hentaimoe.me/anime/koakuma-kanojo-animation/
301 Moved Permanently 0 B URL HTTP/1.1 hentaimoe.me/anime/koakuma-kanojo-animation/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /anime/koakuma-kanojo-animation/ HTTP/1.1
Host: hentaimoe.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 21:29:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 22:29:29 GMT
Location: https://hentaimoe.me/anime/koakuma-kanojo-animation/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1utRkBNU1X40nv54e2vd1zfIpBMZ1eTELdaRQ0C62ra4K2a2K%2FyKX4pYZ2p1YlsZ8F1tnEu5xj%2FDsg3KPe%2BJ5skG0RvGOEBAUDNxrXUSApIyQwGdhh78S5J2gHwzBw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794ebde47b76b529-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6876
Expires: Sun, 05 Feb 2023 23:24:05 GMT
Date: Sun, 05 Feb 2023 21:29:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15468
Expires: Mon, 06 Feb 2023 01:47:17 GMT
Date: Sun, 05 Feb 2023 21:29:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 20:33:57 GMT
content-type: application/json
age: 3332
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3722
Expires: Sun, 05 Feb 2023 22:31:31 GMT
Date: Sun, 05 Feb 2023 21:29:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uFNmAo6NYiRYX/EpTGYDyOkvYkBAkFY3VTIGQyGcUTcYV52XCfwa1gNy+dM8aPuSLkRF/UwtM6w=
x-amz-request-id: A3FY39GPNTSJGN2V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 20:53:26 GMT
age: 2163
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 21:29:29 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash acaa454b5529cb402c881ca911d58ed0
63119368ce18f0134fff0c437c5e7dc5c1e6b255
17e5fea6f58e080a0d3e8346f4cb96d1fad089dde0708319209ddbbf0df3f931
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:29 GMT
Etag: "63dde24a-117"
Server: ECS (amb/6BC8)
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash acaa454b5529cb402c881ca911d58ed0
63119368ce18f0134fff0c437c5e7dc5c1e6b255
17e5fea6f58e080a0d3e8346f4cb96d1fad089dde0708319209ddbbf0df3f931
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:29 GMT
Etag: "63dde24a-117"
Last-Modified: Sun, 05 Feb 2023 21:29:29 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 279 B IP
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4145
Cache-Control: max-age=86681
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:29 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 21:34:10 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
code.jquery.com/ui/1.11.2/jquery-ui.js
200 OK 114 kB URL HTTP/2 code.jquery.com/ui/1.11.2/jquery-ui.js
IP
File type ASCII text, with very long lines (547)
Size 114 kB (113672 bytes)
Hash e6e59c2adcb2d2ffddd4473670a793f0
0a39a7ada2975e109e1ac5b9ff389d16a42964b0
b426d31b38119c3c13198b79597976f60024eafb459e356313925e242bf10a92
GET /ui/1.11.2/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:29 GMT
content-encoding: gzip
content-length: 113672
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-7296c"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675632569.dop024.sk1.t,1675632569.cds203.sk1.hn,1675632569.cds213.sk1.c
X-Firefox-Spdy: h2
code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
200 OK 8.1 kB URL HTTP/2 code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
IP
File type ASCII text, with very long lines (2363)
Hash 6504780c7eb76eb1ac602275a321d8e3
5b27dcb2729c73dcf1157c9cf4383fdbf09b71c0
3bbb32c687ff74d36d779899bf9bc7e09561720858b5bfe91a7d16aead5bf616
GET /ui/1.11.2/themes/smoothness/jquery-ui.css HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:29 GMT
content-encoding: gzip
content-length: 8056
content-type: text/css
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-898c"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675632569.dop024.sk1.t,1675632569.cds203.sk1.hn,1675632569.cds015.sk1.c
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.11.1.min.js
200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.11.1.min.js
IP
File type ASCII text, with very long lines (32086)
Hash a39e9fcc2a78d5b1ed25b5f853c17a22
f1d1d30d35146a7adee855becba02b776366f169
a0581d3f2c05cfb302f81d2894c114da758e14a290bd4f240c7b63628469ee8d
GET /jquery-1.11.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:29 GMT
content-encoding: gzip
content-length: 33202
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1762a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675632569.dop024.sk1.t,1675632569.cds203.sk1.hn,1675632569.cds263.sk1.c
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
200 OK 5.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
IP
File type ASCII text, with very long lines (587)
Hash 1a2547d6f71b7fee8ae95ddae3f22e73
99a2ef7dd879b6defc909b8fea189df314100aa8
877343574a2ad351c37b1df9d3911fd2815a25759b0328857b91a8699ff5b7f2
GET /ajax/libs/pace/0.4.17/pace.js?v=0.4.17 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 5158
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f40-621b"
last-modified: Mon, 04 May 2020 16:13:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1524924
expires: Fri, 26 Jan 2024 21:29:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1U5vxpvGr3BkY2BAZTpq6mkf194bybbCg8tdStIXWYF8qRSmW%2FMjWvyHStCQ7VttGdv9kpbVCI6bqcPSGFjgw8EmxtwMwle9%2BzKZyryYZGhRdmOkQF3oI8HbE8yzOdnZRQ6uymDX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 794ebdea69cab518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 42df4540ab74f68ac1d7d36e45cad125
1caeef11ccec6ec9f33f349b1d0e2b56cd7b7748
2f7f5cdaad97c8e95056f5ba6f7feeea7f874d9c069393f3db12be40c5b825e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6243
Cache-Control: max-age=130904
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:29 GMT
Etag: "63df63ae-117"
Expires: Tue, 07 Feb 2023 09:51:13 GMT
Last-Modified: Sun, 05 Feb 2023 08:07:10 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4146
Cache-Control: max-age=86681
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:30 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 21:34:11 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 82d4cd75b5f78fa430c52f966c17f5e6
87ff62d3fa3478bb14091f1451b5c914549bfd3e
2d81207474e9c7b4aecbb13fb3442ae08cf1524ed79f9caaae41668c941f48c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2D81207474E9C7B4AECBB13FB3442AE08CF1524ED79F9CAAAE41668C941F48C2"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13759
Expires: Mon, 06 Feb 2023 01:18:49 GMT
Date: Sun, 05 Feb 2023 21:29:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 21:07:20 GMT
age: 1330
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 912 B IP
ASN #20940 Akamai International B.V.
Hash c4c01baba82196a8cddbe64a3b8f8c55
2357fc57d55ee3055660746000b2993935d567d7
81b0409899487815fd348a826e7bd1b13b2a59c7c24d415f7458645700a413f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6141
Expires: Sun, 05 Feb 2023 23:11:51 GMT
Date: Sun, 05 Feb 2023 21:29:30 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.exosrv.com/ads.js
200 OK 1.2 kB IP
ASN #60068 Datacamp Limited
Hash bbbf8ec5bfb45de5f8d428a5930c144a
cc10dabf6aacd01a1bf27c705f6e84f9141da94b
830e09820b6d6cfa0745ad344a65d78f2bbd48a85d8b5c60dd611ac21a9df977
GET /ads.js HTTP/1.1
Host: ads.exosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:30 GMT
content-type: application/javascript
etag: W/"b60fdcc211f42a1f246a8c80b56"
expires: Thu, 02 Feb 2023 18:45:33 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1675633626
server: CDN77-Turbo
x-77-nzt: AblMCQ3RioH/ECYAAA
x-77-nzt-ray: c0a4cc28e90f5038ba1fe06332b20202
x-cache: HIT
x-age: 9744
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googledrive.com/host/0B_3zbqxV0dVALXBnMlZrMWZhWGM/font-awesome.min.css
404 Not Found 1.6 kB URL HTTP/2 googledrive.com/host/0B_3zbqxV0dVALXBnMlZrMWZhWGM/font-awesome.min.css
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 1ca464de8f4bbbb3969d139a3fcc0844
ac4265f58d2ef538d4a9ee77483af0ea0eb8fae9
604fa62d70b51007ccb2ddab9f3b75bb6a97c871106f94b8142f35e0fb3d9053
GET /host/0B_3zbqxV0dVALXBnMlZrMWZhWGM/font-awesome.min.css HTTP/1.1
Host: googledrive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1615
date: Sun, 05 Feb 2023 21:29:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 51Fx8MFSd0IJyw+HMlUjmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I2pZ8MuT2E1OE3pLzdwOd48EZhY=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/hkm4DE5.png
200 OK 130 kB IP
File type PNG image data, 275 x 542, 8-bit/color RGBA, non-interlaced\012- data
Size 130 kB (130455 bytes)
Hash 40fe61a373a69fe7f1dcde4759a084a1
e82550c736605f16edb76fdd03a35fe2196ee21f
a17da594b3f624f21b660ced3a96f5e8b7c64ed2a3b86b239722e95cf8f0bf4a
GET /hkm4DE5.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 26 May 2016 22:21:41 GMT
etag: "40fe61a373a69fe7f1dcde4759a084a1"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:29:30 GMT
age: 2696674
x-served-by: cache-iad-kcgs7200145-IAD, cache-bma1644-BMA
x-cache: HIT, HIT
x-cache-hits: 36, 1
x-timer: S1675632570.451734,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 130455
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 527809
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
syndication.exosrv.com/ads-iframe-display.php?idzone=2912276&type=468x60&p=https%3A//hentaimoe.me/anime/koakuma-kanojo-animation/&dt=1675632612327&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
200 OK 1.7 kB URL HTTP/1.1 syndication.exosrv.com/ads-iframe-display.php?idzone=2912276&type=468x60&p=https%3A//hentaimoe.me/anime/koakuma-kanojo-animation/&dt=1675632612327&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash 93da1c195813a1f517859d528ae36236
40389a5f66881aa1b57eda430848c201be93015a
871f32fed53ca472e525f649f39c3565a9f73d377d1ece6490fd28039e7c2081
GET /ads-iframe-display.php?idzone=2912276&type=468x60&p=https%3A//hentaimoe.me/anime/koakuma-kanojo-animation/&dt=1675632612327&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22 HTTP/1.1
Host: syndication.exosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 21:29:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263e01fba7ef985.627782292219597395%22%3B%7D; expires=Tue, 04 Feb 2025 21:29:30 GMT; path=; domain=.exosrv.com; Secure; SameSite=none
impressions=oslmrxbrnxgxamrrlbbcegeicxbmsbcenxgxamrrlbbcegeimmccrbebnxgxamcbexxbmgeioslmrxbmnxgxamrroelrxgeicxbmsbocnxgxamrroelrxgeimmccrlaonxgxamrcremlrgeimmccrlacnxgxamcmlarclgeicxbmsboenxgxamraobssmgeioslmrxlrnxgxamslescrogeimmccrbxenxgxamrescroogeislsaroornxgxamccolacbgeioslmroemnxgxamrrobxcageioslmrxlsnxgxamraobrssgeicmmsxrbonxgxamsoeamlmgeimmccrlaenxgxamrsxxxmrgeimmccrbeanxgxamcssabxegeicaocmrmanxgxamolcrcergeimcclsxronxgxamsscrmclgeimcclsxmenxgxamrceerargeialbserebnxgxamccrrssogeimcclsxaonxgxamsxsxllxgeicxbmsbxcnxgxamrrrsbaageimrblxebenxgxamselmborgeimcclsxconxgxamrcraoxsgeirbabxabbnxgxamrescroogeimcclsxacnxgxamsscrmclgeicmmsxaeenxgxamcmrmsrmgeialbsereanxgxamsoeabscgeicaxsscmbnxgxamsosomemgeimcclosconxgxamrrlbbcegeimcclsoeonxgxamrcraoxsgeimcclsxlcnxgxamrrxsoaageimcclossbnxgxamcscxaesgeimcclsxscnxgxamsmoooeegeimcclsxlenxgxamcbrorxbgeimaecseaenxgxamrcremlrgeimaecsxcbnxgxamsmoooeegeimcclsxoanxgxamclrbcelgeimcclsxlbnxgxamcrbalrageimccloscanxgxamrrobxcageiclsmrbsonxgxamsmmrbmbgeiclsmarsenxgxamsmmrbmbgeiccmmllebnxgxamclarlmmgeimcclsxsbnxgxamrroelrxgeiclsmrbxonxgxamsbebceegeiclsmrbxcnxgxamsbebceegeiclsmarscnxgxamsbebceegeiccmmlmlcnxgxamsbebceegeiclsmarrenxgxamsbebceegeicaormbaonxgxamsbxxbsrgeicaormlrenxgxamcememscgeimcclsxlonxgxamcsmlmxcgeimrblelronxgxamsbremaegeimaecsxobnxgxamsbremaegeiclsmrbrcnxgxamsbroemmgeiclsmrraanxgxamclsslaegeiclsmrmxbnxgxamsbroemmgeimccloscenxgxamrcraoxsgeimcclsxxonxgxamslescrogeimrblelxbnxgxamslescrogeimcclsoeenxgxamclrbcelgeimrblelmonxgxamcxcrasxgeimrbleloenxgxamcxcrasxgeiclsmrrmanxgxamcxabcxbgeiclsmrbeonxgxamcxabcxbgeiclsmrrcenxgxamcxabcxbgeiclsmrmxanxgxamcxabcxbgeiclsmrbxenxgxamcxabcxbgeiclsmaroonxgxamcxabcxbgeialbserxenxgxamcosraregeimcclsxsenxgxamrcraoxsgeimcclsxlanxgxamcblrlbcgeiccmmlleanxgxamccrrssogeicaormlabnxgxamcrllsmageicaormlconxgxamcrllsmageiclsmarsonxgxamclsslaegeiclsmrmlbnxgxamclsslaegeiclsmrmocnxgxamclsslaegeiccmmllecnxgxamclsslaegeimcclsxcanxgxamrceerscgeimrblelcenxgxamclrbcelgeimaecsxrcnxgxamclrbcelgeialbserxonxgxamclarlmmgeimcclosscnxgxamrceerscgeimaecobronxgxamrescroogeimaecobeenxgxamrescroogeimcclosccnxgxamrescroogeimaecoboonxgxamrescroogeimrblxelenxgxamrescroogeimaecsxccnxgxamrcremlrgeimlxbaxlonxgxamrcraoxsgeimlxbaxbanxgxamrcaxocmgeimlxbaxbonxgxamrroelrxgeimlxbaxlanxgxamrrobxcageimlxbaxlcnxgxamraobrssgeimxlbalsbnogxamrrcmxxegxcceimrxccosenxgxamrrreclogxcceimocbmmacnxgxamrrrealegxcceimraeelsanxgxamrrrealegxcceimxlbalcencgxamrrrebobgxcceimxlbmxlenogxamrrrebolgxcceimemlxmcbnxgxamrrrebolgxcceimsleoaronxgxamrrrebolgxcceimxxerreanxgxamrrrebolgxcceimbscxmocnxgxamrrrsbaagxcceimxxerrecnxgxamrrrsbaagxcceimlxbaxbcnxgxamrrrsbaageimxlbmxlonogxamrracbslgxcceicloaxxaanxgxamrrabasmgxcceimblrcssenxgxamrrmxrsagxcceicloaxxacnxgxamrrmxrsagxcceimblrcsoanxgxamrrmxrsagxcceimblrcsscnxgxamrrmxrsagxcceimblrcssonxgxamrrmxrsagxcceicloaxxmenxgxamrrmoocsgxcceimmcoaalonxgxamrrmmrssgxcceialrexexbnxgxamrrmbceogxcceimblelambnxgxamrrmlssmgxcceimbbcemoancgxamrrboamagxcceialrexeoonxgxamrrbsasegxcceimclsaoxbncgxamrrbsasegxcceimaoobbebnxgxamrrlbxebgxcceimsacexoonxgxamrrlbbcegxcceimlxbaxlenxgxamrrlbbcegeimbbcemobncgxamrrlbbcxgxcceixaoossalnxgxamrrlbbcxgxcceimrxccosonxgxamrrlbbcxgxcceixaoosscrnxgxamrrlblbegxcceimrxccoscnxgxamrrlblbegxcceimbmlselonxgxamraeaoemgxcceimblrcsobnxgxamraebeblgxcceimeembesonxgxamraebeblgxcceimeembecenxgxamraebeblgxcceimxlbmxlcnogxamraebeblgxcceimboslabcnxgxamraebeblgxcceimlxasascnxgxamraxxxecgxcceimxlbmoscnogxamraxroxrgxcceimeembescnsgxamraxroxrgxcceimblelabenxgxamraxrcclgcbeimcssmlrcnsgxamraxlalegxcceimbsblroanagxamraoemacgcbeimcssmlrenogxamraoebllgxcceimlxocxobnogxamraoxmbmgxcceimxlbmosonogxamraoxmbmgxcceimlxmrlxenxgxamraoxmbmgxcceimxlbmosanogxamraoxmbmgxcceimxlbmosenogxamraoxmbmgxcceimbscxmxanxgxamraoxmbmgxcceimbscxmobnxgxamraobssmgxcceimxeoxsacnxgxamraobssmgxcceicmarxbbonogxamraobssmgxcceimxlbalscnxgxamraobrssgxcceiallxlmscnxgxamrasoexmgxcceimcssmlronxgxamrasoexmgxcceimocbmmaanxgxamrasoexmgxcceimocbmmmenxgxamrasoexmgxcceiocmlslsmnxgxamrasormegxcce; expires=Mon, 06 Feb 2023 21:29:30 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.cdn4ads.com/mutationobserver.min.js
200 OK 9.7 kB URL HTTP/2 www.cdn4ads.com/mutationobserver.min.js
IP
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash b6c67458a51498bbda2f0a64ee5a10f3
f11c9eb6ba5099d928dd3e94f6174b7e86762578
c1f6375561572cf772a2842871f89309ff487bb0da4abb778c46735f42a7767e
GET /mutationobserver.min.js HTTP/1.1
Host: www.cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:30 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Wed, 08 Feb 2023 18:03:39 GMT
access-control-allow-origin: *
link: <https://cdn4ads.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1675879419
server: CDN77-Turbo
x-77-nzt: AblMCRTN+Xz/P3YFAA
x-77-nzt-ray: af5856309eb547ccba1fe0633eae911c
x-cache: HIT
x-age: 357951
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 258fc381719c5a60836b5ea1964fb238
cc25fd4957015e53d334c27a3f8ded9ccd931bbc
6415c35086e141bbb0de6b3733758225b153e204ce4b0a6612f3dcbc9bb089b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6415C35086E141BBB0DE6B3733758225B153E204CE4B0A6612F3DCBC9BB089B2"
Last-Modified: Fri, 03 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19463
Expires: Mon, 06 Feb 2023 02:53:53 GMT
Date: Sun, 05 Feb 2023 21:29:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8b540beb903efa34f940ff77e7872ef1
81fb965067f8fadc84a5df74653ccc83d5d79a8b
2eff1a3555daaa5e16edab7dfcb34e66a7a2d38dd7381f69346fd721a82de6d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EFF1A3555DAAA5E16EDAB7DFCB34E66A7A2D38DD7381F69346FD721A82DE6D1"
Last-Modified: Sat, 04 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6835
Expires: Sun, 05 Feb 2023 23:23:25 GMT
Date: Sun, 05 Feb 2023 21:29:30 GMT
Connection: keep-alive
s3t3d2y8.afcdn.net/library/42630/f98f59e8c66b2c6ed69395a3c8bab5defe5a03eb.mp4
206 Partial Content 18 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/42630/f98f59e8c66b2c6ed69395a3c8bab5defe5a03eb.mp4
IP
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash dd2f06fb5ad565055884ab0fcefd7cb0
f98f59e8c66b2c6ed69395a3c8bab5defe5a03eb
5f8154c3bce60c5ee22deb8352d403074b1ffa52f601c27a62e732fcc77a006e
GET /library/42630/f98f59e8c66b2c6ed69395a3c8bab5defe5a03eb.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://syndication.exosrv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sun, 05 Feb 2023 21:29:30 GMT
content-type: video/mp4
content-length: 18495
last-modified: Thu, 26 Mar 2020 23:23:01 GMT
etag: "5e7d3955-483f"
expires: Sat, 01 Jul 2023 08:06:30 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688199011
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRSAv1T/13MhAQ
x-77-nzt-ray: af5856303bb2d3cfba1fe0636692df2f
x-cache: HIT
x-age: 18969559
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-18494/18495
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 62fee7d67016395e394bb6198ed16f20
4930912f30f06b318246f88ab2d4b0ef8310fcf6
500be9dcad6eb9ad87713914ba24532e52327cbef07393ea38cb6648ed335dc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 12:04:33 GMT
Expires: Sun, 12 Feb 2023 12:04:32 GMT
Etag: "4930912f30f06b318246f88ab2d4b0ef8310fcf6"
Cache-Control: max-age=570301,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ebdeff83cb4f1-OSL
na.nawpush.com/tags/44675?version_name=c
200 OK 993 B URL HTTP/2 na.nawpush.com/tags/44675?version_name=c
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (993), with no line terminators
Hash 62305e0177065305fbd280c742a64a3d
ed30688e872324ac64d041acb88a447e2a3f093f
8b822fb8e6b7d17a98c27183a8b734d4304b7cd2dc56affd7e2053c7de5c4678
GET /tags/44675?version_name=c HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:30 GMT
content-type: application/json
content-length: 993
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 8a34b26d8f7122332fef6ed454bbe652
bda4d1872c1d6495415403edf9cd7549042d6ef6
13bfc8d86655b94964ca47dff85709bf4c211f54970237ded9f254dd5e1012dc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 02:35:29 GMT
Expires: Sat, 11 Feb 2023 02:35:28 GMT
Etag: "bda4d1872c1d6495415403edf9cd7549042d6ef6"
Cache-Control: max-age=449757,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ebdf0589fb4f1-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e02a8bcfd5b7b7881940fa6fa8470128
24e34ab4ad8ebb1f1f3a34a75d2ac23acb55efec
36b30e98ac07590e7c0ae57bdf0d83734f7093c20962d47798c821665f822a1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B30E98AC07590E7C0AE57BDF0D83734F7093C20962D47798C821665F822A1F"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7594
Expires: Sun, 05 Feb 2023 23:36:05 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
na.nawpush.com/tags/52385?version_name=b
200 OK 3.2 kB URL HTTP/2 na.nawpush.com/tags/52385?version_name=b
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (3043), with CRLF line terminators
Hash a12ce33cded1fa0e6a91d301a1b0edfc
e97e0756cb9c60981d3336aa729fce7c09bbf203
5b767c343322ab829b62f21dabe2ec9c1d37774ddbb90f595b1fce0ca30c6a27
GET /tags/52385?version_name=b HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:30 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2
6.adsco.re/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:31 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://hentaimoe.me
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ebdf0f8adb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5278263294f3a35234a4b394367fc556
153c2d0132902770750e4855125d36d632092ea0
20586ec0851b17cb48bac8af53b6630e5723cccb8091bca907f5b529f058a8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20586EC0851B17CB48BAC8AF53B6630E5723CCCB8091BCA907F5B529F058A8F9"
Last-Modified: Sun, 05 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10912
Expires: Mon, 06 Feb 2023 00:31:23 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76cf050a7f68b805961048b7e68924ca
7dc17007f7f9b9f9b7d30fc7cbb366c6423b572c
34fee2b95cd9896c4c001eed98958c9e66fe993ddff17ef9eced9688861ca450
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34FEE2B95CD9896C4C001EED98958C9E66FE993DDFF17EF9ECED9688861CA450"
Last-Modified: Sat, 04 Feb 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21030
Expires: Mon, 06 Feb 2023 03:20:01 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ae5f68187ce6213a02948eb2dda05d10
b593e026ba01d5731fdde6481dddbded7b4d7e72
a8c861ae56387bb3f0fd3f21ae2042ebd07ab4d372118564b750fe2ff952a90f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8C861AE56387BB3F0FD3F21AE2042EBD07AB4D372118564B750FE2FF952A90F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3353
Expires: Sun, 05 Feb 2023 22:25:24 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
js.wpadmngr.com/static/adManager.js
200 OK 613 B URL HTTP/2 js.wpadmngr.com/static/adManager.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (1245), with no line terminators
Hash 6794c84322ff4058e3cdef79f8e0ff88
34e2f8f3a7ed78a68453be557a9e4bc6ba4effc0
94771762d8c52ec00704a728e35993b89ec1075edf403887c1d56afd7d64b389
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:30 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 05 Dec 2022 13:37:26 GMT
etag: W/"638df416-4dd"
content-encoding: gzip
expires: Sun, 05 Feb 2023 21:34:30 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 96f7904b22bd10653bc0d4f67215f960
8cd6822ecd4e595745a92156ce72c81dafef9c07
b66e9f9073e01f210a393ee3d55ac5f381d3cc19b16728d797612ffb1bb77273
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B66E9F9073E01F210A393EE3D55AC5F381D3CC19B16728D797612FFB1BB77273"
Last-Modified: Fri, 03 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6586
Expires: Sun, 05 Feb 2023 23:19:17 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
4.adsco.re/
200 OK 62 B IP
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://hentaimoe.me
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
ocsp.sectigo.com/
200 OK 471 B IP
Hash 62fee7d67016395e394bb6198ed16f20
4930912f30f06b318246f88ab2d4b0ef8310fcf6
500be9dcad6eb9ad87713914ba24532e52327cbef07393ea38cb6648ed335dc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 12:04:33 GMT
Expires: Sun, 12 Feb 2023 12:04:32 GMT
Etag: "4930912f30f06b318246f88ab2d4b0ef8310fcf6"
Cache-Control: max-age=570300,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ebdf07c111bfa-OSL
fp.metricswpsh.com/fp?tag_id=52385
204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=52385
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=52385 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hentaimoe.me/
Origin: https://hentaimoe.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://hentaimoe.me
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ohkkrlztqiuj.l4.adsco.re/
200 OK 0 B URL HTTP/1.1 ohkkrlztqiuj.l4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ohkkrlztqiuj.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:31 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
p.karpatzi.com/dcba/
404 Not Found 19 B IP
Hash 595e88012a6521aae3e12cbebe76eb9e
da3968197e7bf67aa45a77515b52ba2710c5fc34
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
GET /dcba/ HTTP/1.1
Host: p.karpatzi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Sun, 05 Feb 2023 21:29:31 GMT
content-type: text/plain; charset=utf-8
content-length: 19
x-content-type-options: nosniff
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads2.js
200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentaimoe.me/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 21:29:31 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 21 Nov 2022 05:24:20 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"637b0b84-eae"
Content-Encoding: gzip
ocsp.sectigo.com/
200 OK 471 B IP
Hash 62fee7d67016395e394bb6198ed16f20
4930912f30f06b318246f88ab2d4b0ef8310fcf6
500be9dcad6eb9ad87713914ba24532e52327cbef07393ea38cb6648ed335dc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 12:04:33 GMT
Expires: Sun, 12 Feb 2023 12:04:32 GMT
Etag: "4930912f30f06b318246f88ab2d4b0ef8310fcf6"
Cache-Control: max-age=570300,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ebdf14a06b4f1-OSL
fp.metricswpsh.com/fp?tag_id=52385
200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=52385
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=52385 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22287
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 21:29:31 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hentaimoe.me
Set-Cookie: id=8735382637941943687; Expires=Mon, 05 Feb 2024 21:29:31 GMT; Secure; SameSite=None
Vary: Origin
r3.o.lencr.org/
200 OK 508 B IP
ASN #20940 Akamai International B.V.
Hash 1e1b02a3fbdd6a6f797624f4eb34369b
841354fb6f5176095478c72f0fba83554fa2e8bc
d833abff0b8f26a1ff8a1cd8161238d3bc5c95a9957ad442bf7ce3b62cad26d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAD0E25EE40E8FB6527E429F721ACFA3EA793883B1343F94A1374E8582B7440F"
Last-Modified: Fri, 03 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12042
Expires: Mon, 06 Feb 2023 00:50:13 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7860a3a5d38385cbfed0e490b5ca57f
c8f1d78007c8848164f30ca42747f7257e398474
2dad102c038c3bbc96e0aa94f5ec737fe005b258ec74d131b798976dad51e0e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DAD102C038C3BBC96E0AA94F5EC737FE005B258EC74D131B798976DAD51E0E1"
Last-Modified: Sat, 04 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15828
Expires: Mon, 06 Feb 2023 01:53:19 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
fp.metricswpsh.com/fp?tag_id=44675
204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=44675
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=44675 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hentaimoe.me/
Origin: https://hentaimoe.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://hentaimoe.me
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
1ec994c645.369c83119d.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI1ODI3NjU5NTY3OTc1MDUxMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjIuMCIsInRhZ19pZCI6NDQ2NzUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40NywiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiIn0=
200 OK 0 B URL HTTP/2 1ec994c645.369c83119d.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI1ODI3NjU5NTY3OTc1MDUxMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjIuMCIsInRhZ19pZCI6NDQ2NzUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40NywiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiIn0=
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI1ODI3NjU5NTY3OTc1MDUxMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjIuMCIsInRhZ19pZCI6NDQ2NzUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40NywiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiIn0= HTTP/1.1
Host: 1ec994c645.369c83119d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:31 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
ohkkrlztqiuj.n4.adsco.re/
200 OK 0 B URL HTTP/1.1 ohkkrlztqiuj.n4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ohkkrlztqiuj.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:31 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
fp.metricswpsh.com/fp?tag_id=44675
200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=44675
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=44675 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22282
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Cookie: id=8735382637941943687
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 21:29:31 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hentaimoe.me
Vary: Origin
nereserv.com/in/dip?site=native-push&wl=1&event_id=a3653376-5bb2-45ce-b7d6-6061163733aa&subid=2049301713&sid=3681130262&spot_id=30359&created_at=2023-02-05&timezone=0&ver=8.24.1&is_native=1
200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=a3653376-5bb2-45ce-b7d6-6061163733aa&subid=2049301713&sid=3681130262&spot_id=30359&created_at=2023-02-05&timezone=0&ver=8.24.1&is_native=1
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=a3653376-5bb2-45ce-b7d6-6061163733aa&subid=2049301713&sid=3681130262&spot_id=30359&created_at=2023-02-05&timezone=0&ver=8.24.1&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:29:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1c3f6107cba70fb74db8d5ef13f7deec
ce845b2af6c9743eaff5ce63b0a1a4f366a5cb8c
de77e6fe95554ba0ff1304aa63a97ff53054ef317420ee7f8483912917030d6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE77E6FE95554BA0FF1304AA63A97FF53054EF317420EE7F8483912917030D6F"
Last-Modified: Sun, 05 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Mon, 06 Feb 2023 03:28:49 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6947
Expires: Sun, 05 Feb 2023 23:25:18 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6947
Expires: Sun, 05 Feb 2023 23:25:18 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6947
Expires: Sun, 05 Feb 2023 23:25:18 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6947
Expires: Sun, 05 Feb 2023 23:25:18 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6947
Expires: Sun, 05 Feb 2023 23:25:18 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9024816d26900aedd21c416b9ca0a532
2d4b1826d7315ef74ef5533edf1d2e621ed90692
5deb561a4a9c5da82da0d8974b2577332d21e03b67722112cb1c2522ab3780c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DEB561A4A9C5DA82DA0D8974B2577332D21E03B67722112CB1C2522AB3780C4"
Last-Modified: Sat, 04 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16795
Expires: Mon, 06 Feb 2023 02:09:26 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:42:59 GMT
age: 63992
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9024816d26900aedd21c416b9ca0a532
2d4b1826d7315ef74ef5533edf1d2e621ed90692
5deb561a4a9c5da82da0d8974b2577332d21e03b67722112cb1c2522ab3780c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DEB561A4A9C5DA82DA0D8974B2577332D21E03B67722112CB1C2522AB3780C4"
Last-Modified: Sat, 04 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16795
Expires: Mon, 06 Feb 2023 02:09:26 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9024816d26900aedd21c416b9ca0a532
2d4b1826d7315ef74ef5533edf1d2e621ed90692
5deb561a4a9c5da82da0d8974b2577332d21e03b67722112cb1c2522ab3780c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DEB561A4A9C5DA82DA0D8974B2577332D21E03B67722112CB1C2522AB3780C4"
Last-Modified: Sat, 04 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16795
Expires: Mon, 06 Feb 2023 02:09:26 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:05:45 GMT
age: 84226
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzQtnFGhoAMF5Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0Of3BK3VqVMGQGDIODQthVmi7BC8Ney4zgGCpVuzYc1j6D8RRP-AxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 14:15:34 GMT
age: 26037
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nereserv.com/in/dip?site=native-push&wl=1&event_id=24d349bb-96a5-447e-94c3-c018463e164e&subid=1123959183&sid=2835996074&spot_id=26479&created_at=2023-02-05&timezone=0&ver=8.24.1&is_native=1
200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=24d349bb-96a5-447e-94c3-c018463e164e&subid=1123959183&sid=2835996074&spot_id=26479&created_at=2023-02-05&timezone=0&ver=8.24.1&is_native=1
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=24d349bb-96a5-447e-94c3-c018463e164e&subid=1123959183&sid=2835996074&spot_id=26479&created_at=2023-02-05&timezone=0&ver=8.24.1&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:29:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 11:24:01 GMT
age: 36330
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:26 GMT
age: 85085
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 518bba9a8770e8ff15229a68be5bddc3
139f944b3f4279e640901f7a6b993f1a49b51a22
0591e73dec2190752677f06525bc993dc8c7a5aa20984a5eda64c323188e2b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: b6c1caa9-72e4-476f-9c3d-4a746c410ba3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHLJoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-1289ef383fbad59621eda6d0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i7ZNMlYetTGgoM0beS97MTxveM1H7CI4JdAvPhYdqe9pyCCQugjgNg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:00:18 GMT
age: 84553
etag: "139f944b3f4279e640901f7a6b993f1a49b51a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adsco.re/p
200 OK 412 B IP
File type ASCII text, with very long lines (487), with no line terminators
Hash e322a4913e6992202a52231f0df71f03
0f2a5ef03f70a54866ab4582c3e28f36d3b6514a
b3fab1d26838c49bef5ce5d7dd06b051d9e8590cc20393d85a31530786df8c2c
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1846
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://hentaimoe.me
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
0f6e7d3222.ba33938e50.com/in/multy
204 No Content 0 B URL HTTP/2 0f6e7d3222.ba33938e50.com/in/multy
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hentaimoe.me/
Origin: https://hentaimoe.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:29:31 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bf1533d3ca5e8edb536fdc6eb045c5c9
e506e83ca9763df541e4c502cd9a694f8e062c28
6a02ff7c345c5d0f2061b4587e96eef9d4c1f5812538ad4c34b1dd96a1e5aaba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A02FF7C345C5D0F2061B4587E96EEF9D4C1F5812538AD4C34B1DD96A1E5AABA"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7925
Expires: Sun, 05 Feb 2023 23:41:36 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
0f6e7d3222.ba33938e50.com/in/multy
204 No Content 0 B URL HTTP/2 0f6e7d3222.ba33938e50.com/in/multy
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hentaimoe.me/
Origin: https://hentaimoe.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:29:31 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
severaljack.com/00/29/b8/0029b87cbce0f061e2ac28d2b7f5b97a.js
200 OK 13 kB URL HTTP/1.1 severaljack.com/00/29/b8/0029b87cbce0f061e2ac28d2b7f5b97a.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37128), with no line terminators
Hash ed50831f002d19cc7a143874932843eb
4eef9bfc962e69e384fc291a419571b5e313906e
343529762be764e573c0d7f8ec6cca0ed606f6f0f30d74430a7d3b53754f6672
GET /00/29/b8/0029b87cbce0f061e2ac28d2b7f5b97a.js HTTP/1.1
Host: severaljack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 21:29:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f14f891e9f9d2e346e493f2dfdd6c459
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
js.capndr.com/popunder-admanager/build.m.js
200 OK 19 kB URL HTTP/2 js.capndr.com/popunder-admanager/build.m.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash 13981dcdef60101065c57c07a520cfe5
da183a370339bc1fa4f4641ad8e00c9c5a095df0
9cbb69cb40158655f7313ab8d06bc1ca4b5a8cc5f08d1ceccd408d96140b2462
GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:31 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 25 Jan 2023 09:48:07 GMT
etag: W/"63d0fad7-b577"
content-encoding: gzip
expires: Sun, 05 Feb 2023 21:34:31 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash bfea74a6190e45e6b339a9ed62e59fd1
52a5787e4375d9012a8653c14cd5c66d68909ffb
f1251329302001bd0d2de99dfe1100887ff6a7b69de4ad2b9a2a718efe6c91d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F1251329302001BD0D2DE99DFE1100887FF6A7B69DE4AD2B9A2A718EFE6C91D1"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4752
Expires: Sun, 05 Feb 2023 22:48:43 GMT
Date: Sun, 05 Feb 2023 21:29:31 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 2b9fa7773944abe31f5a0d2c89fcf83f
dd497be3ec7fff255da6600a2d92c45d0f4b9a50
68342c1715a25165c46c7832671ce7d31cc3afeda203b110c999875bb79ba116
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148143
Date: Sun, 05 Feb 2023 21:29:32 GMT
Etag: "63dfaf99-1d7"
Expires: Tue, 07 Feb 2023 14:38:35 GMT
Last-Modified: Sun, 05 Feb 2023 13:31:05 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YYNg7uhaZIwEB4uCuhCeKmtSpulHMefMvzriLWO97CNmHImul-cyUQ==
Age: 4050
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 6f564b16616cdbe03d924b0a6f5f89af
3182e9af0504278979297e6f7ebb9d3117e199f5
abed15ed21a11a875b87cb5d0e42d23f8ddd99b6d06c9a3338802bff7aeafe6e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hentaimoe.me
access-control-allow-credentials: true
set-cookie: uid_id2=198fc117-60c5-42f3-9128-ee17e5e167bc:3:1; expires=Wed, 02 Feb 2033 21:29:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash bfea74a6190e45e6b339a9ed62e59fd1
52a5787e4375d9012a8653c14cd5c66d68909ffb
f1251329302001bd0d2de99dfe1100887ff6a7b69de4ad2b9a2a718efe6c91d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F1251329302001BD0D2DE99DFE1100887FF6A7B69DE4AD2B9A2A718EFE6C91D1"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4751
Expires: Sun, 05 Feb 2023 22:48:43 GMT
Date: Sun, 05 Feb 2023 21:29:32 GMT
Connection: keep-alive
ohkkrlztqiuj.s4.adsco.re/
200 OK 0 B URL HTTP/1.1 ohkkrlztqiuj.s4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ohkkrlztqiuj.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:32 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6fa495f9042a4016d163f90d4e177636
35a31a456ac7bddaa8928ac7dd2383ad72a85640
84f41b6575fc9cceb71dbddb8d314dcb148ba46a1ce571d4dda30b9deb534e9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84F41B6575FC9CCEB71DBDDB8D314DCB148BA46A1CE571D4DDA30B9DEB534E9F"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9550
Expires: Mon, 06 Feb 2023 00:08:42 GMT
Date: Sun, 05 Feb 2023 21:29:32 GMT
Connection: keep-alive
poweredby.jads.co/adshow.php?adzone=998151
200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=998151
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (360), with CRLF, LF line terminators
Hash 6be241cbe185af971459abae255b27aa
e30e4d58aed79218cfe78dbb17f43d59d4335fc6
f9a467304d281ed9bbc2e46750f01a1f18e0b52c74b3b55a33028cc7d7c7f6d3
GET /adshow.php?adzone=998151 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 21:29:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=748685e737e3954bea4a55ce5a9569c3; expires=Mon, 05-Feb-2024 21:29:31 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Wed, 08-Feb-2023 21:29:31 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 08-Feb-2023 21:29:31 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/ads/user162607/ad1941804-1675447415.png
200 OK 146 kB URL HTTP/2 i.jads.co/ads/user162607/ad1941804-1675447415.png
IP
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 146 kB (145698 bytes)
Hash 8f902e099c33d7d73b035b0d64633c53
f08d09eca656cc57cc4dc00a4b209da0e11f8851
3000130103c1b6af952de3107ef0f40c9744acdbfd90065f481874de408ff459
GET /ads/user162607/ad1941804-1675447415.png HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=748685e737e3954bea4a55ce5a9569c3; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:32 GMT
etag: "1675447415"
cache-control: max-age=31350944
content-length: 145698
content-type: image/png
last-modified: Fri, 03 Feb 2023 18:03:35 GMT
accept-ranges: bytes
x-hw: 1675632572.dop210.sk1.t,1675632572.cds230.sk1.hn,1675632572.cds001.sk1.c
X-Firefox-Spdy: h2
0f6e7d3222.ba33938e50.com/in/multy
200 OK 20 kB URL HTTP/2 0f6e7d3222.ba33938e50.com/in/multy
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (20329), with no line terminators
Hash b1708fd8a9acba7c50136ec227e6fc25
7fa2c067543ccc9d49f4ce97953a821d8638780a
871a847542df4948c77cfc6974089accdeaf82a72500a1de60f273a8b152f0f3
POST /in/multy HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1374
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:29:32 GMT
content-type: application/json
content-length: 20340
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
0f6e7d3222.ba33938e50.com/in/multy
200 OK 21 kB URL HTTP/2 0f6e7d3222.ba33938e50.com/in/multy
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (20835), with no line terminators
Hash 1b7da7b22bb51c985625fa5a6de4bf51
d1996f35e45fe7000be5d754a6f27fd2b1620695
c902b97f1fd4436a4150c58d593b6fc7328519c67b10f3d0e0f783d04c048b10
POST /in/multy HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1184
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:29:32 GMT
content-type: application/json
content-length: 20837
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
pompeydesigning.com/sbar.json?key=0029b87cbce0f061e2ac28d2b7f5b97a&uuid=198fc117-60c5-42f3-9128-ee17e5e167bc%3A3%3A1
200 OK 4.4 kB URL HTTP/1.1 pompeydesigning.com/sbar.json?key=0029b87cbce0f061e2ac28d2b7f5b97a&uuid=198fc117-60c5-42f3-9128-ee17e5e167bc%3A3%3A1
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6112), with no line terminators
Hash 6b5eba41230843a580b06a2116993780
c82af0f6202970f157c963d697e3cb1b3bda2665
d5a41696bf6535c118a82199edac7588961f6b81ddfd433e8f4e68679a20d2aa
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=0029b87cbce0f061e2ac28d2b7f5b97a&uuid=198fc117-60c5-42f3-9128-ee17e5e167bc%3A3%3A1 HTTP/1.1
Host: pompeydesigning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:29:32 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://hentaimoe.me
Access-Control-Allow-Origin: https://hentaimoe.me
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17612983; expires=Mon, 06 Feb 2023 21:29:32 GMT; secure; SameSite=None
uid_id2=198fc117-60c5-42f3-9128-ee17e5e167bc:3:1; expires=Sun, 12 Feb 2023 21:29:32 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 21:29:32 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 21:29:32 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 06 Feb 2023 21:29:32 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 06 Feb 2023 21:29:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e0e42bcd420bd2fe469e9d6078b8e24
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
0f6e7d3222.ba33938e50.com/in/show/?mid=7783782661971908477&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=2049301713&sid=3681130262&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.09801802809559526&crid=&crtid=c90b6754a35f1fb475b39801d710ceff&tcid=0&out_id=1&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-5-a&site_id=3130359&spot_id=30359&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-05&is_native=2&auction_queue=0&burl=IhM9peuZYy-tdTv9f2mqSGB1x_D2cANeR_rH6Fb24sifLcl-QD8UgQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5330359&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25&min_cpm=0.014674634557468091&placement_type_id=&skin_test=0&verify_hash=164c778a3fe529d8d3ca05622e88b07a&score=40.1308007480933&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2049301713%26spot_id%3D30359%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=b&original_bid=0.0031&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=NSEcgcMVCgSqM_qaNoDWT6Du8FFcsh1YFy2TqQQl19BM8ws45_prrg95A-7O-P7-Jf-jq4jIlrjDSiYpKzfzMZT0CIPr4ovAcDD1iVheyr8XdEj9JXEz6_Ez1fyrtUNObh6t2Eend7bS_rQwMK3g07YM2x501jaGJ9pC_XHjZu_6Gd-2ew&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FMX%2FMX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6.webp&skin_id=2&vertical_id=0&real_bid=0.0027264499999999996&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=Hentai&label_ids=83,89,0,4&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=04d7d83f-c4f7-46f3-84f8-893185e7ad2b&mlc=1&format=default-slide-b_r-body
200 OK 0 B URL HTTP/2 0f6e7d3222.ba33938e50.com/in/show/?mid=7783782661971908477&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=2049301713&sid=3681130262&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.09801802809559526&crid=&crtid=c90b6754a35f1fb475b39801d710ceff&tcid=0&out_id=1&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-5-a&site_id=3130359&spot_id=30359&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-05&is_native=2&auction_queue=0&burl=IhM9peuZYy-tdTv9f2mqSGB1x_D2cANeR_rH6Fb24sifLcl-QD8UgQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5330359&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25&min_cpm=0.014674634557468091&placement_type_id=&skin_test=0&verify_hash=164c778a3fe529d8d3ca05622e88b07a&score=40.1308007480933&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2049301713%26spot_id%3D30359%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=b&original_bid=0.0031&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=NSEcgcMVCgSqM_qaNoDWT6Du8FFcsh1YFy2TqQQl19BM8ws45_prrg95A-7O-P7-Jf-jq4jIlrjDSiYpKzfzMZT0CIPr4ovAcDD1iVheyr8XdEj9JXEz6_Ez1fyrtUNObh6t2Eend7bS_rQwMK3g07YM2x501jaGJ9pC_XHjZu_6Gd-2ew&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FMX%2FMX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6.webp&skin_id=2&vertical_id=0&real_bid=0.0027264499999999996&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=Hentai&label_ids=83,89,0,4&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=04d7d83f-c4f7-46f3-84f8-893185e7ad2b&mlc=1&format=default-slide-b_r-body
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=7783782661971908477&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=2049301713&sid=3681130262&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.09801802809559526&crid=&crtid=c90b6754a35f1fb475b39801d710ceff&tcid=0&out_id=1&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-5-a&site_id=3130359&spot_id=30359&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-05&is_native=2&auction_queue=0&burl=IhM9peuZYy-tdTv9f2mqSGB1x_D2cANeR_rH6Fb24sifLcl-QD8UgQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5330359&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25&min_cpm=0.014674634557468091&placement_type_id=&skin_test=0&verify_hash=164c778a3fe529d8d3ca05622e88b07a&score=40.1308007480933&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2049301713%26spot_id%3D30359%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=b&original_bid=0.0031&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=NSEcgcMVCgSqM_qaNoDWT6Du8FFcsh1YFy2TqQQl19BM8ws45_prrg95A-7O-P7-Jf-jq4jIlrjDSiYpKzfzMZT0CIPr4ovAcDD1iVheyr8XdEj9JXEz6_Ez1fyrtUNObh6t2Eend7bS_rQwMK3g07YM2x501jaGJ9pC_XHjZu_6Gd-2ew&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FMX%2FMX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6.webp&skin_id=2&vertical_id=0&real_bid=0.0027264499999999996&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=Hentai&label_ids=83,89,0,4&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=04d7d83f-c4f7-46f3-84f8-893185e7ad2b&mlc=1&format=default-slide-b_r-body HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:29:33 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
0f6e7d3222.ba33938e50.com/in/show/?mid=7783782661971908477&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=2049301713&sid=3681130262&cid=13253&price=0.0838&is_cpm=0&cpm=0&ecpm=0.12233774548522654&crid=&crtid=17d43f81cc073548090aad9c92420bae&tcid=0&out_id=0&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-5-a&site_id=3130359&spot_id=30359&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-05&is_native=1&auction_queue=0&burl=rxkF5Epyi9xu0D1x8LQRJqckBZrZi2ahxy7iGoeK-UvcFXzGAKk-_w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7330359&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25&min_cpm=0.000657438947302995&placement_type_id=&skin_test=0&verify_hash=45d018792199d8ef8509d4a6b3c9eefe&score=40.1308007480933&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2049301713%26spot_id%3D30359%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=b&original_bid=0.0838&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=koZiD9bo07JrvWlq1Cte5E8jg1HyLfEPWFS574_rRS0kqNyB_R15c3cCcoV0LEeCqPZ6Z4S4wbOJD4CG2SbEanTvR9JNPhOVXCYpysBcjE2bkO3cx3BpiQ_RNVUDAHpiGYXof0ZN-zzzVZiql8hYTiISwto7z2j5LfqXSFvk7QfbHCe-thIsuqv8mcF5U5_E2G4qkBpl3hQ7S0b5ILIOhUnn6i9Sd3nfqhVQCSIJH2731y_THRXWJ_6FUSgBHdStI2sK2Ab7o0Z3xCF67tLBINV1S3N2p2j77llnEeXCblS5nUHUShpu4Id7L8Pv_4aKVsRQI6wTDxFSFW911hOtZUFM_46TlBqbJjxP1pGyN_PerVPLWRDMoePYMkwZHSjg9JkIpVyFdgcMF3o6L8vdfvJGKUfMdQjVqNV3SwRhH87jAUnIY-x3zsK5ssTTILwrsqUC0isI3iUtjFdWslTd5NH_uuG0AUX3yPXA9md_r8Ds7exigKIuNm6zTXC4F6tMU3DJoUDVl_ZEY7N70OHW3xhq5bYa560WzKTt-3S3WQDZb29trs_sLvbtdXnMfh0Fosb76C6v-46dS45jJzPy5Ns0e4Thseg6UlgpkQsUmScSI7aAz37qeyfd7GqbrRQuQtiOOfUDOUo8DXdFieWpELZP-C0lrfec8csKS3X_9EFleGMYerLsQJF0WF65-DJ4y-1cj9IG3JqaFTKJmMEXW3O3rCbtKIlFGi_DXfIEZ9FkoMv6105EyU9hgFCgU4vk97W1TUMPORfQuP1O6fJqFg-dvaDuGPhrVOLHUCuiJKiqcVYsEr1HcJk8UtUW4SySyUt2bL_hBdP2GBdmZtNV&image_url=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dr19um2%26c%3Dfl7Jq04Bfx3rq0L8Sz23BNtudmRpRKOZnxMsjAz9ZMqAPwJfxVJRSSCGnY-xEofqxIyp-h7FR4m6toGzEfySMyCS1B7rZkc9TmG8_ndLDuou8DlwU8QQkE057VpWG5b8BkfiO-WuNKHUbTLp6BxnYmbJDLtKN0yL6jt-zpu8XjS52BmIMk3bN-IFMTTVVxT-RSOmnlT50CmzqFC4K0ThiXdYKh5NAK_DBtfbn-qBY_mig1kj9g_0iQ09DsxtRwhT6AeEqA5kQAyZUiJl24P78qgUAnuPdFo5Ht9--uYjjJIqc-PIJKtJYkqDsSNjLoR4bkz6_EHJHqvYYxGFBEFD51YZvwtmFMYJ7WsnRsd8TGA5msGz77b-7LrrMMLyZDa06IvgUZ2rP_AnwaWpLw1KkM1sOjqXjyRe_5Y_Hzyig_9lp5Tpjzv7Q63QqnkPsz4NLiZwtcUWO4mMr3eBF8Le3u4WehFQXnhLz0-m2fCEfdLDtSj8XOx3OG480rVI-1D-Dt0qwRLk76IKwoC1rIZ4xA&skin_id=2&vertical_id=15&real_bid=0.07595632&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=Hentai&label_ids=15,83,90,4&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=34925171-4927-4032-a6c6-bf6fd772a697&format=default-slide-b_r-body
200 OK 0 B URL HTTP/2 0f6e7d3222.ba33938e50.com/in/show/?mid=7783782661971908477&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=2049301713&sid=3681130262&cid=13253&price=0.0838&is_cpm=0&cpm=0&ecpm=0.12233774548522654&crid=&crtid=17d43f81cc073548090aad9c92420bae&tcid=0&out_id=0&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-5-a&site_id=3130359&spot_id=30359&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-05&is_native=1&auction_queue=0&burl=rxkF5Epyi9xu0D1x8LQRJqckBZrZi2ahxy7iGoeK-UvcFXzGAKk-_w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7330359&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25&min_cpm=0.000657438947302995&placement_type_id=&skin_test=0&verify_hash=45d018792199d8ef8509d4a6b3c9eefe&score=40.1308007480933&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2049301713%26spot_id%3D30359%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=b&original_bid=0.0838&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=koZiD9bo07JrvWlq1Cte5E8jg1HyLfEPWFS574_rRS0kqNyB_R15c3cCcoV0LEeCqPZ6Z4S4wbOJD4CG2SbEanTvR9JNPhOVXCYpysBcjE2bkO3cx3BpiQ_RNVUDAHpiGYXof0ZN-zzzVZiql8hYTiISwto7z2j5LfqXSFvk7QfbHCe-thIsuqv8mcF5U5_E2G4qkBpl3hQ7S0b5ILIOhUnn6i9Sd3nfqhVQCSIJH2731y_THRXWJ_6FUSgBHdStI2sK2Ab7o0Z3xCF67tLBINV1S3N2p2j77llnEeXCblS5nUHUShpu4Id7L8Pv_4aKVsRQI6wTDxFSFW911hOtZUFM_46TlBqbJjxP1pGyN_PerVPLWRDMoePYMkwZHSjg9JkIpVyFdgcMF3o6L8vdfvJGKUfMdQjVqNV3SwRhH87jAUnIY-x3zsK5ssTTILwrsqUC0isI3iUtjFdWslTd5NH_uuG0AUX3yPXA9md_r8Ds7exigKIuNm6zTXC4F6tMU3DJoUDVl_ZEY7N70OHW3xhq5bYa560WzKTt-3S3WQDZb29trs_sLvbtdXnMfh0Fosb76C6v-46dS45jJzPy5Ns0e4Thseg6UlgpkQsUmScSI7aAz37qeyfd7GqbrRQuQtiOOfUDOUo8DXdFieWpELZP-C0lrfec8csKS3X_9EFleGMYerLsQJF0WF65-DJ4y-1cj9IG3JqaFTKJmMEXW3O3rCbtKIlFGi_DXfIEZ9FkoMv6105EyU9hgFCgU4vk97W1TUMPORfQuP1O6fJqFg-dvaDuGPhrVOLHUCuiJKiqcVYsEr1HcJk8UtUW4SySyUt2bL_hBdP2GBdmZtNV&image_url=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dr19um2%26c%3Dfl7Jq04Bfx3rq0L8Sz23BNtudmRpRKOZnxMsjAz9ZMqAPwJfxVJRSSCGnY-xEofqxIyp-h7FR4m6toGzEfySMyCS1B7rZkc9TmG8_ndLDuou8DlwU8QQkE057VpWG5b8BkfiO-WuNKHUbTLp6BxnYmbJDLtKN0yL6jt-zpu8XjS52BmIMk3bN-IFMTTVVxT-RSOmnlT50CmzqFC4K0ThiXdYKh5NAK_DBtfbn-qBY_mig1kj9g_0iQ09DsxtRwhT6AeEqA5kQAyZUiJl24P78qgUAnuPdFo5Ht9--uYjjJIqc-PIJKtJYkqDsSNjLoR4bkz6_EHJHqvYYxGFBEFD51YZvwtmFMYJ7WsnRsd8TGA5msGz77b-7LrrMMLyZDa06IvgUZ2rP_AnwaWpLw1KkM1sOjqXjyRe_5Y_Hzyig_9lp5Tpjzv7Q63QqnkPsz4NLiZwtcUWO4mMr3eBF8Le3u4WehFQXnhLz0-m2fCEfdLDtSj8XOx3OG480rVI-1D-Dt0qwRLk76IKwoC1rIZ4xA&skin_id=2&vertical_id=15&real_bid=0.07595632&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=Hentai&label_ids=15,83,90,4&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=34925171-4927-4032-a6c6-bf6fd772a697&format=default-slide-b_r-body
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=7783782661971908477&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=2049301713&sid=3681130262&cid=13253&price=0.0838&is_cpm=0&cpm=0&ecpm=0.12233774548522654&crid=&crtid=17d43f81cc073548090aad9c92420bae&tcid=0&out_id=0&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-5-a&site_id=3130359&spot_id=30359&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-05&is_native=1&auction_queue=0&burl=rxkF5Epyi9xu0D1x8LQRJqckBZrZi2ahxy7iGoeK-UvcFXzGAKk-_w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7330359&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25&min_cpm=0.000657438947302995&placement_type_id=&skin_test=0&verify_hash=45d018792199d8ef8509d4a6b3c9eefe&score=40.1308007480933&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2049301713%26spot_id%3D30359%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=b&original_bid=0.0838&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=koZiD9bo07JrvWlq1Cte5E8jg1HyLfEPWFS574_rRS0kqNyB_R15c3cCcoV0LEeCqPZ6Z4S4wbOJD4CG2SbEanTvR9JNPhOVXCYpysBcjE2bkO3cx3BpiQ_RNVUDAHpiGYXof0ZN-zzzVZiql8hYTiISwto7z2j5LfqXSFvk7QfbHCe-thIsuqv8mcF5U5_E2G4qkBpl3hQ7S0b5ILIOhUnn6i9Sd3nfqhVQCSIJH2731y_THRXWJ_6FUSgBHdStI2sK2Ab7o0Z3xCF67tLBINV1S3N2p2j77llnEeXCblS5nUHUShpu4Id7L8Pv_4aKVsRQI6wTDxFSFW911hOtZUFM_46TlBqbJjxP1pGyN_PerVPLWRDMoePYMkwZHSjg9JkIpVyFdgcMF3o6L8vdfvJGKUfMdQjVqNV3SwRhH87jAUnIY-x3zsK5ssTTILwrsqUC0isI3iUtjFdWslTd5NH_uuG0AUX3yPXA9md_r8Ds7exigKIuNm6zTXC4F6tMU3DJoUDVl_ZEY7N70OHW3xhq5bYa560WzKTt-3S3WQDZb29trs_sLvbtdXnMfh0Fosb76C6v-46dS45jJzPy5Ns0e4Thseg6UlgpkQsUmScSI7aAz37qeyfd7GqbrRQuQtiOOfUDOUo8DXdFieWpELZP-C0lrfec8csKS3X_9EFleGMYerLsQJF0WF65-DJ4y-1cj9IG3JqaFTKJmMEXW3O3rCbtKIlFGi_DXfIEZ9FkoMv6105EyU9hgFCgU4vk97W1TUMPORfQuP1O6fJqFg-dvaDuGPhrVOLHUCuiJKiqcVYsEr1HcJk8UtUW4SySyUt2bL_hBdP2GBdmZtNV&image_url=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dr19um2%26c%3Dfl7Jq04Bfx3rq0L8Sz23BNtudmRpRKOZnxMsjAz9ZMqAPwJfxVJRSSCGnY-xEofqxIyp-h7FR4m6toGzEfySMyCS1B7rZkc9TmG8_ndLDuou8DlwU8QQkE057VpWG5b8BkfiO-WuNKHUbTLp6BxnYmbJDLtKN0yL6jt-zpu8XjS52BmIMk3bN-IFMTTVVxT-RSOmnlT50CmzqFC4K0ThiXdYKh5NAK_DBtfbn-qBY_mig1kj9g_0iQ09DsxtRwhT6AeEqA5kQAyZUiJl24P78qgUAnuPdFo5Ht9--uYjjJIqc-PIJKtJYkqDsSNjLoR4bkz6_EHJHqvYYxGFBEFD51YZvwtmFMYJ7WsnRsd8TGA5msGz77b-7LrrMMLyZDa06IvgUZ2rP_AnwaWpLw1KkM1sOjqXjyRe_5Y_Hzyig_9lp5Tpjzv7Q63QqnkPsz4NLiZwtcUWO4mMr3eBF8Le3u4WehFQXnhLz0-m2fCEfdLDtSj8XOx3OG480rVI-1D-Dt0qwRLk76IKwoC1rIZ4xA&skin_id=2&vertical_id=15&real_bid=0.07595632&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=Hentai&label_ids=15,83,90,4&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=34925171-4927-4032-a6c6-bf6fd772a697&format=default-slide-b_r-body HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:29:33 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
0f6e7d3222.ba33938e50.com/in/show/?mid=5400480737428083824&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1123959183&sid=2835996074&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.2328813582419816&crid=&crtid=c90b6754a35f1fb475b39801d710ceff&tcid=0&out_id=1&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-3-c&site_id=3126479&spot_id=26479&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-05&is_native=2&auction_queue=0&burl=0zBORnGSY1eQ39bWKHcbR4hYRpi2Q-BNbl1Vhk4or_5qtCHcTk43zA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5326479&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.01802976879766805&placement_type_id=&skin_test=0&verify_hash=784f3e32c9974b72428c9dd79bec98a4&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1123959183%26spot_id%3D26479%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=c&original_bid=0.0031&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=K_VoMj8Y_6T87Wi1EHFALqjJEfTCzSN7r9tCiXyiUqgMKzR_uJrJK3hFrCTXkzUBl24Bz2cYkRrAidymN95K6R1N7SId6ZwW0v5Cq0pUv6fNQihfIL0tzgn5TBuXnFPUoNWPBqMiJWr2-VQircYDfgrQuvJ_nUScNCo9dG9Vjm1296d_hQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FMX%2FMX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6.webp&skin_id=8&vertical_id=0&real_bid=0.0027264499999999996&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=&label_ids=0,4,83,89&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=e2f48a9f-7003-4a30-a828-f0c977cb80a1&mlc=1&format=androidWhatsAppCompact-slide-t_r-embed
200 OK 0 B URL HTTP/2 0f6e7d3222.ba33938e50.com/in/show/?mid=5400480737428083824&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1123959183&sid=2835996074&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.2328813582419816&crid=&crtid=c90b6754a35f1fb475b39801d710ceff&tcid=0&out_id=1&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-3-c&site_id=3126479&spot_id=26479&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-05&is_native=2&auction_queue=0&burl=0zBORnGSY1eQ39bWKHcbR4hYRpi2Q-BNbl1Vhk4or_5qtCHcTk43zA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5326479&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.01802976879766805&placement_type_id=&skin_test=0&verify_hash=784f3e32c9974b72428c9dd79bec98a4&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1123959183%26spot_id%3D26479%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=c&original_bid=0.0031&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=K_VoMj8Y_6T87Wi1EHFALqjJEfTCzSN7r9tCiXyiUqgMKzR_uJrJK3hFrCTXkzUBl24Bz2cYkRrAidymN95K6R1N7SId6ZwW0v5Cq0pUv6fNQihfIL0tzgn5TBuXnFPUoNWPBqMiJWr2-VQircYDfgrQuvJ_nUScNCo9dG9Vjm1296d_hQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FMX%2FMX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6.webp&skin_id=8&vertical_id=0&real_bid=0.0027264499999999996&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=&label_ids=0,4,83,89&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=e2f48a9f-7003-4a30-a828-f0c977cb80a1&mlc=1&format=androidWhatsAppCompact-slide-t_r-embed
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=5400480737428083824&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1123959183&sid=2835996074&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.2328813582419816&crid=&crtid=c90b6754a35f1fb475b39801d710ceff&tcid=0&out_id=1&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-3-c&site_id=3126479&spot_id=26479&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-05&is_native=2&auction_queue=0&burl=0zBORnGSY1eQ39bWKHcbR4hYRpi2Q-BNbl1Vhk4or_5qtCHcTk43zA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5326479&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.01802976879766805&placement_type_id=&skin_test=0&verify_hash=784f3e32c9974b72428c9dd79bec98a4&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1123959183%26spot_id%3D26479%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=c&original_bid=0.0031&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=K_VoMj8Y_6T87Wi1EHFALqjJEfTCzSN7r9tCiXyiUqgMKzR_uJrJK3hFrCTXkzUBl24Bz2cYkRrAidymN95K6R1N7SId6ZwW0v5Cq0pUv6fNQihfIL0tzgn5TBuXnFPUoNWPBqMiJWr2-VQircYDfgrQuvJ_nUScNCo9dG9Vjm1296d_hQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FMX%2FMX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6.webp&skin_id=8&vertical_id=0&real_bid=0.0027264499999999996&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=&label_ids=0,4,83,89&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=e2f48a9f-7003-4a30-a828-f0c977cb80a1&mlc=1&format=androidWhatsAppCompact-slide-t_r-embed HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:29:33 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
0f6e7d3222.ba33938e50.com/in/show/?mid=5400480737428083824&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1123959183&sid=2835996074&cid=12695&price=0&is_cpm=1&cpm=0.036&ecpm=0.036&crid=2240&crtid=f70aa6a0d437f901eea3e30be1aacaa8&tcid=0&out_id=0&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-3-c&site_id=3126479&spot_id=26479&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675805371&created_at=2023-02-05&is_native=1&auction_queue=0&burl=4aDMVSAHD0IddeGvBWK16kZb2eR53YQZwlTuMRZmGSTm9fM-KmEAGQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=3126479&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0014724352726499992&placement_type_id=&skin_test=0&verify_hash=8a7cba8b3ace7a872cd2bab8edb203ae&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1123959183%26spot_id%3D26479%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=c&original_bid=0.036&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=7SZxhHTG2UsimZuKwcIC93pucwmHTkx9thjK4RfBRxihta_N6ZQgjWw9n_UPzGIvxzAsuwt4zdfWYM50AivaockuKosba95FOLubGr7M3Ss-iJZaiwovpY70FP2qwD7m0UijG0JZ2jA8-sEGJfWsWAzAmuhC0RczfIcsyMOlgynBz6RiUWYJoFy7pKPIsEywwaePTXY5ngejepmtU6kKdH5LIUOc8IwsYJqMJbBd3xPxf_f-0wHKUn6TB73p4G4ZHI55CUDMxR09fRuoC4XXmXbmKdRFJ0E5__eUJj0jv6GyncIp1pXlcEwE8UtioujPi3oMvosNdYjTlG_ZZOd2nMtn4G-w1VM7zQ_FWCELmymQ23aTObBsagXoB-0zlU9uP4qERDryewosdW_mJr_-DaZ-4AUUEwH6omz5dR5hTcs2Qnkhi_xfsY8sfYxD5wv_OoZmGO-8iNf4smW7ndKvwRRJQKJBfZn-drbkZwBQRCYf3Pd147M02aW4sIdbVAJzLMy8QpQyXIASUxZT33KLAeaV-z_ELotJ7foPacWtJOTwbO7FoxvMtsWBaShRWW9s0Y_eHdZ18yCXCb8Zyz_IjMmMHdh0UE595neB4b8uaIHNepwM-c3d-ZZBaIuTc4r7BHNxg7SFbrhGmFvjPs0g86Jwo4P0G_nua2PAh8xuPK15GC8p21wMBSPfQJOmr2upFB9RkjbrbaVA_7l7ZEE4zfcKOFRTWoYSugflPeraMLszZXz8dV6nFlJto9XFAiTOxQmbNC4VQVOeUDBrSlKp45WW2giv4567kMzDKiW10wcd_loe23mc3rhoMBOxhLsuHBYt39lq9Gc4HKINboT5LWCWYgrSboACHugWZUfytByRyY1x05Yd80l16OFkGqT8Mixh4dKNwquD0Wsh9GUiImcz5kapQ8yTegsZ_rY_4egIB_4qYmnC8FT634hDHyrd-Aj3t0wkQpWsOCAVVHrMz4wopNwmzt4FtwZZEY_fcmVYlL5jcWp9l0lQ1saGz74HXJ-M09Bz_0H2Ay-elmCVZEINM8QmdRvjg_uOF0dzA9AAp64OHDk1uBt-XSXfk7jZREh_odx1BMCmwM10JaaIyT4Qfdo3KM0wSO6oBSL-jYlJig-Iq-IHXkcKJBc1M0UMhS83LpvK9xB6x45-GT_YMn1cKOOjbFc6U4t0ZwN_fWnzIF8yjKxx9trWJvXLCmClcrHwp4vD-oh7zxF4Qt9IMD4EJjxE9_AC0wchqSNz7atU&image_url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F374%2F374539%2Fconversions%2FuaDvnmZE-minify.jpg&skin_id=8&vertical_id=0&real_bid=0.036&pr=&user_keywords=&auc_type=1&aid=127&ext_cid=100266&device_theme=light&keywords=&label_ids=101,4,5,0&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=d77274a3-4d8b-4a50-8ff7-df1d92f47996&format=androidWhatsAppCompact-slide-t_r-embed
200 OK 0 B URL HTTP/2 0f6e7d3222.ba33938e50.com/in/show/?mid=5400480737428083824&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1123959183&sid=2835996074&cid=12695&price=0&is_cpm=1&cpm=0.036&ecpm=0.036&crid=2240&crtid=f70aa6a0d437f901eea3e30be1aacaa8&tcid=0&out_id=0&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-3-c&site_id=3126479&spot_id=26479&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675805371&created_at=2023-02-05&is_native=1&auction_queue=0&burl=4aDMVSAHD0IddeGvBWK16kZb2eR53YQZwlTuMRZmGSTm9fM-KmEAGQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=3126479&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0014724352726499992&placement_type_id=&skin_test=0&verify_hash=8a7cba8b3ace7a872cd2bab8edb203ae&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1123959183%26spot_id%3D26479%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=c&original_bid=0.036&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=7SZxhHTG2UsimZuKwcIC93pucwmHTkx9thjK4RfBRxihta_N6ZQgjWw9n_UPzGIvxzAsuwt4zdfWYM50AivaockuKosba95FOLubGr7M3Ss-iJZaiwovpY70FP2qwD7m0UijG0JZ2jA8-sEGJfWsWAzAmuhC0RczfIcsyMOlgynBz6RiUWYJoFy7pKPIsEywwaePTXY5ngejepmtU6kKdH5LIUOc8IwsYJqMJbBd3xPxf_f-0wHKUn6TB73p4G4ZHI55CUDMxR09fRuoC4XXmXbmKdRFJ0E5__eUJj0jv6GyncIp1pXlcEwE8UtioujPi3oMvosNdYjTlG_ZZOd2nMtn4G-w1VM7zQ_FWCELmymQ23aTObBsagXoB-0zlU9uP4qERDryewosdW_mJr_-DaZ-4AUUEwH6omz5dR5hTcs2Qnkhi_xfsY8sfYxD5wv_OoZmGO-8iNf4smW7ndKvwRRJQKJBfZn-drbkZwBQRCYf3Pd147M02aW4sIdbVAJzLMy8QpQyXIASUxZT33KLAeaV-z_ELotJ7foPacWtJOTwbO7FoxvMtsWBaShRWW9s0Y_eHdZ18yCXCb8Zyz_IjMmMHdh0UE595neB4b8uaIHNepwM-c3d-ZZBaIuTc4r7BHNxg7SFbrhGmFvjPs0g86Jwo4P0G_nua2PAh8xuPK15GC8p21wMBSPfQJOmr2upFB9RkjbrbaVA_7l7ZEE4zfcKOFRTWoYSugflPeraMLszZXz8dV6nFlJto9XFAiTOxQmbNC4VQVOeUDBrSlKp45WW2giv4567kMzDKiW10wcd_loe23mc3rhoMBOxhLsuHBYt39lq9Gc4HKINboT5LWCWYgrSboACHugWZUfytByRyY1x05Yd80l16OFkGqT8Mixh4dKNwquD0Wsh9GUiImcz5kapQ8yTegsZ_rY_4egIB_4qYmnC8FT634hDHyrd-Aj3t0wkQpWsOCAVVHrMz4wopNwmzt4FtwZZEY_fcmVYlL5jcWp9l0lQ1saGz74HXJ-M09Bz_0H2Ay-elmCVZEINM8QmdRvjg_uOF0dzA9AAp64OHDk1uBt-XSXfk7jZREh_odx1BMCmwM10JaaIyT4Qfdo3KM0wSO6oBSL-jYlJig-Iq-IHXkcKJBc1M0UMhS83LpvK9xB6x45-GT_YMn1cKOOjbFc6U4t0ZwN_fWnzIF8yjKxx9trWJvXLCmClcrHwp4vD-oh7zxF4Qt9IMD4EJjxE9_AC0wchqSNz7atU&image_url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F374%2F374539%2Fconversions%2FuaDvnmZE-minify.jpg&skin_id=8&vertical_id=0&real_bid=0.036&pr=&user_keywords=&auc_type=1&aid=127&ext_cid=100266&device_theme=light&keywords=&label_ids=101,4,5,0&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=d77274a3-4d8b-4a50-8ff7-df1d92f47996&format=androidWhatsAppCompact-slide-t_r-embed
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=5400480737428083824&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1123959183&sid=2835996074&cid=12695&price=0&is_cpm=1&cpm=0.036&ecpm=0.036&crid=2240&crtid=f70aa6a0d437f901eea3e30be1aacaa8&tcid=0&out_id=0&ver=8.24.1&ver_c=&refdom=hentaimoe.me&hostname=auc-inpage-hz-3-c&site_id=3126479&spot_id=26479&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675805371&created_at=2023-02-05&is_native=1&auction_queue=0&burl=4aDMVSAHD0IddeGvBWK16kZb2eR53YQZwlTuMRZmGSTm9fM-KmEAGQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=3126479&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0014724352726499992&placement_type_id=&skin_test=0&verify_hash=8a7cba8b3ace7a872cd2bab8edb203ae&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1123959183%26spot_id%3D26479%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fhentaimoe.me%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=c&original_bid=0.036&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=7SZxhHTG2UsimZuKwcIC93pucwmHTkx9thjK4RfBRxihta_N6ZQgjWw9n_UPzGIvxzAsuwt4zdfWYM50AivaockuKosba95FOLubGr7M3Ss-iJZaiwovpY70FP2qwD7m0UijG0JZ2jA8-sEGJfWsWAzAmuhC0RczfIcsyMOlgynBz6RiUWYJoFy7pKPIsEywwaePTXY5ngejepmtU6kKdH5LIUOc8IwsYJqMJbBd3xPxf_f-0wHKUn6TB73p4G4ZHI55CUDMxR09fRuoC4XXmXbmKdRFJ0E5__eUJj0jv6GyncIp1pXlcEwE8UtioujPi3oMvosNdYjTlG_ZZOd2nMtn4G-w1VM7zQ_FWCELmymQ23aTObBsagXoB-0zlU9uP4qERDryewosdW_mJr_-DaZ-4AUUEwH6omz5dR5hTcs2Qnkhi_xfsY8sfYxD5wv_OoZmGO-8iNf4smW7ndKvwRRJQKJBfZn-drbkZwBQRCYf3Pd147M02aW4sIdbVAJzLMy8QpQyXIASUxZT33KLAeaV-z_ELotJ7foPacWtJOTwbO7FoxvMtsWBaShRWW9s0Y_eHdZ18yCXCb8Zyz_IjMmMHdh0UE595neB4b8uaIHNepwM-c3d-ZZBaIuTc4r7BHNxg7SFbrhGmFvjPs0g86Jwo4P0G_nua2PAh8xuPK15GC8p21wMBSPfQJOmr2upFB9RkjbrbaVA_7l7ZEE4zfcKOFRTWoYSugflPeraMLszZXz8dV6nFlJto9XFAiTOxQmbNC4VQVOeUDBrSlKp45WW2giv4567kMzDKiW10wcd_loe23mc3rhoMBOxhLsuHBYt39lq9Gc4HKINboT5LWCWYgrSboACHugWZUfytByRyY1x05Yd80l16OFkGqT8Mixh4dKNwquD0Wsh9GUiImcz5kapQ8yTegsZ_rY_4egIB_4qYmnC8FT634hDHyrd-Aj3t0wkQpWsOCAVVHrMz4wopNwmzt4FtwZZEY_fcmVYlL5jcWp9l0lQ1saGz74HXJ-M09Bz_0H2Ay-elmCVZEINM8QmdRvjg_uOF0dzA9AAp64OHDk1uBt-XSXfk7jZREh_odx1BMCmwM10JaaIyT4Qfdo3KM0wSO6oBSL-jYlJig-Iq-IHXkcKJBc1M0UMhS83LpvK9xB6x45-GT_YMn1cKOOjbFc6U4t0ZwN_fWnzIF8yjKxx9trWJvXLCmClcrHwp4vD-oh7zxF4Qt9IMD4EJjxE9_AC0wchqSNz7atU&image_url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F374%2F374539%2Fconversions%2FuaDvnmZE-minify.jpg&skin_id=8&vertical_id=0&real_bid=0.036&pr=&user_keywords=&auc_type=1&aid=127&ext_cid=100266&device_theme=light&keywords=&label_ids=101,4,5,0&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=d77274a3-4d8b-4a50-8ff7-df1d92f47996&format=androidWhatsAppCompact-slide-t_r-embed HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:29:33 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
cdn4ads.com/WorxQh.php?_=BQFiAAAAAAAACZUAAoMc15aoqDxTHpRkZbLDALCswHWAfctULPVSVUB8WCltp-NWUpH9nsQgnM2xOvIudJnd7EtupkB3LUtNfqS3Y9ArZ6NEu6JmDWnB80RZakOhHSzptI5JskwoXx0-5ba6x5LJHvqALjNITZhz3UPmOTXeighYNNSfKhJKkzkbJTJXwr1DCpl8KjMyiD8J9dIvdL9tpJIyhvrw6u1YL-jipWdVttpXPP0lccuyFgf8O9L4B7VxjZJgvrlyc07qziBL-UzpTsx1r_2y-2b829dHx8IDrwtAKOihvJhouK5jwyuD8fTsH6tHBMN_r4eDKGtDLbBwRX0aZwICodayYd2mV_yI9vulnGC5C0L0VbKXZ-7SspSr0ii3WC0Wahv4mrk-uc7NSjqN-30Jdyy56BXd1BsRC77rn6bMrq1mloBxPUMd89wYLtM52ET0b2N86p2I9eyXxZC34h07TbrDavnrMnk&v=4&PhxVNngk=4301501&minBid=&FeDlxBQR=0,0&GnISzvVo=&qduojtGi=&s=1280,1024,1,1280,1024,0
200 OK 44 B URL HTTP/2 cdn4ads.com/WorxQh.php?_=BQFiAAAAAAAACZUAAoMc15aoqDxTHpRkZbLDALCswHWAfctULPVSVUB8WCltp-NWUpH9nsQgnM2xOvIudJnd7EtupkB3LUtNfqS3Y9ArZ6NEu6JmDWnB80RZakOhHSzptI5JskwoXx0-5ba6x5LJHvqALjNITZhz3UPmOTXeighYNNSfKhJKkzkbJTJXwr1DCpl8KjMyiD8J9dIvdL9tpJIyhvrw6u1YL-jipWdVttpXPP0lccuyFgf8O9L4B7VxjZJgvrlyc07qziBL-UzpTsx1r_2y-2b829dHx8IDrwtAKOihvJhouK5jwyuD8fTsH6tHBMN_r4eDKGtDLbBwRX0aZwICodayYd2mV_yI9vulnGC5C0L0VbKXZ-7SspSr0ii3WC0Wahv4mrk-uc7NSjqN-30Jdyy56BXd1BsRC77rn6bMrq1mloBxPUMd89wYLtM52ET0b2N86p2I9eyXxZC34h07TbrDavnrMnk&v=4&PhxVNngk=4301501&minBid=&FeDlxBQR=0,0&GnISzvVo=&qduojtGi=&s=1280,1024,1,1280,1024,0
IP
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /WorxQh.php?_=BQFiAAAAAAAACZUAAoMc15aoqDxTHpRkZbLDALCswHWAfctULPVSVUB8WCltp-NWUpH9nsQgnM2xOvIudJnd7EtupkB3LUtNfqS3Y9ArZ6NEu6JmDWnB80RZakOhHSzptI5JskwoXx0-5ba6x5LJHvqALjNITZhz3UPmOTXeighYNNSfKhJKkzkbJTJXwr1DCpl8KjMyiD8J9dIvdL9tpJIyhvrw6u1YL-jipWdVttpXPP0lccuyFgf8O9L4B7VxjZJgvrlyc07qziBL-UzpTsx1r_2y-2b829dHx8IDrwtAKOihvJhouK5jwyuD8fTsH6tHBMN_r4eDKGtDLbBwRX0aZwICodayYd2mV_yI9vulnGC5C0L0VbKXZ-7SspSr0ii3WC0Wahv4mrk-uc7NSjqN-30Jdyy56BXd1BsRC77rn6bMrq1mloBxPUMd89wYLtM52ET0b2N86p2I9eyXxZC34h07TbrDavnrMnk&v=4&PhxVNngk=4301501&minBid=&FeDlxBQR=0,0&GnISzvVo=&qduojtGi=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 05 Feb 2023 21:29:33 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 581b061cb1c3914dd3fccd6622aad79c
5e823075afdc7a6753895c7f41d545e2d2a9a3c4
6ae3860be91cca71a572e7135b992541690d4a31e3dddc37b68affd2e72f4e72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4060
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:33 GMT
Last-Modified: Sun, 05 Feb 2023 20:21:54 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1efc8c3c61de56d2f4363b2c6921c589
13cabd2d34a14cd61dce1ff11418d9d2b0780623
23705b8853f17d1affbb72cab0c27338af253f4d8396ae9db74993b874596ace
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "23705B8853F17D1AFFBB72CAB0C27338AF253F4D8396AE9DB74993B874596ACE"
Last-Modified: Fri, 03 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9354
Expires: Mon, 06 Feb 2023 00:05:27 GMT
Date: Sun, 05 Feb 2023 21:29:33 GMT
Connection: keep-alive
pn.bquildna43.site/in/tip_shows/?katds_ep=ZIrXnwKhnGrvvMLanmbHR9L20aMl8TLa_m0V01ZL7S5Xl6-o1Zph-AaLGTmRlV-YolDR-SgBqi_rClWgwtCYz1cU95hMFFl4xZMIkGFttmjqsOACNMdZ6hMFQyS78cBA5g5_w65XToNQxMfCUDKnS6ksceZ9uvLCS5xJuFiV_7V7QVr6bg4S4V70q3FCO-R2Eqer0VIb9M7xvsFKnvDiFYh1DffIJWNw5h54DNUSwHW16ZG5L21bBIOjkTtGeSNhsIjaiy1AtXGV1z_OjkNJc1PxvzI2tPfB7S01TFUQMzY9AzAfbC54t0v6Baur1qT-HvWLbbDYZcQYo9I_XoAQcoTPsm1cmwL2EMSjjNpLVzN53nS-RQs43yueeISA3Nm1XOgrWwPUdkjjBnoXAtMxmKTjl0bjSomMv6iW_oQtfwzIX4gVDiRG0XciaFXBY9HI80pZ9bC7AAfLLmRIYpPj01S356SgNn-WIR50e9INtyQn6tV-kbtJUiyybntAk-hQI3KBJMEM1zpx_kvlhfqXCYsALY9jfT8s19Nj9-fPIUGrJ-n4ICBaelbYpI6GSun5y5R12s6WG7paEROoEga1ExTNNv4Rx7oO-K15X1UdGECyVph3EveLG6KpUWJ_dVFGxRB2NRJvl8ZctD_R_odDwymoJgLVjfkStom41MXIzts57jYz8POG_NDZ4dRGpjCa_CTBsixC1WCYdgHCSdLDmanvfHkxwWdnjZV1R2kAUCPIQpULc-VRNIIjOH0d7PuIYLpCZ0RIntoOlvjT5oRXB6qj1m-Ij9lm1Mc1R3R-oW1JZck09cM8XHJdAjWNBQ&sp=0.0033491937838387256&cpa=f77d7fff-56e4-4415-b4e6-c2225da72593&format=androidWhatsAppCompact-slide-t_r-embed
302 Found 0 B URL HTTP/2 pn.bquildna43.site/in/tip_shows/?katds_ep=ZIrXnwKhnGrvvMLanmbHR9L20aMl8TLa_m0V01ZL7S5Xl6-o1Zph-AaLGTmRlV-YolDR-SgBqi_rClWgwtCYz1cU95hMFFl4xZMIkGFttmjqsOACNMdZ6hMFQyS78cBA5g5_w65XToNQxMfCUDKnS6ksceZ9uvLCS5xJuFiV_7V7QVr6bg4S4V70q3FCO-R2Eqer0VIb9M7xvsFKnvDiFYh1DffIJWNw5h54DNUSwHW16ZG5L21bBIOjkTtGeSNhsIjaiy1AtXGV1z_OjkNJc1PxvzI2tPfB7S01TFUQMzY9AzAfbC54t0v6Baur1qT-HvWLbbDYZcQYo9I_XoAQcoTPsm1cmwL2EMSjjNpLVzN53nS-RQs43yueeISA3Nm1XOgrWwPUdkjjBnoXAtMxmKTjl0bjSomMv6iW_oQtfwzIX4gVDiRG0XciaFXBY9HI80pZ9bC7AAfLLmRIYpPj01S356SgNn-WIR50e9INtyQn6tV-kbtJUiyybntAk-hQI3KBJMEM1zpx_kvlhfqXCYsALY9jfT8s19Nj9-fPIUGrJ-n4ICBaelbYpI6GSun5y5R12s6WG7paEROoEga1ExTNNv4Rx7oO-K15X1UdGECyVph3EveLG6KpUWJ_dVFGxRB2NRJvl8ZctD_R_odDwymoJgLVjfkStom41MXIzts57jYz8POG_NDZ4dRGpjCa_CTBsixC1WCYdgHCSdLDmanvfHkxwWdnjZV1R2kAUCPIQpULc-VRNIIjOH0d7PuIYLpCZ0RIntoOlvjT5oRXB6qj1m-Ij9lm1Mc1R3R-oW1JZck09cM8XHJdAjWNBQ&sp=0.0033491937838387256&cpa=f77d7fff-56e4-4415-b4e6-c2225da72593&format=androidWhatsAppCompact-slide-t_r-embed
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tip_shows/?katds_ep=ZIrXnwKhnGrvvMLanmbHR9L20aMl8TLa_m0V01ZL7S5Xl6-o1Zph-AaLGTmRlV-YolDR-SgBqi_rClWgwtCYz1cU95hMFFl4xZMIkGFttmjqsOACNMdZ6hMFQyS78cBA5g5_w65XToNQxMfCUDKnS6ksceZ9uvLCS5xJuFiV_7V7QVr6bg4S4V70q3FCO-R2Eqer0VIb9M7xvsFKnvDiFYh1DffIJWNw5h54DNUSwHW16ZG5L21bBIOjkTtGeSNhsIjaiy1AtXGV1z_OjkNJc1PxvzI2tPfB7S01TFUQMzY9AzAfbC54t0v6Baur1qT-HvWLbbDYZcQYo9I_XoAQcoTPsm1cmwL2EMSjjNpLVzN53nS-RQs43yueeISA3Nm1XOgrWwPUdkjjBnoXAtMxmKTjl0bjSomMv6iW_oQtfwzIX4gVDiRG0XciaFXBY9HI80pZ9bC7AAfLLmRIYpPj01S356SgNn-WIR50e9INtyQn6tV-kbtJUiyybntAk-hQI3KBJMEM1zpx_kvlhfqXCYsALY9jfT8s19Nj9-fPIUGrJ-n4ICBaelbYpI6GSun5y5R12s6WG7paEROoEga1ExTNNv4Rx7oO-K15X1UdGECyVph3EveLG6KpUWJ_dVFGxRB2NRJvl8ZctD_R_odDwymoJgLVjfkStom41MXIzts57jYz8POG_NDZ4dRGpjCa_CTBsixC1WCYdgHCSdLDmanvfHkxwWdnjZV1R2kAUCPIQpULc-VRNIIjOH0d7PuIYLpCZ0RIntoOlvjT5oRXB6qj1m-Ij9lm1Mc1R3R-oW1JZck09cM8XHJdAjWNBQ&sp=0.0033491937838387256&cpa=f77d7fff-56e4-4415-b4e6-c2225da72593&format=androidWhatsAppCompact-slide-t_r-embed HTTP/1.1
Host: pn.bquildna43.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: application/json
content-length: 0
location: https://12112336.pix-cdn.org/m/p/0/374/374538/conversions/6OTjphwd-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 2357.0=1; expires=Mon, 06 Feb 2023 21:28:23 GMT; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDZh99vMBqBhejgCaR5iEaaY4DeMfGvnR%2Fc7pZfCLjH3lEpsRONFFx%2FSCeYAptzvLHkUAT7MTarU1u2bcR5%2BPLXeP5gax10NiXaMuDq0Jkh8dlCH7l%2B%2FiJqqdBbXfJ%2BU98WW1cQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794ebdfe3c40b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6_icon.webp?mlf=1&cpa=6b659535-3a8e-4f88-81bc-06028847a098&mlc=1&format=default-slide-b_r-body
200 OK 916 B URL HTTP/2 static.bookmsg.com/creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6_icon.webp?mlf=1&cpa=6b659535-3a8e-4f88-81bc-06028847a098&mlc=1&format=default-slide-b_r-body
IP
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b39c6c47b61ba2b139286e67b72ed383
76ebb8bf79b05d9b8e7ac97c60584a5bf9a1b889
5161fac4a00a3e6f521940f1cd1a0fe91af77a3f5118c367c09a13e3c4af2a86
GET /creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6_icon.webp?mlf=1&cpa=6b659535-3a8e-4f88-81bc-06028847a098&mlc=1&format=default-slide-b_r-body HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: image/webp
content-length: 916
last-modified: Tue, 24 Nov 2020 14:21:29 GMT
etag: "5fbd16e9-394"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6_icon.webp?mlf=1&cpa=a736ac1e-4c2f-4516-b03f-8e3fedfe7ba4&mlc=1&format=androidWhatsAppCompact-slide-t_r-embed
200 OK 916 B URL HTTP/2 static.bookmsg.com/creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6_icon.webp?mlf=1&cpa=a736ac1e-4c2f-4516-b03f-8e3fedfe7ba4&mlc=1&format=androidWhatsAppCompact-slide-t_r-embed
IP
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b39c6c47b61ba2b139286e67b72ed383
76ebb8bf79b05d9b8e7ac97c60584a5bf9a1b889
5161fac4a00a3e6f521940f1cd1a0fe91af77a3f5118c367c09a13e3c4af2a86
GET /creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6_icon.webp?mlf=1&cpa=a736ac1e-4c2f-4516-b03f-8e3fedfe7ba4&mlc=1&format=androidWhatsAppCompact-slide-t_r-embed HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: image/webp
content-length: 916
last-modified: Tue, 24 Nov 2020 14:21:29 GMT
etag: "5fbd16e9-394"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6.webp
200 OK 3.1 kB URL HTTP/2 static.bookmsg.com/creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6.webp
IP
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 301x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e6fb1c8a975e3baa674a9697b007da8
2c4003068a1135f2eb4e6b9949e87d56f155967f
8cc4d376a19da509b7fdbb3a430ed1abbfca0b4faef8fd3ed0eec237705037f2
GET /creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: image/webp
content-length: 3134
last-modified: Tue, 24 Nov 2020 14:21:29 GMT
etag: "5fbd16e9-c3e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
12112336.pix-cdn.org/m/p/0/374/374539/conversions/uaDvnmZE-minify.jpg
200 OK 9.0 kB URL HTTP/2 12112336.pix-cdn.org/m/p/0/374/374539/conversions/uaDvnmZE-minify.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 300x200, components 3\012- data
Hash ac4fce2099a6cbd7264384fba760fc66
d95ed9daf1b4e01d98b089f6688319cc5e377aad
0e5e7942344997c25d52522d74def5e71eb22337f2fecf13ac63fe940bcdb176
GET /m/p/0/374/374539/conversions/uaDvnmZE-minify.jpg HTTP/1.1
Host: 12112336.pix-cdn.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: image/jpeg
content-length: 9014
server: nginx/1.12.2
last-modified: Sat, 30 Jul 2022 08:18:07 GMT
etag: "62e4e93f-2336"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 581b061cb1c3914dd3fccd6622aad79c
5e823075afdc7a6753895c7f41d545e2d2a9a3c4
6ae3860be91cca71a572e7135b992541690d4a31e3dddc37b68affd2e72f4e72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4060
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:29:33 GMT
Last-Modified: Sun, 05 Feb 2023 20:21:54 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 28722a81dd6194f41bee4e8714bd4af3
181ca47fb7d681257ceae92c3af80ed0f8798088
13d9f4e4a5e2ea847b2593614f3c1cda45bfe22913b3f76dcbefddb50c94b532
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13D9F4E4A5E2EA847B2593614F3C1CDA45BFE22913B3F76DCBEFDDB50C94B532"
Last-Modified: Sun, 05 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1861
Expires: Sun, 05 Feb 2023 22:00:34 GMT
Date: Sun, 05 Feb 2023 21:29:33 GMT
Connection: keep-alive
12112336.pix-cdn.org/m/p/0/374/374538/conversions/6OTjphwd-minify.jpg
200 OK 2.9 kB URL HTTP/2 12112336.pix-cdn.org/m/p/0/374/374538/conversions/6OTjphwd-minify.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3\012- data
Hash 66098442dc8934e8c6f5351e39d40e71
6bdebd9a664636433febe19afd7a5b37bff07126
b264aead392358ee4523a21bdd6726c1ec24c6ff849dbdf07dfd15bc6dedff4e
GET /m/p/0/374/374538/conversions/6OTjphwd-minify.jpg HTTP/1.1
Host: 12112336.pix-cdn.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: image/jpeg
content-length: 2921
server: nginx/1.12.2
last-modified: Sat, 30 Jul 2022 08:17:53 GMT
etag: "62e4e931-b69"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pompeydesigning.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cxRefTfxtviDxQzQUUU4RRZDweXbvzneXCEWYYGQRHCsJckMzMzt7Hjy3s8zs3p5dWURCLhC5dJTrz9mxIBEiFQ1I0ZoC5MpHgVxg0fEHIBAluvNJB6%2BY9z7zecXnfd77dC87IxQZO11732wrrdlCo0orV9dVHJrcVVbvVXxapdcr6yperF%2Bv9MeP7V3zaaNKX6%2B8K8WmWQioT6lP%2FcqysjIy%2FYUJC5U8afvVNq3Wg6rfqKNv%2F4td5sExD2HvjLwMFY7%2Bt%2FHTUyhRIu5%2Bc1O6zdQkb7zTzTRLjUUvPPwg3oxNHqM7KyPrIYoPp90wbkTIFxdg4sPpBDC9%2FfEE4GpEvF988PhwKhO8d3CulGvIGDx8DnmvhNQlFCshzH2o8IQAIsTqbcTdR6vG5mzrnGVjdkTm%2FvoDKh%2BRuV9fQdz9ekmrfuWu0VmqTOzQjwqofgnVKZFkR0i3Paj8CCL9BCokiLsFVHj6mt9uRcL3m%2FOLVDTm60FUm2%2F7QWteSr8pG9JfbHIxsUapEioqoeUAzF1E5jxkykMWecgSD93wtMIa7YjSZsSjWq1VF0LUakI0WothI6zVWxFFJsbaB0iTAYQeQNgdJHYHm%2BrhiX8Gmz2D2yjgQg8uJeiFBXJJkDuCnBHkiiBPCfJecRBqF7jiUahdxv1pDqa5VgxN2tljBybtyJjsJWfkpbFn3vPPvsWmPK1QGrR5qym4kDSii74MmAhaYcCbUYO3mwxOFVDuApjzsK1G5NLfV5CoEbnw4%2B%2Fg7AhOH0GoF8GyS2D5sBlQsI1hvUWxHT%2Fua9OTfqsqTBehKZCkc0i3vD19Rl6drO7amy9AiuMbowcfXv2zfABhCyS2wEfqB4KO3h3eMTnZv2NyR57eTlLVVdtsvNa7KUvlxa%2Fek1u5seHKTTf48i0xJsblk3vSpbdYHKq448jjJRWG0i4bKyT5fsWtS76WuY2lzMZZcmvt7eWVbmKlc8rEJZg6cZ9BqBH5%2F%2B7nk4O9fOVjKFvCZgW62TGZBpQpIZIduGSm3hkCq2c9PPGQZ8XQBnz2qRWBljPMeAH3L8xn9Z7bRcd6YOn9yZn2bIGeLsD0AC67OEwTe3zj59okwLU35Np6%2B1xb%2FfDcWqdOK7IR0UjSQPKozaMmo2E7qrc5a%2FuyyRvMR%2BpG4rfL3%2F0DAAD%2F%2FwEAAP%2F%2FV6MWqogEAAA%3D
200 OK 7 B URL HTTP/1.1 pompeydesigning.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cxRefTfxtviDxQzQUUU4RRZDweXbvzneXCEWYYGQRHCsJckMzMzt7Hjy3s8zs3p5dWURCLhC5dJTrz9mxIBEiFQ1I0ZoC5MpHgVxg0fEHIBAluvNJB6%2BY9z7zecXnfd77dC87IxQZO11732wrrdlCo0orV9dVHJrcVVbvVXxapdcr6yperF%2Bv9MeP7V3zaaNKX6%2B8K8WmWQioT6lP%2FcqysjIy%2FYUJC5U8afvVNq3Wg6rfqKNv%2F4td5sExD2HvjLwMFY7%2Bt%2FHTUyhRIu5%2Bc1O6zdQkb7zTzTRLjUUvPPwg3oxNHqM7KyPrIYoPp90wbkTIFxdg4sPpBDC9%2FfEE4GpEvF988PhwKhO8d3CulGvIGDx8DnmvhNQlFCshzH2o8IQAIsTqbcTdR6vG5mzrnGVjdkTm%2FvoDKh%2BRuV9fQdz9ekmrfuWu0VmqTOzQjwqofgnVKZFkR0i3Paj8CCL9BCokiLsFVHj6mt9uRcL3m%2FOLVDTm60FUm2%2F7QWteSr8pG9JfbHIxsUapEioqoeUAzF1E5jxkykMWecgSD93wtMIa7YjSZsSjWq1VF0LUakI0WothI6zVWxFFJsbaB0iTAYQeQNgdJHYHm%2BrhiX8Gmz2D2yjgQg8uJeiFBXJJkDuCnBHkiiBPCfJecRBqF7jiUahdxv1pDqa5VgxN2tljBybtyJjsJWfkpbFn3vPPvsWmPK1QGrR5qym4kDSii74MmAhaYcCbUYO3mwxOFVDuApjzsK1G5NLfV5CoEbnw4%2B%2Fg7AhOH0GoF8GyS2D5sBlQsI1hvUWxHT%2Fua9OTfqsqTBehKZCkc0i3vD19Rl6drO7amy9AiuMbowcfXv2zfABhCyS2wEfqB4KO3h3eMTnZv2NyR57eTlLVVdtsvNa7KUvlxa%2Fek1u5seHKTTf48i0xJsblk3vSpbdYHKq448jjJRWG0i4bKyT5fsWtS76WuY2lzMZZcmvt7eWVbmKlc8rEJZg6cZ9BqBH5%2F%2B7nk4O9fOVjKFvCZgW62TGZBpQpIZIduGSm3hkCq2c9PPGQZ8XQBnz2qRWBljPMeAH3L8xn9Z7bRcd6YOn9yZn2bIGeLsD0AC67OEwTe3zj59okwLU35Np6%2B1xb%2FfDcWqdOK7IR0UjSQPKozaMmo2E7qrc5a%2FuyyRvMR%2BpG4rfL3%2F0DAAD%2F%2FwEAAP%2F%2FV6MWqogEAAA%3D
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cxRefTfxtviDxQzQUUU4RRZDweXbvzneXCEWYYGQRHCsJckMzMzt7Hjy3s8zs3p5dWURCLhC5dJTrz9mxIBEiFQ1I0ZoC5MpHgVxg0fEHIBAluvNJB6%2BY9z7zecXnfd77dC87IxQZO11732wrrdlCo0orV9dVHJrcVVbvVXxapdcr6yperF%2Bv9MeP7V3zaaNKX6%2B8K8WmWQioT6lP%2FcqysjIy%2FYUJC5U8afvVNq3Wg6rfqKNv%2F4td5sExD2HvjLwMFY7%2Bt%2FHTUyhRIu5%2Bc1O6zdQkb7zTzTRLjUUvPPwg3oxNHqM7KyPrIYoPp90wbkTIFxdg4sPpBDC9%2FfEE4GpEvF988PhwKhO8d3CulGvIGDx8DnmvhNQlFCshzH2o8IQAIsTqbcTdR6vG5mzrnGVjdkTm%2FvoDKh%2BRuV9fQdz9ekmrfuWu0VmqTOzQjwqofgnVKZFkR0i3Paj8CCL9BCokiLsFVHj6mt9uRcL3m%2FOLVDTm60FUm2%2F7QWteSr8pG9JfbHIxsUapEioqoeUAzF1E5jxkykMWecgSD93wtMIa7YjSZsSjWq1VF0LUakI0WothI6zVWxFFJsbaB0iTAYQeQNgdJHYHm%2BrhiX8Gmz2D2yjgQg8uJeiFBXJJkDuCnBHkiiBPCfJecRBqF7jiUahdxv1pDqa5VgxN2tljBybtyJjsJWfkpbFn3vPPvsWmPK1QGrR5qym4kDSii74MmAhaYcCbUYO3mwxOFVDuApjzsK1G5NLfV5CoEbnw4%2B%2Fg7AhOH0GoF8GyS2D5sBlQsI1hvUWxHT%2Fua9OTfqsqTBehKZCkc0i3vD19Rl6drO7amy9AiuMbowcfXv2zfABhCyS2wEfqB4KO3h3eMTnZv2NyR57eTlLVVdtsvNa7KUvlxa%2Fek1u5seHKTTf48i0xJsblk3vSpbdYHKq448jjJRWG0i4bKyT5fsWtS76WuY2lzMZZcmvt7eWVbmKlc8rEJZg6cZ9BqBH5%2F%2B7nk4O9fOVjKFvCZgW62TGZBpQpIZIduGSm3hkCq2c9PPGQZ8XQBnz2qRWBljPMeAH3L8xn9Z7bRcd6YOn9yZn2bIGeLsD0AC67OEwTe3zj59okwLU35Np6%2B1xb%2FfDcWqdOK7IR0UjSQPKozaMmo2E7qrc5a%2FuyyRvMR%2BpG4rfL3%2F0DAAD%2F%2FwEAAP%2F%2FV6MWqogEAAA%3D HTTP/1.1
Host: pompeydesigning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Cookie: u_pl=17612983; uid_id2=198fc117-60c5-42f3-9128-ee17e5e167bc:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:29:33 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d83787d6837f8d05a5a8c1b937d4c4e2
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5fc2e5e3dacb5f1694d1a313e41dfeff
a2b4b4257d0b674a067709e7fb363aaefb49b527
9bbe470357f73baef6b70ea5c067c0f513822d705a2b7b1c5c5b3711b90dfd11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BBE470357F73BAEF6B70EA5C067C0F513822D705A2B7B1C5C5B3711B90DFD11"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14186
Expires: Mon, 06 Feb 2023 01:25:59 GMT
Date: Sun, 05 Feb 2023 21:29:33 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 6eac904305f0af9ac8425ba6638af743
6cc700dcc996020985e64492e8d9df7c498d861b
97a04042d25ff5aba9e8e6b99828405fc609275c375530f777a4a5d57e4cede3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "97A04042D25FF5ABA9E8E6B99828405FC609275C375530F777A4A5D57E4CEDE3"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=851
Expires: Sun, 05 Feb 2023 21:43:44 GMT
Date: Sun, 05 Feb 2023 21:29:33 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=198fc117-60c5-42f3-9128-ee17e5e167bc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=1&pk=0029b87cbce0f061e2ac28d2b7f5b97a&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=198fc117-60c5-42f3-9128-ee17e5e167bc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=1&pk=0029b87cbce0f061e2ac28d2b7f5b97a&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=198fc117-60c5-42f3-9128-ee17e5e167bc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=1&pk=0029b87cbce0f061e2ac28d2b7f5b97a&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:29:33 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea91d2d8cf712907e055acc27427dbb8
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dee62a2a013d4ee8d946cfdb1f4be459
17d8d9f9e538b311321383f7a26f258730f6fe52
e25753484ff7daa3fe858dcf3173286fe242afd6fd13732f8fc38b7b7940a7ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E25753484FF7DAA3FE858DCF3173286FE242AFD6FD13732F8FC38B7B7940A7CA"
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6835
Expires: Sun, 05 Feb 2023 23:23:28 GMT
Date: Sun, 05 Feb 2023 21:29:33 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 6eac904305f0af9ac8425ba6638af743
6cc700dcc996020985e64492e8d9df7c498d861b
97a04042d25ff5aba9e8e6b99828405fc609275c375530f777a4a5d57e4cede3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "97A04042D25FF5ABA9E8E6B99828405FC609275C375530F777A4A5D57E4CEDE3"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17606
Expires: Mon, 06 Feb 2023 02:22:59 GMT
Date: Sun, 05 Feb 2023 21:29:33 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/4d/4a/74/4d4a74b19a14385ab3d7176c906ea94b/1669388730.png
200 OK 87 kB URL HTTP/2 cdn.cloudimagesb.com/si/4d/4a/74/4d4a74b19a14385ab3d7176c906ea94b/1669388730.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash bf05659ee8411e39a9c3736736293d47
d86d4f9d1c16c38003a9f6cd8a6ece38f511755c
cd335b6e2e50e4474fb5276d9def3e7629e1d9278a2d597ccc09c896228e01c2
GET /si/4d/4a/74/4d4a74b19a14385ab3d7176c906ea94b/1669388730.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: image/png
content-length: 86644
server: nginx/1.17.6
last-modified: Fri, 25 Nov 2022 15:05:39 GMT
etag: "6380d9c3-15274"
expires: Tue, 07 Feb 2023 21:29:33 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash c4b9c6ba1c417d1bd7ae7079f59a7156
a177036e207d486c693d4ade883e156251895ce6
793fe618b649259dca831e65a07f2a231b67d9115e5542c932f4744f8ba7e75c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 06:57:09 GMT
Expires: Sun, 12 Feb 2023 06:57:08 GMT
Etag: "a177036e207d486c693d4ade883e156251895ce6"
Cache-Control: max-age=551854,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ebdf6cbd01bfa-OSL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 462027
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 602853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pompeydesigning.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cxRefTfxtviDxQzQUUU4RRZDweXbvzneXCEWYYGQRHCsJckMzOzN7Hjy3s8zs3p5dWURCLhC5dJTrz9mxIBEiFQ1I0ZoC5MpHgVxg0fEHIBAluvNJB6%2BY9958XvF5n8%2F7dC87IxQZO11732wrrdlCo0orV9dVLEzuKqv3Kj6t0uuVdRUv1q9X%2BuPH9q75tFGlr1felXzTLATUp9SnfmVZWRmZ%2FsIEhUqetP1qm1brQdVv1NG3%2F%2B1d5sExD6J3Rl6GEqP%2Fbfz0FIqXiLvf3JRuMzXJG%2B90M81SY9EThx%2FEm7HJY3RnZWQ9RPHhdBrGjQj54gJMfDjdAKa3P94AoRoR7xcfYXw4pYmwd3DONNSQMULxHPJeCalLKFaCm%2FtQ4oQAXGD1NuLuo1Vjc7Z1jrIxOiJzf%2F0BlY%2FI3K%2BvIO5%2BvaRVv3LX6CxVJnboRwVUv4TqlEiyI6TbHlR%2BBJ5%2BAiUI4m4BJU5f89utiPt%2Bc36R8sZ8PYhq820%2FaM1L6TdlQ%2FqLzZBPpFGqhIpKaDkAcxeROQ%2BZ8pBFHrLEQ1ecVlijHVHajMKoVmvVOee1GueN1qJoiFq9FVFkfMx9gDQZgOsBuN1BYnewqR6e%2BGew2TO4jQJOeHApQU8UyCVB7ghyRpArgjwlyHvFgdAucMUjoV0W%2BtMcTHOtGJq0s8cOTNqRMdlLzshLY8285599i015WqE0aIetJg%2B5pBFd9GXAeNASQdiMGmG7yeBUAeUugDkP22pELv19BYkakQs%2F%2Fo6QHcHpI3D1Ilh2CSwfNgMKtjGstyi248d9bXrSb1W56UKYAkk6h3TL29Nn5NWJddfefAGSH98YPfjw6p%2FlA3BbILEFPlI%2FEHT07vCOycn%2BHZM78vR2kqqu2mZjW%2B%2BmLJUXv3pPbuXGipWbbvDlW3wMjMsn96RLb7FYqLjjyOMlJYS0y8ZySb5fcesyXMvcxlJm4yy5tfb28ko3sdI5ZeISTJ24z8DViPx%2F9%2FPJwV6%2B8jGULWGzAt3smEwDypTgyQ5cMmPvDIHVs5kw8ZBnxdAG4exTKwItZz0LC7h%2F9eGs3nO76FgPLL0%2FOdOeLdDTBZgewGUXh2lij2%2F8XJsEQu0NQ229%2FVBb%2FfBcWqdOKw2%2FLltji4UIJRd%2BM6i1apQGQtSbbem3kboR%2F%2B3yd%2F8AAAD%2F%2FwEAAP%2F%2FQ6uYTIgEAAA%3D
200 OK 7 B URL HTTP/1.1 pompeydesigning.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cxRefTfxtviDxQzQUUU4RRZDweXbvzneXCEWYYGQRHCsJckMzOzN7Hjy3s8zs3p5dWURCLhC5dJTrz9mxIBEiFQ1I0ZoC5MpHgVxg0fEHIBAluvNJB6%2BY9958XvF5n8%2F7dC87IxQZO11732wrrdlCo0orV9dVLEzuKqv3Kj6t0uuVdRUv1q9X%2BuPH9q75tFGlr1felXzTLATUp9SnfmVZWRmZ%2FsIEhUqetP1qm1brQdVv1NG3%2F%2B1d5sExD6J3Rl6GEqP%2Fbfz0FIqXiLvf3JRuMzXJG%2B90M81SY9EThx%2FEm7HJY3RnZWQ9RPHhdBrGjQj54gJMfDjdAKa3P94AoRoR7xcfYXw4pYmwd3DONNSQMULxHPJeCalLKFaCm%2FtQ4oQAXGD1NuLuo1Vjc7Z1jrIxOiJzf%2F0BlY%2FI3K%2BvIO5%2BvaRVv3LX6CxVJnboRwVUv4TqlEiyI6TbHlR%2BBJ5%2BAiUI4m4BJU5f89utiPt%2Bc36R8sZ8PYhq820%2FaM1L6TdlQ%2FqLzZBPpFGqhIpKaDkAcxeROQ%2BZ8pBFHrLEQ1ecVlijHVHajMKoVmvVOee1GueN1qJoiFq9FVFkfMx9gDQZgOsBuN1BYnewqR6e%2BGew2TO4jQJOeHApQU8UyCVB7ghyRpArgjwlyHvFgdAucMUjoV0W%2BtMcTHOtGJq0s8cOTNqRMdlLzshLY8285599i015WqE0aIetJg%2B5pBFd9GXAeNASQdiMGmG7yeBUAeUugDkP22pELv19BYkakQs%2F%2Fo6QHcHpI3D1Ilh2CSwfNgMKtjGstyi248d9bXrSb1W56UKYAkk6h3TL29Nn5NWJddfefAGSH98YPfjw6p%2FlA3BbILEFPlI%2FEHT07vCOycn%2BHZM78vR2kqqu2mZjW%2B%2BmLJUXv3pPbuXGipWbbvDlW3wMjMsn96RLb7FYqLjjyOMlJYS0y8ZySb5fcesyXMvcxlJm4yy5tfb28ko3sdI5ZeISTJ24z8DViPx%2F9%2FPJwV6%2B8jGULWGzAt3smEwDypTgyQ5cMmPvDIHVs5kw8ZBnxdAG4exTKwItZz0LC7h%2F9eGs3nO76FgPLL0%2FOdOeLdDTBZgewGUXh2lij2%2F8XJsEQu0NQ229%2FVBb%2FfBcWqdOKw2%2FLltji4UIJRd%2BM6i1apQGQtSbbem3kboR%2F%2B3yd%2F8AAAD%2F%2FwEAAP%2F%2FQ6uYTIgEAAA%3D
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cxRefTfxtviDxQzQUUU4RRZDweXbvzneXCEWYYGQRHCsJckMzOzN7Hjy3s8zs3p5dWURCLhC5dJTrz9mxIBEiFQ1I0ZoC5MpHgVxg0fEHIBAluvNJB6%2BY9958XvF5n8%2F7dC87IxQZO11732wrrdlCo0orV9dVLEzuKqv3Kj6t0uuVdRUv1q9X%2BuPH9q75tFGlr1felXzTLATUp9SnfmVZWRmZ%2FsIEhUqetP1qm1brQdVv1NG3%2F%2B1d5sExD6J3Rl6GEqP%2Fbfz0FIqXiLvf3JRuMzXJG%2B90M81SY9EThx%2FEm7HJY3RnZWQ9RPHhdBrGjQj54gJMfDjdAKa3P94AoRoR7xcfYXw4pYmwd3DONNSQMULxHPJeCalLKFaCm%2FtQ4oQAXGD1NuLuo1Vjc7Z1jrIxOiJzf%2F0BlY%2FI3K%2BvIO5%2BvaRVv3LX6CxVJnboRwVUv4TqlEiyI6TbHlR%2BBJ5%2BAiUI4m4BJU5f89utiPt%2Bc36R8sZ8PYhq820%2FaM1L6TdlQ%2FqLzZBPpFGqhIpKaDkAcxeROQ%2BZ8pBFHrLEQ1ecVlijHVHajMKoVmvVOee1GueN1qJoiFq9FVFkfMx9gDQZgOsBuN1BYnewqR6e%2BGew2TO4jQJOeHApQU8UyCVB7ghyRpArgjwlyHvFgdAucMUjoV0W%2BtMcTHOtGJq0s8cOTNqRMdlLzshLY8285599i015WqE0aIetJg%2B5pBFd9GXAeNASQdiMGmG7yeBUAeUugDkP22pELv19BYkakQs%2F%2Fo6QHcHpI3D1Ilh2CSwfNgMKtjGstyi248d9bXrSb1W56UKYAkk6h3TL29Nn5NWJddfefAGSH98YPfjw6p%2FlA3BbILEFPlI%2FEHT07vCOycn%2BHZM78vR2kqqu2mZjW%2B%2BmLJUXv3pPbuXGipWbbvDlW3wMjMsn96RLb7FYqLjjyOMlJYS0y8ZySb5fcesyXMvcxlJm4yy5tfb28ko3sdI5ZeISTJ24z8DViPx%2F9%2FPJwV6%2B8jGULWGzAt3smEwDypTgyQ5cMmPvDIHVs5kw8ZBnxdAG4exTKwItZz0LC7h%2F9eGs3nO76FgPLL0%2FOdOeLdDTBZgewGUXh2lij2%2F8XJsEQu0NQ229%2FVBb%2FfBcWqdOKw2%2FLltji4UIJRd%2BM6i1apQGQtSbbem3kboR%2F%2B3yd%2F8AAAD%2F%2FwEAAP%2F%2FQ6uYTIgEAAA%3D HTTP/1.1
Host: pompeydesigning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Cookie: u_pl=17612983; uid_id2=198fc117-60c5-42f3-9128-ee17e5e167bc:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:29:33 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 023de6b79a458a41ab5dc0ea60d4d0f2
Strict-Transport-Security: max-age=0; includeSubdomains
pompeydesigning.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 pompeydesigning.com/pixel/sbs?c=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: pompeydesigning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Cookie: u_pl=17612983; uid_id2=198fc117-60c5-42f3-9128-ee17e5e167bc:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:29:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
track.trackingtraffo.com/push/ic?auth=r19um2&c=16fJudvgJLOEuyh0Duz5xsGkv8efklAlQavvxWzzasypHnxzMdMGTlFYYuahF05qjYdptPVycasZ9tMY1Uz8IIMDc-xcrqe9CwLNQTYwuVLb6mRvXlvcs5pEl8j8VZXSZdYnZLCeZMnNz02c5yHVHmn4dUsoKD7mPBwh2WJzVoJh5jBEgnxCT8cez10M6QLYdErkynxhYzkjJZsSEibrSjLIl5rK-o3HbGA0xGnj9rd-v_0M_rUaD75vuiZDr_9tSIrWjEaxeTXYY9icfxoV8ISMDgks4ieaMLvkBlSJHl37ijIkpBmd6Lk0oGo8b_CwrkHcS_bua_TRdeu8mFcmTSAJYksuwZV4DYWH17W1-R_CIzSscO_c5Xyd7cm-3XYR73lwp3UZWuNRZlQCbzMTuLESOAiz0mdSsujE5AmiTD0XTW2ApKx4OcDgIsgrNfi0Px6t4VUizConht9gaO59M983pbyijmWku_dxn7oo1Fvk4rIl-sNR534h56bGDQ2qIFf5A3eM2cpCTi8CfVxb0ysjZfxC_P6z&cpa=01c3b334-2b1d-4d91-bba7-73772d60efb4&format=default-slide-b_r-body
302 Found 0 B URL HTTP/1.1 track.trackingtraffo.com/push/ic?auth=r19um2&c=16fJudvgJLOEuyh0Duz5xsGkv8efklAlQavvxWzzasypHnxzMdMGTlFYYuahF05qjYdptPVycasZ9tMY1Uz8IIMDc-xcrqe9CwLNQTYwuVLb6mRvXlvcs5pEl8j8VZXSZdYnZLCeZMnNz02c5yHVHmn4dUsoKD7mPBwh2WJzVoJh5jBEgnxCT8cez10M6QLYdErkynxhYzkjJZsSEibrSjLIl5rK-o3HbGA0xGnj9rd-v_0M_rUaD75vuiZDr_9tSIrWjEaxeTXYY9icfxoV8ISMDgks4ieaMLvkBlSJHl37ijIkpBmd6Lk0oGo8b_CwrkHcS_bua_TRdeu8mFcmTSAJYksuwZV4DYWH17W1-R_CIzSscO_c5Xyd7cm-3XYR73lwp3UZWuNRZlQCbzMTuLESOAiz0mdSsujE5AmiTD0XTW2ApKx4OcDgIsgrNfi0Px6t4VUizConht9gaO59M983pbyijmWku_dxn7oo1Fvk4rIl-sNR534h56bGDQ2qIFf5A3eM2cpCTi8CfVxb0ysjZfxC_P6z&cpa=01c3b334-2b1d-4d91-bba7-73772d60efb4&format=default-slide-b_r-body
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push/ic?auth=r19um2&c=16fJudvgJLOEuyh0Duz5xsGkv8efklAlQavvxWzzasypHnxzMdMGTlFYYuahF05qjYdptPVycasZ9tMY1Uz8IIMDc-xcrqe9CwLNQTYwuVLb6mRvXlvcs5pEl8j8VZXSZdYnZLCeZMnNz02c5yHVHmn4dUsoKD7mPBwh2WJzVoJh5jBEgnxCT8cez10M6QLYdErkynxhYzkjJZsSEibrSjLIl5rK-o3HbGA0xGnj9rd-v_0M_rUaD75vuiZDr_9tSIrWjEaxeTXYY9icfxoV8ISMDgks4ieaMLvkBlSJHl37ijIkpBmd6Lk0oGo8b_CwrkHcS_bua_TRdeu8mFcmTSAJYksuwZV4DYWH17W1-R_CIzSscO_c5Xyd7cm-3XYR73lwp3UZWuNRZlQCbzMTuLESOAiz0mdSsujE5AmiTD0XTW2ApKx4OcDgIsgrNfi0Px6t4VUizConht9gaO59M983pbyijmWku_dxn7oo1Fvk4rIl-sNR534h56bGDQ2qIFf5A3eM2cpCTi8CfVxb0ysjZfxC_P6z&cpa=01c3b334-2b1d-4d91-bba7-73772d60efb4&format=default-slide-b_r-body HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 05 Feb 2023 21:29:34 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National Casino black.png
track.trackingtraffo.com/push/im?auth=r19um2&c=fl7Jq04Bfx3rq0L8Sz23BNtudmRpRKOZnxMsjAz9ZMqAPwJfxVJRSSCGnY-xEofqxIyp-h7FR4m6toGzEfySMyCS1B7rZkc9TmG8_ndLDuou8DlwU8QQkE057VpWG5b8BkfiO-WuNKHUbTLp6BxnYmbJDLtKN0yL6jt-zpu8XjS52BmIMk3bN-IFMTTVVxT-RSOmnlT50CmzqFC4K0ThiXdYKh5NAK_DBtfbn-qBY_mig1kj9g_0iQ09DsxtRwhT6AeEqA5kQAyZUiJl24P78qgUAnuPdFo5Ht9--uYjjJIqc-PIJKtJYkqDsSNjLoR4bkz6_EHJHqvYYxGFBEFD51YZvwtmFMYJ7WsnRsd8TGA5msGz77b-7LrrMMLyZDa06IvgUZ2rP_AnwaWpLw1KkM1sOjqXjyRe_5Y_Hzyig_9lp5Tpjzv7Q63QqnkPsz4NLiZwtcUWO4mMr3eBF8Le3u4WehFQXnhLz0-m2fCEfdLDtSj8XOx3OG480rVI-1D-Dt0qwRLk76IKwoC1rIZ4xA
302 Found 0 B URL HTTP/1.1 track.trackingtraffo.com/push/im?auth=r19um2&c=fl7Jq04Bfx3rq0L8Sz23BNtudmRpRKOZnxMsjAz9ZMqAPwJfxVJRSSCGnY-xEofqxIyp-h7FR4m6toGzEfySMyCS1B7rZkc9TmG8_ndLDuou8DlwU8QQkE057VpWG5b8BkfiO-WuNKHUbTLp6BxnYmbJDLtKN0yL6jt-zpu8XjS52BmIMk3bN-IFMTTVVxT-RSOmnlT50CmzqFC4K0ThiXdYKh5NAK_DBtfbn-qBY_mig1kj9g_0iQ09DsxtRwhT6AeEqA5kQAyZUiJl24P78qgUAnuPdFo5Ht9--uYjjJIqc-PIJKtJYkqDsSNjLoR4bkz6_EHJHqvYYxGFBEFD51YZvwtmFMYJ7WsnRsd8TGA5msGz77b-7LrrMMLyZDa06IvgUZ2rP_AnwaWpLw1KkM1sOjqXjyRe_5Y_Hzyig_9lp5Tpjzv7Q63QqnkPsz4NLiZwtcUWO4mMr3eBF8Le3u4WehFQXnhLz0-m2fCEfdLDtSj8XOx3OG480rVI-1D-Dt0qwRLk76IKwoC1rIZ4xA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push/im?auth=r19um2&c=fl7Jq04Bfx3rq0L8Sz23BNtudmRpRKOZnxMsjAz9ZMqAPwJfxVJRSSCGnY-xEofqxIyp-h7FR4m6toGzEfySMyCS1B7rZkc9TmG8_ndLDuou8DlwU8QQkE057VpWG5b8BkfiO-WuNKHUbTLp6BxnYmbJDLtKN0yL6jt-zpu8XjS52BmIMk3bN-IFMTTVVxT-RSOmnlT50CmzqFC4K0ThiXdYKh5NAK_DBtfbn-qBY_mig1kj9g_0iQ09DsxtRwhT6AeEqA5kQAyZUiJl24P78qgUAnuPdFo5Ht9--uYjjJIqc-PIJKtJYkqDsSNjLoR4bkz6_EHJHqvYYxGFBEFD51YZvwtmFMYJ7WsnRsd8TGA5msGz77b-7LrrMMLyZDa06IvgUZ2rP_AnwaWpLw1KkM1sOjqXjyRe_5Y_Hzyig_9lp5Tpjzv7Q63QqnkPsz4NLiZwtcUWO4mMr3eBF8Le3u4WehFQXnhLz0-m2fCEfdLDtSj8XOx3OG480rVI-1D-Dt0qwRLk76IKwoC1rIZ4xA HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 05 Feb 2023 21:29:34 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995125-national-casino.png
ocsp.sectigo.com/
200 OK 471 B IP
Hash 50f52293e1b9386e2617ce890b226aa0
dfd88d17dfcc3fe0877f0eaa1dfa368625985b6a
3b2aef917a90a806f8ba3eb16a82beec567f146a22b1f2a1ae04d6e08cb2d202
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 18:28:18 GMT
Expires: Sat, 11 Feb 2023 18:28:17 GMT
Etag: "dfd88d17dfcc3fe0877f0eaa1dfa368625985b6a"
Cache-Control: max-age=506922,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ebdff081fb4f1-OSL
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
200 OK 5.2 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 893c6b0ea504404256170613eea59c12
4096c8f6cb60a0a46e3389a1d7a0589402e64aa9
d9c6803b97d1001dc246627fae404c119c02d17700ed659f3990cee2c9aaac9b
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 886232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlmGkLhwWaHuyp4M9Pf6MEWCQq%2Bju2CVCxXwNaJjYmXgdW4nibj7oPw6%2Bbw0WwC6niTADaNm3uoYsAE9K2gGc2nRPgH5roC%2B3LslVPBlTg7Q%2FtFEMly2F%2FMj0AWf0fcBerxsSzAhazrq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ebe001b9572e2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png
200 OK 4.5 kB URL HTTP/1.1 ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 58be17b22d6e1178a54c92cf862c817e
b821bc2f016751647df49e49863077e927a70322
9cc4f3f40313b08baf54c956685ac7a21ac8a3573908b9763865c6f613ce1b5f
GET /creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png HTTP/1.1
Host: ads.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 05 Feb 2023 21:29:34 GMT
Content-Type: image/png
Content-Length: 4456
Last-Modified: Wed, 18 Jan 2023 15:38:44 GMT
Connection: keep-alive
ETag: "63c81284-1168"
Accept-Ranges: bytes
ocsp.sectigo.com/
200 OK 471 B IP
Hash 50f52293e1b9386e2617ce890b226aa0
dfd88d17dfcc3fe0877f0eaa1dfa368625985b6a
3b2aef917a90a806f8ba3eb16a82beec567f146a22b1f2a1ae04d6e08cb2d202
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:29:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 18:28:18 GMT
Expires: Sat, 11 Feb 2023 18:28:17 GMT
Etag: "dfd88d17dfcc3fe0877f0eaa1dfa368625985b6a"
Cache-Control: max-age=506922,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ebdff1c9bb4ed-OSL
c.adsco.re/
200 OK 0 B IP
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:30 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 08 Mar 2023 21:29:30 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 2037
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ebdf04ae8b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.canstrm.com/pb/downloads/latest/clickadilla-vast.min.js
200 OK 0 B URL HTTP/2 js.canstrm.com/pb/downloads/latest/clickadilla-vast.min.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /pb/downloads/latest/clickadilla-vast.min.js HTTP/1.1
Host: js.canstrm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:31 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 31 Jan 2023 07:46:40 GMT
etag: W/"63d8c760-5556"
content-encoding: gzip
expires: Sun, 05 Feb 2023 21:34:31 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrb7Q3Vg4FG0SjoFqctOyWZB5n5wNmh3atQufczsIQi1FjTrClVL%2FW7SrJGMyPLF12wLsQfNnMz5AotmHgWZHi%2F3FxiXR457FlHDgityfyZfNP%2BhRWaLC039dGHmHwdQHJXNSMPCLeeo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ebdffdb5472e2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.canstrm.com/in-stream-ad-admanager/build.js
200 OK 0 B URL HTTP/2 js.canstrm.com/in-stream-ad-admanager/build.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /in-stream-ad-admanager/build.js HTTP/1.1
Host: js.canstrm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:31 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 31 Jan 2023 07:46:40 GMT
etag: W/"63d8c760-5156"
content-encoding: gzip
expires: Sun, 05 Feb 2023 21:34:31 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hafLayM9IV71RunBC63flh2z5AgEzXasSM7OeRyagUVRLARWMcuaJwgqb7Gc%2FbNXW5K7QyFM1oc6m8PDOGXxlWUqSLBPddMCHRhZIywZI8lX6Rxh5JMX%2B4xhHNFclC37nlPLXkkMZKJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ebdffeb5a72e2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700,300
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700,300
IP
GET /css?family=Open+Sans:400,700,300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 21:29:30 GMT
date: Sun, 05 Feb 2023 21:29:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
media.aso1.net/js/code.min.js
200 OK 0 B URL HTTP/2 media.aso1.net/js/code.min.js
IP
GET /js/code.min.js HTTP/1.1
Host: media.aso1.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:30 GMT
content-type: application/javascript
last-modified: Sat, 28 Jan 2023 15:37:13 GMT
etag: W/"63d54129-8dd6"
expires: Wed, 01 Feb 2023 17:47:09 GMT
cache-control: max-age=259200
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-cache-status: HIT
age: 617507
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovKLPisO6tjQRWHV%2BYGl1XnAFLTxD2k7qmZrWlsGDTXs0uAd3sbVWxgFJfl4k4JNUr3Io6bCYn6yfT8uMK9rFJAazgNFWWUEUalErcAVGL2Ct9b3qpOIwkxuiuX6QaFtvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ebdea9fe8772c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.karpatzi.com/app.js
200 OK 0 B IP
ASN #34989 ServeTheWorld AS
GET /app.js HTTP/1.1
Host: cdn.karpatzi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:30 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 244525
cdn-uid: 81f0ee8a-6b19-463e-a8be-46c199377685
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=2592000
etag: W/"6362930f-1b27b"
expires: Sun, 25 Dec 2022 21:22:14 GMT
last-modified: Wed, 02 Nov 2022 15:55:59 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXoC0Oqtec%2BnVAcnpGVA9wWbJbXt%2BosWbZYCDpEpeUqY9995p9r%2BWNtH8W9yvMre3m5yY7vThhhTextFa%2FEOvSxAhYlJ7uNORTehmaZAOfgKwlfKygFHbpQ9RdIe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 76fd704a1d3f1bfe-OSL
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/25/2022 21:22:14
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 64eac2b7199e8f0472d53e8a71723c35
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
js.wpushsdk.com/npc/sdk/wpu/npush.m.js
200 OK 0 B URL HTTP/2 js.wpushsdk.com/npc/sdk/wpu/npush.m.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:31 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 03 Feb 2023 12:56:56 GMT
etag: W/"63dd0498-4fa40"
content-encoding: gzip
expires: Sun, 05 Feb 2023 21:34:31 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 05 Feb 2023 22:29:33 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaimoe.me
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:33 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqCge%2BLJN9WpMbrZakvceNVAMkYECtHev1rBCs6IDxp3TT7RUB8AcTIJZZ8GuoHH5jk9jKhF9qE%2BRKc%2BEK7DQcRVsq1Gn3Q6IdDrHnELys6sIf5w8vqmLmIrqGDdOFWA7sMPdHl8uiyV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ebe001b8a72e2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hentaimoe.me/anime/koakuma-kanojo-animation/
200 OK 0 B URL HTTP/2 hentaimoe.me/anime/koakuma-kanojo-animation/
IP
GET /anime/koakuma-kanojo-animation/ HTTP/1.1
Host: hentaimoe.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33, PleskLin
link: <https://hentaimoe.me/wp-json/>; rel="https://api.w.org/", <https://hentaimoe.me/?p=2523>; rel=shortlink
vary: Accept-Encoding
x-cache-status: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJeDFQnPbjiy3wPSMd%2BKsSVhu4CoA0g4qIAsj7%2BO0CPsiPQ7wsmdH7BLB0fnnzjsRlxfRewJir2hu3ss303RHKydTEPiuGzcmmdb%2FgZ%2FLQEzgBXwcalMR5svdwUtlwA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794ebde83d18b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 35bede202991e3f905b77d05d9410b5a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 05 Feb 2023 21:29:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWSO%2FwtXUFIq0XlaDAO%2BU3YU9jg9%2FKbvSm8k2t86n0%2B58VVyouiuziV244sob%2F4GUVzRgKR0qsw6DqJWKon1gLqyKTAboUO7FPy5K50n2eDZRpOXQbJaibf1RyD53BUFTDLkrRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ebdf6e81d776d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.m.js
200 OK 0 B URL HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaimoe.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:29:30 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 02 Feb 2023 09:20:02 GMT
etag: W/"63db8042-18c39"
content-encoding: gzip
expires: Sun, 05 Feb 2023 21:34:30 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
104.21.63.46
35.241.9.150
185.200.116.90
151.101.84.193
185.200.118.90
94.130.198.6
188.114.96.1
95.101.11.115
95.211.229.247