Report - 37.1.209.213/xD252Hx3?host=televipitalia.it/&mark=15022022_2shab_1000k_10itHesh_320k_noSUB&keyword=power%20bi%20make%20multi%20row%20card%20horizontal&template=&se

Report Overview

Submitted URL
37.1.209.213/xD252Hx3?host=televipitalia.it/&mark=15022022_2shab_1000k_10itHesh_320k_noSUB&keyword=power%20bi%20make%20multi%20row%20card%20horizontal&template=&se_referrer=www.google.com/
IP
37.1.209.213
ASN
#29802 HVC-AS
Submitted
2022-12-06 12:44:15
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	993 B	52 kB	142.250.74.163
p.typekit.net	620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	338 B	95.101.11.112
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
37.1.209.213	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	519 B	384 B	37.1.209.213
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.gaming-adult.com	315167	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	635 B	932 B	18.194.134.212
eggs-ext.kinkoid.com	552669	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	555 B	275 B	94.75.250.120
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	746 B	142.250.74.106
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
tabloidquantitycosts.com	308744	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.0 kB	173.233.137.52
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	32 kB	172.217.21.170
images.hh-content.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	874 B	8.2 kB	104.152.112.108
eggs-content.kinkoid.com	668083	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	225 kB	94.75.250.120
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	172.64.155.188
use.typekit.net	494	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	1.9 kB	95.101.11.120
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.38.227.80
www.hentaiheroes.com	373902	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.5 kB	1.8 MB	94.75.250.120
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
hh2.hh-content.com	490552	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.8 kB	183 kB	104.152.112.108

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	37.1.209.213	Sinkholed
2022-12-06	medium	tabloidquantitycosts.com	Sinkholed
2022-12-06	medium	tabloidquantitycosts.com	Sinkholed

JavaScript (18)

	URL	Size	First Seen	Last Seen
	www.hentaiheroes.com/js/chat.js?v=66997040	417 kB	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/js/chat.js?v=66997040 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:08 Times Seen1 Hash 8f73aff380e06800a6b1bfb18fd0ff79 89cb07ebbad970ae373187074a7f99fd10de26fe fa8159f6b107cec1ec5764868efcc2d0472b34e87ff5c6b6cb7f0e5fdbe515fa Loading...

	ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js	228 kB	2023-03-07	2024-04-18
Pretty URL ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:06 Last Seen2024-04-18 15:16:50 Times Seen1970 Hash fd255415839568e52a48da5de5af244c abd6f85a04584792d77e4791c441ff49e9e28c0d 9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1 Loading...

	www.hentaiheroes.com/home.html	635 B	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/home.html IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:09 Times Seen1 Hash aa17fcec618137be7c38acd1eab3735f 04ce377fcb2bceaba484d9d6d498b5c33382d817 fe0603aa4cda50606aec66e21ef56283cb296ab7bfb7572ac471035418b75345 Loading...

	www.hentaiheroes.com/home.html	191 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/home.html IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen9 Hash 40815edb83a0c9f9b97bcbe37cd10f34 851a1de353b1fa51ea13362a06efd0fd2bab9674 492149eb4a544a13a0616d36a6a6d5b479407ce6d66649dba5d3e9c79e848963 Loading...

	tabloidquantitycosts.com/xh7hfgcs3b?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14991262	2.1 kB	2023-03-07	2023-04-05
Pretty URL tabloidquantitycosts.com/xh7hfgcs3b?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14991262 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-19 20:55:27 Times Seen259907 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.hentaiheroes.com/phoenix-tr_labels-en-1412.js	46 kB	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/phoenix-tr_labels-en-1412.js IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:09 Times Seen1 Hash d866bd1c4267da86998ee7ebf2eeff38 c71a8832bcc44534f10cf69d48589874352eb168 b67094600c0a827b4e4d00471d95536d444b1827e40120bc0417e544be1bbfa7 Loading...

	www.hentaiheroes.com/js/default.js?v=66997040	1.9 MB	2023-03-08	2023-03-08
Pretty URL www.hentaiheroes.com/js/default.js?v=66997040 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2023-03-08 20:18:52 Times Seen1 Hash 06aa6269676d6712c0ce292305e32cc3 1f25d48717e4f2cf468c2a1af30f0f9355352018 0d817d985269ea83cacdfdf4c7737c24deec8d4fabec6c0efa5382e94bae0728 Loading...

	eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate	14 kB	2023-03-08	2024-02-07
Pretty URL eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2024-02-07 05:38:08 Times Seen1 Hash 0e2ee7dcd3c08aadd1997cf6b73177e0 7162c2103f222b3973fe4e5b096f30cb5263a340 d8ca24273ef503416d51bedb22f7c6e3171912e082bb079f395fede04d41b337 Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262	372 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen5 Hash 6a064ea2edd05fa1f76073af9c6bb531 a1ed97aa3e5a0eed66917059ef7e7946ab8684e5 fb4c198e5d9f593b38e0355209b01b862147319f2e1c2d9385839005f928d22e Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262	603 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen9 Hash 3557b9760f3d69a5bfadfae6511cc233 8324cc62723d39c36afc3a4fde6186d19cc7a6cb 72fcce08b7302a94277b130b6c0f996e95856edbdbce4471b4b180c995890f46 Loading...

	www.hentaiheroes.com/js/quest.js?v=66997040	31 kB	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/js/quest.js?v=66997040 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:08 Times Seen1 Hash 60a4e1bb597fd34403f3a295d4f0bcc8 3410f3fbb1618ab8424ce7287f6504bb12b9e437 4607f345ef63d7ac755f7644c837c93892f660be6b567cdda477c6f2c31553d1 Loading...

	www.hentaiheroes.com/js/guest.js?v=66997039	1.4 kB	2023-03-07	2023-07-04
Pretty URL www.hentaiheroes.com/js/guest.js?v=66997039 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:20 Last Seen2023-07-04 17:49:38 Times Seen61 Hash e0b082b77c7be4355a7049a6a7c5f353 d915737134d98b3a965cd5fa5cdaca6f65b5057c 9e09472f0d52ddb3a3d195366f5595855fd08ece7a60d3dfb5b38ea02363bfef Loading...

	www.hentaiheroes.com/home.html	4.5 kB	2023-03-08	2023-03-08
Pretty URL www.hentaiheroes.com/home.html IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:18:52 Last Seen2023-03-08 20:18:52 Times Seen1 Hash 0569c4b5697b857083392007ff97d86c 523281848dc8f7d31c7416ed0727a0d043730f36 4d287dd1634f36dfa453afbe20cb68a4813a70ab00d996cdca6b812bde0a90d4 Loading...

	tabloidquantitycosts.com/xh7hfgcs3b?key=f7f20db8a1fc8345220e78230713d1f0	359 B	2023-03-07	2023-03-17
Pretty URL tabloidquantitycosts.com/xh7hfgcs3b?key=f7f20db8a1fc8345220e78230713d1f0 IP 173.233.137.52 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:00 Last Seen2023-03-17 12:27:42 Times Seen1 Hash 1353620cd67c9bb158092ff0725299fd 7c9947d0e6258b4cfd212d60a12e0d553228a380 a1bc4286dc27d234f79b19f4d35fa48d842c811192222d42802ed8adde2a68ca Loading...

	www.hentaiheroes.com/js/screenfull.js?v=66997040	2.9 kB	2023-03-07	2024-02-05
Pretty URL www.hentaiheroes.com/js/screenfull.js?v=66997040 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:20 Last Seen2024-02-05 22:18:33 Times Seen112 Hash 67dbfe9b672c902f618ccb6440d6e8c4 5ee56f41df8abdd06f7fb5a668b95e9cb8076209 6f575774986ea35312c5d750b761fd82298bbfd8664f810d43e499d8c9bdb266 Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262	282 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen9 Hash eb8aff3709acb0f74ca084fc25705401 76b21aecb131f668c31b0b85c77573df22564daa db55d66890b6ffa5a5985df1397837bca74f22660470407b15ea5ef5b7db4219 Loading...

		Size	First Seen	Last Seen
	#1 Write - 059a1a102eecac64b7f1c0d433150b77	621 B	2023-03-08	2023-05-05
Pretty Observations First Seen2023-03-08 20:18:52 Last Seen2023-05-05 12:36:23 Times Seen5 Hash 059a1a102eecac64b7f1c0d433150b77 513bc95a784370f2e10f5ddbad29ce18ebdc1648 6c8bf0420c59600e926e68860d3833bcc9494909289d87bf1b40176ba99c418d Loading...

HTTP Transactions (73)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3926
Expires: Tue, 06 Dec 2022 13:49:30 GMT
Date: Tue, 06 Dec 2022 12:44:04 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 719
Cache-Control: max-age=165553
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 12:44:04 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 10:43:17 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

37.1.209.213/xD252Hx3?host=televipitalia.it/&mark=15022022_2shab_1000k_10itHesh_320k_noSUB&keyword=power%20bi%20make%20multi%20row%20card%20horizontal&template=&se_referrer=www.google.com/

37.1.209.213

302 Found

0 B

URL HTTP/1.1
37.1.209.213/xD252Hx3?host=televipitalia.it/&mark=15022022_2shab_1000k_10itHesh_320k_noSUB&keyword=power%20bi%20make%20multi%20row%20card%20horizontal&template=&se_referrer=www.google.com/
IP
37.1.209.213:0
ASN
#29802 HVC-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /xD252Hx3?host=televipitalia.it/&mark=15022022_2shab_1000k_10itHesh_320k_noSUB&keyword=power%20bi%20make%20multi%20row%20card%20horizontal&template=&se_referrer=www.google.com/ HTTP/1.1
Host: 37.1.209.213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 12:44:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://tabloidquantitycosts.com/xh7hfgcs3b?key=f7f20db8a1fc8345220e78230713d1f0
Pragma: no-cache
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3995
Expires: Tue, 06 Dec 2022 13:50:39 GMT
Date: Tue, 06 Dec 2022 12:44:04 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 12:18:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1526
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 2aI9rO+Uwz7qWe4eECu97gHIWGIuEaF3IWB+PEw2quH5W5Jxts5GYy3NY72uzveTEWa/Ynlt7Lw=
x-amz-request-id: XRDQBD1RZRS5J0A4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 11:47:05 GMT
age: 3419
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 12:44:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 12:11:20 GMT
cache-control: public,max-age=3600
age: 1964
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
986ab48875b132909cd7ef3d7929d616
cac3a4bf050994ed1b61860b014eb85d0bc441b7
b33daf3b4c5d88b6b8e8f3534e08b29d45aeabe8abb4a5bafa711678e09611d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B33DAF3B4C5D88B6B8E8F3534E08B29D45AEABE8ABB4A5BAFA711678E09611D1"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6292
Expires: Tue, 06 Dec 2022 14:28:57 GMT
Date: Tue, 06 Dec 2022 12:44:05 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 710
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 12:44:05 GMT
Etag: "638f062a-1d7"
Last-Modified: Tue, 06 Dec 2022 12:32:15 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

tabloidquantitycosts.com/xh7hfgcs3b?key=f7f20db8a1fc8345220e78230713d1f0

173.233.137.52

200 OK

1.2 kB

URL HTTP/1.1
tabloidquantitycosts.com/xh7hfgcs3b?key=f7f20db8a1fc8345220e78230713d1f0
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.2 kB (1227 bytes)
Hash
4d02741bb8dde54d9c9180fb190e4770
1486465616602ff498498b6b24edb90ff74f54a5
50cb64bdca76bd7fcd9cd19dfaa934cbb9b93172b35535f42df8cced898b2781

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /xh7hfgcs3b?key=f7f20db8a1fc8345220e78230713d1f0 HTTP/1.1
Host: tabloidquantitycosts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 12:44:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=14991262; expires=Wed, 07 Dec 2022 12:44:05 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDk5MTI2MiwiayI6ImY3ZjIwZGI4YTFmYzgzNDUyMjBlNzgyMzA3MTNkMWYwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4NTEzOCwicGlkIjo3MTk2NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ4aDdoZmdjczNiIiwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vIiwiaWYiOmZhbHNlLCJuYyI6ZmFsc2UsIm5qIjpmYWxzZSwiaW4iOmZhbHNlLCJ0cCI6MSwibmEiOmZhbHNlfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiJ9fQ.KKa1b094nx36bmaaKLoo7pz_JBfX8nYkuGdZwCHXEKA; expires=Tue, 06 Dec 2022 12:45:05 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: faeca0d3af927d7ecc430d04e52d9d22
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

push.services.mozilla.com/

52.38.227.80

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.227.80:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PUhA1yUc0+sQi8vrWJ5obw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: o20Oj2XAiJ59QkU9kZx4sMcV8sU=

tabloidquantitycosts.com/xh7hfgcs3b?shu=5076645a2efb4d4d89178caea2bb60af80d3759b1a5db17cccebd86fe581c0578e8604e25e10c63644914ac0385d58e1a232ee3884ca89a51d7baa9388f3f1f727863f4b963f26863b6ac09b97470bef32577eee273db9889df709e49b91fe21&pst=1670330705&rmtc=t&uuid=&pii=&in=false&key=f7f20db8a1fc8345220e78230713d1f0

173.233.137.52

302 Found

0 B

URL HTTP/1.1
tabloidquantitycosts.com/xh7hfgcs3b?shu=5076645a2efb4d4d89178caea2bb60af80d3759b1a5db17cccebd86fe581c0578e8604e25e10c63644914ac0385d58e1a232ee3884ca89a51d7baa9388f3f1f727863f4b963f26863b6ac09b97470bef32577eee273db9889df709e49b91fe21&pst=1670330705&rmtc=t&uuid=&pii=&in=false&key=f7f20db8a1fc8345220e78230713d1f0
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /xh7hfgcs3b?shu=5076645a2efb4d4d89178caea2bb60af80d3759b1a5db17cccebd86fe581c0578e8604e25e10c63644914ac0385d58e1a232ee3884ca89a51d7baa9388f3f1f727863f4b963f26863b6ac09b97470bef32577eee273db9889df709e49b91fe21&pst=1670330705&rmtc=t&uuid=&pii=&in=false&key=f7f20db8a1fc8345220e78230713d1f0 HTTP/1.1
Host: tabloidquantitycosts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tabloidquantitycosts.com/xh7hfgcs3b?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14991262
Cookie: u_pl=14991262; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDk5MTI2MiwiayI6ImY3ZjIwZGI4YTFmYzgzNDUyMjBlNzgyMzA3MTNkMWYwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo4NTEzOCwicGlkIjo3MTk2NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ4aDdoZmdjczNiIiwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vIiwiaWYiOmZhbHNlLCJuYyI6ZmFsc2UsIm5qIjpmYWxzZSwiaW4iOmZhbHNlLCJ0cCI6MSwibmEiOmZhbHNlfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiJ9fQ.KKa1b094nx36bmaaKLoo7pz_JBfX8nYkuGdZwCHXEKA; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 12:44:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=14991262&country_code=NO&cost_cpa=6.000000&externalid=196c5530b24e435b19dcdc46b94b2484
Set-Cookie: pdhtkv=true; expires=Wed, 07 Dec 2022 12:44:05 GMT
uncs=1; expires=Wed, 07 Dec 2022 12:44:05 GMT
pdhtkv28=true; expires=Wed, 07 Dec 2022 12:44:05 GMT
uncs28=1; expires=Wed, 07 Dec 2022 12:44:05 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ba8d5528e775634d70965386c957659
Strict-Transport-Security: max-age=0; includeSubdomains

www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=14991262&country_code=NO&cost_cpa=6.000000&externalid=196c5530b24e435b19dcdc46b94b2484

18.194.134.212

302 Found

0 B

URL HTTP/2
www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=14991262&country_code=NO&cost_cpa=6.000000&externalid=196c5530b24e435b19dcdc46b94b2484
IP
18.194.134.212:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=14991262&country_code=NO&cost_cpa=6.000000&externalid=196c5530b24e435b19dcdc46b94b2484 HTTP/1.1
Host: www.gaming-adult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tabloidquantitycosts.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 12:44:05 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262
pragma: no-cache
set-cookie: 7204697f-4e8d-41d7-be50-8876231cc9f1-v4=XwHAyalLuq7hRvpzz4E4_oeGI47_fTxHr29GKuRhFtc; Max-Age=86400; Expires=Wed, 07-Dec-2022 12:44:05 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=P24v5f1rd5DMXJhfjXISChgrpVrt3e8QDv1P5gxEurBbk8h1Ao0YF9rsxI4snON8HIljEkM0rBKsJitJyer%2FiOg4d%2FW%2FSS%2B4N0M21TMfiUdCsJD699fuUZoKznCjKEe%2BfXtGzyD4qv342PhzCeVEBw%3D%3D; Max-Age=31536000; Expires=Wed, 06-Dec-2023 12:44:05 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
22794b2ae4c179ebf430cb90349cc9e3
ad40916da53e8c4dbdcca2307af9e3d30b8f6c04
be60a5e346403f5cf74b7ef6aa615b64ee1c396a03e9b34fd32113e292b51c7f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 12:44:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 20:28:36 GMT
Expires: Mon, 12 Dec 2022 20:28:35 GMT
Etag: "ad40916da53e8c4dbdcca2307af9e3d30b8f6c04"
Cache-Control: max-age=545668,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77551c6a4c69b500-OSL

www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262

94.75.250.120

200 OK

2.2 kB

URL HTTP/2
www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
2.2 kB (2151 bytes)
Hash
145f7219b2ba7fa9d587f50247b77e66
12ca9710d442d2d9bbffa62e5cdb03241fbaa4cf
ba205d1c385038a2a67a6b268c661a50501ad3606a76f3f28a099527bef22e95

HTTP Headers

GET /?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tabloidquantitycosts.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; expires=Tue, 06-Dec-2022 20:44:06 GMT; Max-Age=28800; path=/; secure; SameSite=None
lang=en; expires=Wed, 06-Dec-2023 12:44:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
ref_id=1962391; expires=Wed, 06-Dec-2023 12:44:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc1=wb798qe6110vvsvkie8nlkd6; expires=Wed, 06-Dec-2023 12:44:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc2=Adsterra-David; expires=Wed, 06-Dec-2023 12:44:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc3=NO; expires=Wed, 06-Dec-2023 12:44:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc5=14991262; expires=Wed, 06-Dec-2023 12:44:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
source=96bfc843-3d0a-43e6-983d-914746b3a7f8; expires=Wed, 06-Dec-2023 12:44:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
campaign=693838; expires=Wed, 06-Dec-2023 12:44:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
HAPBK=web5|Y485G; path=/; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
content-length: 2151
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/screenfull.js?v=66997040

94.75.250.120

200 OK

935 B

URL HTTP/2
www.hentaiheroes.com/js/screenfull.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (2863), with no line terminators
Size
935 B (935 bytes)
Hash
4dfe9ff40759d6d7316a51d4c38e5f9e
e1e3d4777637e222b1200a6d6bc67135492f9dd0
5ba0c79e328a50335bcd5850178c1f0cb70cd5478e738950a925081d04c49c50

HTTP Headers

GET /js/screenfull.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262
Cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; lang=en; ref_id=1962391; tc1=wb798qe6110vvsvkie8nlkd6; tc2=Adsterra-David; tc3=NO; tc5=14991262; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web5|Y485G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:08 GMT
etag: "b2f-5eed449036db1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 935
content-type: application/javascript
X-Firefox-Spdy: h2

www.hentaiheroes.com/css/chat.css?v=66997038

94.75.250.120

200 OK

15 kB

URL HTTP/2
www.hentaiheroes.com/css/chat.css?v=66997038
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
15 kB (14842 bytes)
Hash
36c678f83bdb35473b9ca7b60cffea3e
d6e1c0aa9490f6acb63c7ca263da98685833c103
8bd55f9d7cd0dbc923ec33bc23bb91ba660e28e1c2841ddaab0f214c3d570eb2

HTTP Headers

GET /css/chat.css?v=66997038 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262
Cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; lang=en; ref_id=1962391; tc1=wb798qe6110vvsvkie8nlkd6; tc2=Adsterra-David; tc3=NO; tc5=14991262; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web5|Y485G
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:47 GMT
etag: "1ed5a-5eed447bb2e9a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14842
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 12:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 12:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

172.217.21.170

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 22:30:58 GMT
expires: Wed, 29 Nov 2023 22:30:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
age: 569588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 12:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 12:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2653
Expires: Tue, 06 Dec 2022 13:28:19 GMT
Date: Tue, 06 Dec 2022 12:44:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2653
Expires: Tue, 06 Dec 2022 13:28:19 GMT
Date: Tue, 06 Dec 2022 12:44:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2653
Expires: Tue, 06 Dec 2022 13:28:19 GMT
Date: Tue, 06 Dec 2022 12:44:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2653
Expires: Tue, 06 Dec 2022 13:28:19 GMT
Date: Tue, 06 Dec 2022 12:44:06 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 52478
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6352 bytes)
Hash
ebd3528452aecd80e39bbf82d3f71f2c
eaa956309d27052d466f7c4bd75b3bdf8443f251
680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m_QprITRv6aKoKB1VsoqgcIM18ZcHIrJk2gs7710QElOJBtrcskrJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:55 GMT
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
content-type: image/jpeg
age: 54131
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8660 bytes)
Hash
fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZbrQ6wWHMvuPGfdujPdgWq3ahDYeTi0wGfwnn27xEBt6TvM8r0kMgQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:49:39 GMT
age: 53667
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8656 bytes)
Hash
30d72693680b3ac91c0eee4d47a26196
cd923a5a3810bfe86be2eca4b97c739d76756d93
69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JVEVoNv1w1lqFYG0M8v2GK92-1MfPxn8SnZv5JZitWWEDuXJ4DwmqQ==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:41 GMT
age: 53725
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.hentaiheroes.com/home.html

94.75.250.120

200 OK

4.4 kB

URL HTTP/2
www.hentaiheroes.com/home.html
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1409)
Size
4.4 kB (4377 bytes)
Hash
240d3a785c6f8279cd4e83a8547ba5aa
88809d636c26a42af99f4751b445b13931d7fcc3
492c1af8712370b53d11229aee15727fe32113f7d7836ce3abc1f112594edb16

HTTP Headers

GET /home.html HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262
Cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; lang=en; ref_id=1962391; tc1=wb798qe6110vvsvkie8nlkd6; tc2=Adsterra-David; tc3=NO; tc5=14991262; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web5|Y485G
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
content-length: 4377
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11352 bytes)
Hash
7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 53744
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11175 bytes)
Hash
38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 53385
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 12:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
493f48fbdfdc7233185d8a4a9d3c9c91
ea96a444cdcbf41d2c6a39c6f927f7e90e8729f8
3b76293628808f3044b325d1e17ee01af8c66a728b85dbee39378abb052cda10

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 12:44:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 03:14:33 GMT
Expires: Mon, 12 Dec 2022 03:14:32 GMT
Etag: "ea96a444cdcbf41d2c6a39c6f927f7e90e8729f8"
Cache-Control: max-age=483625,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77551c6d68a9b500-OSL

fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2

142.250.74.163

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 27984, version 1.0\012- data
Size
28 kB (27984 bytes)
Hash
9c01ef3c4862a40bf29bd780e7e88da4
54db29d9cf8092d9c50d477c5d9d9e199c944453
dc6d951120092f271275422fbff657a219671695d03bdd251761e05ee9e86589

HTTP Headers

GET /s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 00:11:11 GMT
expires: Sat, 02 Dec 2023 00:11:11 GMT
cache-control: public, max-age=31536000
age: 390775
last-modified: Thu, 21 Apr 2022 17:07:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hh2.hh-content.com/clubs/ic_xCross.png

104.152.112.108

200 OK

1.3 kB

URL HTTP/2
hh2.hh-content.com/clubs/ic_xCross.png
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 82 x 74, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1264 bytes)
Hash
8ae89c096a2186b9ed393a2baa1e8886
53917bc9a063bc304440ec6ae17fb1c583c8f9c4
02c88820b0f0b1292dfc9a5ad88c8cbbfd7941a41ca69f00b769b41deb198be6

HTTP Headers

GET /clubs/ic_xCross.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
content-type: image/png
content-length: 1264
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6139-0-3676-h-0-0---;6140-24-10340----0-0-1
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/guest.js?v=66997039

94.75.250.120

200 OK

529 B

URL HTTP/2
www.hentaiheroes.com/js/guest.js?v=66997039
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (1367), with no line terminators
Size
529 B (529 bytes)
Hash
7348e55be15dc16f98e50b2826ece833
4186367a3694585077625c655a9c503cdabbd545
ea3aab4a54f71ce834d19887b7b10988bb3ba09ed818f92b80ee64150bf59972

HTTP Headers

GET /js/guest.js?v=66997039 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; lang=en; ref_id=1962391; tc1=wb798qe6110vvsvkie8nlkd6; tc2=Adsterra-David; tc3=NO; tc5=14991262; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web5|Y485G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:53 GMT
etag: "557-5eed4481d632f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 529
content-type: application/javascript
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/quest.js?v=66997040

94.75.250.120

200 OK

7.6 kB

URL HTTP/2
www.hentaiheroes.com/js/quest.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (31025), with no line terminators
Size
7.6 kB (7571 bytes)
Hash
d65d7a20c194bf8c9125428dd44b1576
7bff10651a28b670fc525d24ecff7dde31ca303b
2003ec1e3f70928e8364fa4da4e6a0fbe39f298c162538c653d8f99e241cbeec

HTTP Headers

GET /js/quest.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; lang=en; ref_id=1962391; tc1=wb798qe6110vvsvkie8nlkd6; tc2=Adsterra-David; tc3=NO; tc5=14991262; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web5|Y485G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:05 GMT
etag: "7931-5eed448d20d19-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7571
content-type: application/javascript
X-Firefox-Spdy: h2

hh2.hh-content.com/quest/ic_eyeopen.svg

104.152.112.108

200 OK

1.1 kB

URL HTTP/2
hh2.hh-content.com/quest/ic_eyeopen.svg
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1142 bytes)
Hash
d024138a612c10f6f1f53a59ee5e3dd2
eeaf38bfbcc7b8eb245647db978e61db286bcc30
54dc51810c4190a40a490c712bc60a7a2764e6213f8c1b7230836d83de5de996

HTTP Headers

GET /quest/ic_eyeopen.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
content-type: image/svg+xml
content-length: 1142
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7846-0-3621-h-0-0---;6140-24-10340----0-0-0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 12:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

hh2.hh-content.com/pictures/design/mob_rotation.gif

104.152.112.108

200 OK

104 kB

URL HTTP/2
hh2.hh-content.com/pictures/design/mob_rotation.gif
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
GIF image data, version 89a, 500 x 443\012- data
Size
104 kB (104376 bytes)
Hash
56deb21462c0875468e3d21f85bb61f9
97cb9c682beb7c0f9c7396d47472c9e263e0677a
f849636c8b1d9a0fb7fde5dde56795c2428291e5e76a53ce4c53974e6c32afa8

HTTP Headers

GET /pictures/design/mob_rotation.gif HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
content-type: image/gif
content-length: 104376
last-modified: Fri, 12 Mar 2021 15:25:52 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43340-h-0-0---;6140-24-10340----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/ic_loading_carrot.svg

104.152.112.108

200 OK

3.7 kB

URL HTTP/2
hh2.hh-content.com/ic_loading_carrot.svg
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
3.7 kB (3743 bytes)
Hash
c7ea21734a64fecf0b2b8f54e582e036
2383ef4319d210f37b256cdd05a6e75de60091bc
bd50e89429493ff3043675f67cbbdeea7da18da0ef2a8e0de870eb39dac8dd25

HTTP Headers

GET /ic_loading_carrot.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
content-type: image/svg+xml
content-length: 3743
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-28235-h-0-0---;6140-24-10340----0-0-0
X-Firefox-Spdy: h2

images.hh-content.com/hentai/pictures/design/logo2.png

104.152.112.108

200 OK

3.4 kB

URL HTTP/2
images.hh-content.com/hentai/pictures/design/logo2.png
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 566 x 250, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3449 bytes)
Hash
bb30651d4829e8d4aa2d2fe1da64b9c9
1607a6cec035df2fc2779732d7505f4c9ecdb5a2
0a9d9b559f56759b74032fa25a5f422cb094864a26e93f7b366a0f0dc8675782

HTTP Headers

GET /hentai/pictures/design/logo2.png HTTP/1.1
Host: images.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
content-type: image/png
content-length: 3449
last-modified: Tue, 23 Mar 2021 12:09:15 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: images.hh-content.com
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;6140-23-10340----0-0-1
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_login.svg

104.152.112.108

200 OK

8.7 kB

URL HTTP/2
hh2.hh-content.com/design/ic_login.svg
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
8.7 kB (8722 bytes)
Hash
5915a8ebac160e3953e4467dedec30b8
df20474ef16fc034e7c9bf27bb1bff222d106032
fec09101a2dbd6d4956c64c59f4898b448ec8dc884cbc01976ce6e6fa6eeb118

HTTP Headers

GET /design/ic_login.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
content-type: image/svg+xml
content-length: 8722
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;6140-23-10340----0-0-0
X-Firefox-Spdy: h2

images.hh-content.com/hentai/pictures/design/logo-apple-touch-icon.png

104.152.112.108

200 OK

4.0 kB

URL HTTP/2
images.hh-content.com/hentai/pictures/design/logo-apple-touch-icon.png
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Size
4.0 kB (4006 bytes)
Hash
4a10bda5a21000b2c5a222d78bcc279b
666fa6f947e14d6404c69058ee3f322d9afba40c
cb1fc8b83789ab447f0e774105cdc070ea28d30c0771497ed0cc1496c8dd5c08

HTTP Headers

GET /hentai/pictures/design/logo-apple-touch-icon.png HTTP/1.1
Host: images.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
content-type: image/png
content-length: 4006
last-modified: Thu, 17 Dec 2020 17:04:14 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: images.hh-content.com
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-7901-h-0-0---;6140-23-10340----0-0-1
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/design/ic_favicon_32px.png

104.152.112.108

200 OK

576 B

URL HTTP/2
hh2.hh-content.com/pictures/design/ic_favicon_32px.png
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
576 B (576 bytes)
Hash
f76e95aa42153a9047cd4b8bcca0be00
f67a235e807ec1d016d394d9d3790a95846e89fd
cd37f4f58b91e31ceb237b9470026a39bb96cf967b5886698bb2e38e65bf34e2

HTTP Headers

GET /pictures/design/ic_favicon_32px.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
content-type: image/png
content-length: 576
last-modified: Mon, 18 Jun 2018 08:55:04 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-7900-h-0-0---;6140-23-10340----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_join.svg

104.152.112.108

200 OK

1.4 kB

URL HTTP/2
hh2.hh-content.com/design/ic_join.svg
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (401), with CRLF line terminators
Size
1.4 kB (1411 bytes)
Hash
8ba97dba6572f93deebde7fe83bd5b69
f4cda4f98492c210aa990cf6063e8a79590ae011
f5557fa48f8dcff13b38b1b5055d04768470bc01be5a1a0971fd9293042b1b79

HTTP Headers

GET /design/ic_join.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
content-type: image/svg+xml
content-length: 1411
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43340-h-0-0---;6140-23-10340----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_legal.svg

104.152.112.108

200 OK

2.3 kB

URL HTTP/2
hh2.hh-content.com/design/ic_legal.svg
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.3 kB (2320 bytes)
Hash
e12db90b345490737b33530778cf44ee
e873e0209b1a08f5d87dd0534d6fd3311c9f766f
b8f586101e80adb692675c6b21adaad397a7ba1033d45d61d2f0189b78c6cb91

HTTP Headers

GET /design/ic_legal.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
content-type: image/svg+xml
content-length: 2320
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-7901-h-0-0---;6140-22-10340----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/quest/ic_eyeclosed.svg

104.152.112.108

200 OK

1.4 kB

URL HTTP/2
hh2.hh-content.com/quest/ic_eyeclosed.svg
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.4 kB (1424 bytes)
Hash
ee4ad4b4410fcc5898cab08a69780cd6
a8ed6e8ef5b181c240270cbcc7aa155405eb3003
1221af76045abbae2c6505da09d58cdee9ece408c45c084198f4b6646e60cb84

HTTP Headers

GET /quest/ic_eyeclosed.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
content-type: image/svg+xml
content-length: 1424
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-28235-h-0-0---;6140-23-10340----0-0-1
X-Firefox-Spdy: h2

fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2

142.250.74.163

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22144, version 1.0\012- data
Size
22 kB (22144 bytes)
Hash
f3ad3b3081bb38a18628d88ddf39b8b6
befa33190a885871d06ebf259dc12d0d325fd74c
252063af6ade8b9a744cde4ddad0fc21ea53b8ba711eed121a0c2e8610ea9c93

HTTP Headers

GET /s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:59:40 GMT
expires: Thu, 30 Nov 2023 18:59:40 GMT
cache-control: public, max-age=31536000
age: 495867
last-modified: Tue, 26 Apr 2022 15:48:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_fullscreen.svg

104.152.112.108

200 OK

9.1 kB

URL HTTP/2
hh2.hh-content.com/design/ic_fullscreen.svg
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
9.1 kB (9108 bytes)
Hash
0831c44a1a21d67c02ef25bc69e5b889
b160e53081718dfbde5d57fc71d3d09e7d263eac
ceb0ca832f16fdb1647cbf5d34d6c095dd6ad6b8b842dc2cf7317f15dcbe2f76

HTTP Headers

GET /design/ic_fullscreen.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:07 GMT
content-type: image/svg+xml
content-length: 9108
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;6140-23-10340----0-0-1
X-Firefox-Spdy: h2

hh2.hh-content.com/design/menu/sound_on.svg

104.152.112.108

200 OK

2.3 kB

URL HTTP/2
hh2.hh-content.com/design/menu/sound_on.svg
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.3 kB (2269 bytes)
Hash
c89b911deef6444f334ee6bec8b70bae
8e9121d4a8eb7cac274a7cc6b9665531d908e604
7c114f2ad2ce1fb762d9a537d35c75de9901a6885e00a77aa1b9486dd8169c8f

HTTP Headers

GET /design/menu/sound_on.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:07 GMT
content-type: image/svg+xml
content-length: 2269
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43339-h-0-0---;6140-23-10340----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png

104.152.112.108

200 OK

500 B

URL HTTP/2
hh2.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
500 B (500 bytes)
Hash
0be950aa354017dc58d2523c5d7bb687
d0fc1a220cdc3975fa92ac6f5f7b118048c54902
10bc9639649542c420fdec036e7aceedb3b16a0081c33fc97125c07b90f2b6b8

HTTP Headers

GET /design/quest_fullscreen/quest_exit_fullscreen.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:07 GMT
content-type: image/png
content-length: 500
last-modified: Fri, 23 Sep 2022 06:45:28 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;6140-23-10340----0-0-1
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/design/form/ic_XP.png

104.152.112.108

200 OK

4.4 kB

URL HTTP/2
hh2.hh-content.com/pictures/design/form/ic_XP.png
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
4.4 kB (4352 bytes)
Hash
5a8d57bde80c34a9a0f49ae67eeba882
e7112c1c1ba4b0013ae4089568ba14390a304bbf
645ef1f9c9ef97db46d9ff931b84312e6853df6c6a5e5406677b370d391aa8ad

HTTP Headers

GET /pictures/design/form/ic_XP.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:07 GMT
content-type: image/png
content-length: 4352
last-modified: Tue, 29 May 2018 11:40:00 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;6140-23-10340----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/design/ic_soft_currency.png

104.152.112.108

200 OK

4.8 kB

URL HTTP/2
hh2.hh-content.com/pictures/design/ic_soft_currency.png
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
4.8 kB (4783 bytes)
Hash
628032e842e346860ba4132a5b66fe93
d441605bb3c43621520525758d75b9c9bc99831a
1fbde569f6ce61dc1302f088318f2d1acdc24b85475e998bda540fc131c4f04a

HTTP Headers

GET /pictures/design/ic_soft_currency.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:07 GMT
content-type: image/png
content-length: 4783
last-modified: Wed, 13 Mar 2019 16:03:42 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;6140-23-10340----0-0-0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ddeec2659dd35289458795262eb9cd4d
b95c0721ecf6fa9bb0e18d268b4f85634b4289aa
1a503aa577a7216879029b90b943c6570339247f58ca2c241c7590bb92fb5b2b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A503AA577A7216879029B90B943C6570339247F58CA2C241C7590BB92FB5B2B"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15351
Expires: Tue, 06 Dec 2022 16:59:58 GMT
Date: Tue, 06 Dec 2022 12:44:07 GMT
Connection: keep-alive

www.hentaiheroes.com/ajax.php

94.75.250.120

200 OK

16 B

URL HTTP/2
www.hentaiheroes.com/ajax.php
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

HTTP Headers

POST /ajax.php HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 60
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; lang=en; ref_id=1962391; tc1=wb798qe6110vvsvkie8nlkd6; tc2=Adsterra-David; tc3=NO; tc5=14991262; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web5|Y485G
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:07 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-length: 16
content-type: application/json; charset=utf-8
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/show.svg

94.75.250.120

200 OK

510 B

URL HTTP/2
eggs-content.kinkoid.com/authentication/show.svg
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (510), with no line terminators
Size
510 B (510 bytes)
Hash
aae407daa4dba9e5d6b2ddf37a0f1b41
fa37c7736d6c33b9e62349cc65d0252bc715cb47
84bc80996a1db1c515d60d9fb037042d6220adc9b5be3bf279b06013fc9d6aa2

HTTP Headers

GET /authentication/show.svg HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Tue, 06 Dec 2022 12:44:07 GMT
content-type: image/svg+xml
content-length: 510
last-modified: Tue, 14 Jul 2020 06:31:15 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/audio/bg_music_2.ogg

104.152.112.108

206 Partial Content

31 kB

URL HTTP/2
hh2.hh-content.com/pictures/audio/bg_music_2.ogg
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
data
Size
31 kB (31368 bytes)
Hash
9f239050435104f4eb479ed551bc572e
6fb1f2be5cc8d1c7a37ad1817dc93352032aba7e
254539f96da4f49640a68355510591e55b42825ae910fe5b8f58961f93b7a416

HTTP Headers

GET /pictures/audio/bg_music_2.ogg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=1802240-
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Tue, 06 Dec 2022 12:44:07 GMT
content-type: audio/ogg
content-length: 31368
last-modified: Mon, 22 Feb 2021 09:58:57 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
content-range: bytes 1802240-1833607/1833608
x-cdn-diag: ams5-7846-0-3621-h-0-0---;6140-23-10340----0-0-1
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hide.svg

94.75.250.120

200 OK

748 B

URL HTTP/2
eggs-content.kinkoid.com/authentication/hide.svg
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (748), with no line terminators
Size
748 B (748 bytes)
Hash
cad59edc70e2ae6387ab04e4f961528f
c7bb66aa521e859f4d8a35b6b8da847862e24413
51bdb6a686feff9b34838a4e975c4ed30fb665543036b1f8adc6036be0764192

HTTP Headers

GET /authentication/hide.svg HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Tue, 06 Dec 2022 12:44:07 GMT
content-type: image/svg+xml
content-length: 748
last-modified: Tue, 14 Jul 2020 06:31:25 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hentaiheroes.com/img/quests/1/1/1600x/p1a.jpg

94.75.250.120

200 OK

195 kB

URL HTTP/2
www.hentaiheroes.com/img/quests/1/1/1600x/p1a.jpg
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 177x177, segment length 16, baseline, precision 8, 1600x901, components 3\012- data
Size
195 kB (195389 bytes)
Hash
87a5979a3ac59d0a4af0558c9b7e7d7d
f28bbdaa9dcf21f1be89ebdfd5984aea73dc52fd
6cf646370861d4f0cfb0df0762b093dcc4781d6de46b13b8123c810b0fb4cd67

HTTP Headers

GET /img/quests/1/1/1600x/p1a.jpg HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; lang=en; ref_id=1962391; tc1=wb798qe6110vvsvkie8nlkd6; tc2=Adsterra-David; tc3=NO; tc5=14991262; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web5|Y485G
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
server: Apache
cache-control: private, max-age=2629000, pre-check=2629000
pragma: private
expires: Sat, 31 Jan 70 11:16:40 +0100
strict-transport-security: max-age=31536000
content-type: image/jpg
X-Firefox-Spdy: h2

use.typekit.net/lfu1uah.css

95.101.11.120

200 OK

1.5 kB

URL HTTP/2
use.typekit.net/lfu1uah.css
IP
95.101.11.120:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
1.5 kB (1515 bytes)
Hash
7a76e322de46692442a59a77c3854b07
63d8924bfca90c5603752dcfb129a566215d1e76
00a0b99cde19868d9662c2cbb816add0b0d1b25f15840b32b2430962b027215f

HTTP Headers

GET /lfu1uah.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 827
date: Tue, 06 Dec 2022 12:44:07 GMT
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/chat.js?v=66997040

94.75.250.120

200 OK

488 kB

URL HTTP/2
www.hentaiheroes.com/js/chat.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
488 kB (487756 bytes)
Hash
e5e0df3f3407adf6a2b523902b6daf4d
e87e225da008df16c949a41754f8effb459c20c8
983fb2d17305896214f4eb59a0d4a005b225e51521a71cd174ffc549c8e57801

HTTP Headers

GET /js/chat.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wb798qe6110vvsvkie8nlkd6&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=14991262
Cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; lang=en; ref_id=1962391; tc1=wb798qe6110vvsvkie8nlkd6; tc2=Adsterra-David; tc3=NO; tc5=14991262; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web5|Y485G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:07 GMT
etag: "65b72-5eed448f28595-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hentai/forgotten_password.png

94.75.250.120

200 OK

223 kB

URL HTTP/2
eggs-content.kinkoid.com/authentication/hentai/forgotten_password.png
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size
223 kB (222857 bytes)
Hash
8ca851d27cfc171809a2df1bcda0d298
4195c1ea0fe0be41c6611f7ac2d3ad04d0c0496f
cb7c3470a20fb0ca125356f550da9f2404aabcba21b595be4b0a147ff8dc542e

HTTP Headers

GET /authentication/hentai/forgotten_password.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Tue, 06 Dec 2022 12:44:07 GMT
content-type: image/png
content-length: 222857
last-modified: Tue, 14 Jul 2020 04:40:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/default.js?v=66997040

94.75.250.120

200 OK

1.1 MB

URL HTTP/2
www.hentaiheroes.com/js/default.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
1.1 MB (1101502 bytes)
Hash
c8ae8473c241fcc2f4ec0ffbd9a4f517
7c2d68f15a4b54ecf4303bd22822682a03d1fdf3
223c657d5f963052e7f58d9bca41b2e6cd4accdd5fb7e9d03f14b092f24b517d

HTTP Headers

GET /js/default.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; lang=en; ref_id=1962391; tc1=wb798qe6110vvsvkie8nlkd6; tc2=Adsterra-David; tc3=NO; tc5=14991262; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web5|Y485G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:04 GMT
etag: "1ca4c8-5eed448b82c1c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css

95.101.11.112

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css
IP
95.101.11.112:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
date: Tue, 06 Dec 2022 12:44:07 GMT
X-Firefox-Spdy: h2

www.hentaiheroes.com/css/default.css?v=66997038

94.75.250.120

200 OK

0 B

URL HTTP/2
www.hentaiheroes.com/css/default.css?v=66997038
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/default.css?v=66997038 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; lang=en; ref_id=1962391; tc1=wb798qe6110vvsvkie8nlkd6; tc2=Adsterra-David; tc3=NO; tc5=14991262; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web5|Y485G
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:45 GMT
etag: "1a002d-5eed4479c4c5e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2

eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate

94.75.250.120

200 OK

0 B

URL HTTP/2
eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /authentication/start_authentication?product_id=1&language=en&purpose=authenticate HTTP/1.1
Host: eggs-ext.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST, GET
access-control-max-age: 2592000
access-control-allow-headers: protocol
content-type: text/html; charset=utf-8
date: Tue, 06 Dec 2022 12:44:07 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 12:44:06 GMT
date: Tue, 06 Dec 2022 12:44:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/audio/bg_music_2.ogg

104.152.112.108

206 Partial Content

0 B

URL HTTP/2
hh2.hh-content.com/pictures/audio/bg_music_2.ogg
IP
104.152.112.108:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pictures/audio/bg_music_2.ogg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Tue, 06 Dec 2022 12:44:07 GMT
content-type: audio/ogg
content-length: 1833608
last-modified: Mon, 22 Feb 2021 09:58:57 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
content-range: bytes 0-1833607/1833608
x-cdn-diag: ams5-7846-0-3621-h-0-0---;6140-22-10340----0-0-1
X-Firefox-Spdy: h2

www.hentaiheroes.com/phoenix-tr_labels-en-1412.js

94.75.250.120

200 OK

0 B

URL HTTP/2
www.hentaiheroes.com/phoenix-tr_labels-en-1412.js
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /phoenix-tr_labels-en-1412.js HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=mnj9olo4ehe289bm4n8ne3bt3j; lang=en; ref_id=1962391; tc1=wb798qe6110vvsvkie8nlkd6; tc2=Adsterra-David; tc3=NO; tc5=14991262; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web5|Y485G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 12:44:06 GMT
server: Apache
content-encoding: gzip
cache-control: private, max-age=604800, pre-check=604800
pragma: private
expires: Thu, 08 Jan 70 01:00:00 +0100
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8;
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations