001653319062.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YTo0OntpOjEzODM2MDE7aToxNjY4MDAzMzYyO2k6NjMxMzcyO2k6MTY2ODAwMzM2MjtpOjE0MDA0MDY7aToxNjY4MDAzMzYyO2k6MTM4MzYwNztpOjE2NjgwMDMzNjI7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps203=1; imps49239=1; imps49919=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:08 GMT
etag: "1653319062"
cache-control: max-age=21958737
content-length: 239622
content-type: image/gif
last-modified: Mon, 23 May 2022 15:17:42 GMT
accept-ranges: bytes
x-hw: 1667744168.dop207.sk1.t,1667744168.cds225.sk1.hn,1667744168.cds232.sk1.c
X-Firefox-Spdy: h2

i.jads.co/network/user175011/49374-1656843681-0741904001656843681.gif

69.16.175.10

200 OK

2.9 MB

URL HTTP/2
i.jads.co/network/user175011/49374-1656843681-0741904001656843681.gif
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
GIF image data, version 89a, 300 x 300\012- data
Size
2.9 MB (2864925 bytes)
Hash
c9029c3832f35b2db968623d539f998f
410e17f89edd94aa28b85b569a210d5d3c785a32
be92a44f9a2dce4685c9ace630e46d9e21852eab3a7f5aa41789d5c7b5d86990

HTTP Headers

GET /network/user175011/49374-1656843681-0741904001656843681.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YTo0OntpOjEzODM2MDE7aToxNjY4MDAzMzYyO2k6NjMxMzcyO2k6MTY2ODAwMzM2MjtpOjE0MDA0MDY7aToxNjY4MDAzMzYyO2k6MTM4MzYwNztpOjE2NjgwMDMzNjI7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps203=1; imps49239=1; imps49919=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:08 GMT
etag: "1656843682"
cache-control: max-age=20749063
content-length: 2864925
content-type: image/gif
last-modified: Sun, 03 Jul 2022 10:21:22 GMT
accept-ranges: bytes
x-hw: 1667744168.dop207.sk1.t,1667744168.cds225.sk1.hn,1667744168.cds229.sk1.c
X-Firefox-Spdy: h2

i.jads.co/network/user175011/49239-1653319047-0342622001653319047.gif

69.16.175.10

200 OK

1.7 MB

URL HTTP/2
i.jads.co/network/user175011/49239-1653319047-0342622001653319047.gif
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
GIF image data, version 89a, 300 x 300\012- data
Size
1.7 MB (1706541 bytes)
Hash
d521173117a0bb743184202f4e2d03f6
3670f11801c442460acd97ec38320b15f153a8b3
153304ba9bf2c859adf351ac3e035178726965b9cf00a50a5f57c5786884aefb

HTTP Headers

GET /network/user175011/49239-1653319047-0342622001653319047.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=74d1caafe5a7300674e3d172faffddf3; imps47386=1; juicy_data_1=YTo0OntpOjEzODM2MDE7aToxNjY4MDAzMzYyO2k6NjMxMzcyO2k6MTY2ODAwMzM2MjtpOjE0MDA0MDY7aToxNjY4MDAzMzYyO2k6MTM4MzYwNztpOjE2NjgwMDMzNjI7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps203=1; imps49239=1; imps49919=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:08 GMT
etag: "1653319047"
cache-control: max-age=21958737
content-length: 1706541
content-type: image/gif
last-modified: Mon, 23 May 2022 15:17:27 GMT
accept-ranges: bytes
x-hw: 1667744168.dop207.sk1.t,1667744168.cds225.sk1.hn,1667744168.cds001.sk1.c
X-Firefox-Spdy: h2

porn-images-xxx.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal

172.67.133.111

200 OK

0 B

URL HTTP/2
porn-images-xxx.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal
IP
172.67.133.111:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal HTTP/1.1
Host: porn-images-xxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent
link: <https://porn-images-xxx.com/search/tag/anal/>; rel="canonical"
access-control-allow-origin: *
fastcgi-cache: HIT
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWAiwjKVmaWHjpk2THbZbk3F6B29KLHrdy4clZ7wFkNkCYTBJKdQhf%2F4xkikYUeDs%2FYRfxa6HVSt9OorXtoDDjTs6gbtm5oxglTf90mwIGcXnYTNaRqMbHkfzOkWrn%2FtTtcgI9tJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71de7e97b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ndroip.com/na/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsInNyYyI6Mn0=eyJ.js

172.67.129.54

200 OK

0 B

URL HTTP/2
ndroip.com/na/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsInNyYyI6Mn0=eyJ.js
IP
172.67.129.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /na/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzQsInNyYyI6Mn0=eyJ.js HTTP/1.1
Host: ndroip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hentai-img.com
e-tag: 6bd95a97c01e922ea920fca2a41d51f9
cache-control: public, max-age=14400, proxy-revalidate
cf-cache-status: HIT
age: 14
last-modified: Sun, 06 Nov 2022 14:15:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfKY07IwBcd%2BjYq6lL4aZpewQBYZOKdhsrKjZRYJ%2BdL0iA58tGNreQIfIUcTJvXo6mLdzF3C1hsNNLvljUMfXv%2FqjWus5bKlS8BJYJDM0U2Y6BPoT8QjgjqAc%2FLh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71d0a84b0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kgdvs9ov3l2aasw4nuts.com/lv/esnk/1863026/code.js

62.122.171.6

200 OK

0 B

URL HTTP/2
kgdvs9ov3l2aasw4nuts.com/lv/esnk/1863026/code.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lv/esnk/1863026/code.js HTTP/1.1
Host: kgdvs9ov3l2aasw4nuts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:16:01 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 09:37:02 GMT
vary: Accept-Encoding
etag: W/"6343e7be-1e77a"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

cloudflare.com/cdn-cgi/trace

104.16.133.229

200 OK

0 B

URL HTTP/2
cloudflare.com/cdn-cgi/trace
IP
104.16.133.229:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/trace HTTP/1.1
Host: cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentai-img.com/
Origin: https://hentai-img.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:02 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 765e71d61c03b4e8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

porn-images-xxx.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal

172.67.133.111

200 OK

0 B

URL HTTP/2
porn-images-xxx.com/api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal
IP
172.67.133.111:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/w/?m=html&search_type=merge&language=en&count=4&tag[]=anal HTTP/1.1
Host: porn-images-xxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentai-img.com
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent
link: <https://porn-images-xxx.com/search/tag/anal/>; rel="canonical"
access-control-allow-origin: *
fastcgi-cache: HIT
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVSjlwEr5rVOAybewr5wl4U02TjSVMKXaV5XYlXd5lZKfS0CHxYdnVUr7xCpdQ0vK1nyger7UXrXrYmMl%2B4T2Ah4zkj430Rnsqsb%2B2Udo2JGwuu5TUAmzqBs1XR8XUB%2BFBBdlMSM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71de7e9bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/

104.21.233.196

200 OK

0 B

URL HTTP/2
hentai-img.com/image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/
IP
104.21.233.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /image/diana-bruce-bmww-wonderbat-injusticeinjustice2arkhamdc-3/page/18/ HTTP/1.1
Host: hentai-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent, User-Agent
set-cookie: previous_detail=718802; path=/
adsense=pc-ca-ipp%3D1667693540; expires=Tue, 08-Nov-2022 12:12:20 GMT; Max-Age=216000; path=/; domain=.hentai-img.com
pvcla=1; path=/
fastcgi-cache: MISS
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IU1KgcabzbUWlctiqJ3YqmMrcl1DJzUnbyBuhfJmT2oi607QyDNvz1D7eVithPGw%2BEUZ34VB5xBbvK9THtvzNfkR86sjCgtEGrsrrwXfNkmAQjw3z3J6OAUJVFil%2Ba65FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71ccdcb0f40f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

msgose.com/pw/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsInNyYyI6Mn0=eyJ.js

104.21.48.29

200 OK

0 B

URL HTTP/2
msgose.com/pw/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsInNyYyI6Mn0=eyJ.js
IP
104.21.48.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pw/waWQiOjEwOTc0NDgsInNpZCI6MTEwNzI2Miwid2lkIjoyMzM5MzYsInNyYyI6Mn0=eyJ.js HTTP/1.1
Host: msgose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentai-img.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:16:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hentai-img.com
e-tag: 6bd95a97c01e922ea920fca2a41d51f9
cache-control: max-age=14400
cf-cache-status: HIT
age: 3616
last-modified: Sun, 06 Nov 2022 13:15:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsfs1MMMVORLMnEeIXqGyN%2FdLhVDt0k4poik5bJossvtcbJY7XMKZU%2F3pMgRgKhx%2FN7hf4xXqGuS1reJi6Hjirqc79iRgaUpCIxWUkeIVuEBQnwcfkDmSiS03A12"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e71d06d01b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations