Report - qhentai.net/

Report Overview

Submitted URL
qhentai.net/
IP
104.21.67.182
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-26 14:35:32
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	55 kB	142.250.74.163
academyenrage.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	14 kB	192.243.59.20
ic.tynt.com	4300	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	1.8 kB	67.202.105.32
creepingbrings.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	962 B	172.64.129.12
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	425 B	746 B	142.250.74.10
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
limurol.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.8 kB	5.6 kB	62.122.171.6
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	20 kB	142.250.74.174
cdn.tynt.com	7260	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	337 B	391 B	172.64.151.83
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	15 kB	93.184.220.29
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	404 B	3.66.118.16
t.dtscout.com	11951	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	835 B	3.0 kB	158.69.139.238
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	35 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	43 kB	142.250.74.72
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	652 B	1.5 kB	23.36.76.226
cdn.sb4you1.com	22321	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.9 kB	172.64.201.2
whos.amung.us	12687	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	986 B	483 B	104.22.75.171
de.tynt.com	1252	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	329 B	67.202.105.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.41.98.34
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.9 kB	104.18.32.68
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	143.204.42.88
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	13 kB	45.133.44.9
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	19 kB	23.36.76.226
coliassfeurytheme.com	371007	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	59 kB	62.122.171.6
dictatepantry.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.0 kB	8.7 kB	192.243.59.20
cdn.barscreative1.com	25648	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	922 B	45.133.44.3
qhentai.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	760 B	1.3 kB	172.67.179.83
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	678 B	423 B	192.243.61.227
waust.at	38137	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	332 B	729 B	104.26.4.7

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-26	medium	cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-26	medium	limurol.com	Sinkholed
2022-09-26	medium	academyenrage.com	Sinkholed
2022-09-26	medium	limurol.com	Sinkholed
2022-09-26	medium	limurol.com	Sinkholed
2022-09-26	medium	limurol.com	Sinkholed
2022-09-26	medium	limurol.com	Sinkholed
2022-09-26	medium	limurol.com	Sinkholed
2022-09-26	medium	dictatepantry.com	Sinkholed
2022-09-26	medium	dictatepantry.com	Sinkholed
2022-09-26	medium	dictatepantry.com	Sinkholed
2022-09-26	medium	dictatepantry.com	Sinkholed
2022-09-26	medium	dictatepantry.com	Sinkholed
2022-09-26	medium	dictatepantry.com	Sinkholed
2022-09-26	medium	unseenreport.com	Sinkholed

Files detected

URL
r3.o.lencr.org/
IP
23.36.76.226
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, max compression\012- data
Size
1.2 kB (1163 bytes)
Hash
0ac73bf7b357612de4a280d444a59d60
fc222ba82d8921a58b32554a54b27aebdbef37f6
17a7761feb8318eca58faf4fe8f28b5e6020f93e525d7f4b3e84cb06848338fe

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (31)

	URL	Size	First Seen	Last Seen
	t.dtscout.com/i/?l=https%3A%2F%2Fqhentai.net%2F&j=	2.1 kB	2023-03-07	2024-05-10
Pretty URL t.dtscout.com/i/?l=https%3A%2F%2Fqhentai.net%2F&j= IP 158.69.139.238 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-05-10 09:56:16 Times Seen4537 Hash 51bd741af3fcc4984d1a753eebfa1141 534664acf69cbbb5c9b97c96b63dd37bdc580da2 3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c Loading...

	whos.amung.us/pingjs/?k=1uevt03ymc&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&c=d&x=https%3A%2F%2Fqhentai.net%2F&y=&a=1&v=27&r=7968	29 B	2023-03-08	2023-03-08
Pretty URL whos.amung.us/pingjs/?k=1uevt03ymc&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&c=d&x=https%3A%2F%2Fqhentai.net%2F&y=&a=1&v=27&r=7968 IP 104.22.75.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:45:27 Last Seen2023-03-08 01:45:27 Times Seen1 Hash 86cfba7b51ba9090b54b59afbe5313a0 7e1436d597537fbb9e461f843aa5b9f8f73253de 34a541c6d6289658a9c4d996459446cabe9f95a2c3b1c7a34f67112115f8597d Loading...

	academyenrage.com/e7/cf/e5/e7cfe544518aace9f643b4f7f49e840d.js	37 kB	2023-03-08	2023-03-08
Pretty URL academyenrage.com/e7/cf/e5/e7cfe544518aace9f643b4f7f49e840d.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:45:27 Last Seen2023-03-08 01:45:27 Times Seen1 Hash bb629b83539327b22cee777804231320 3258ddf922270563861f05d786e5c44f8cbf8be0 25be5004a68c2f5ce1355000b7853370b4c8b1c6b793207ac41ec080d129b037 Loading...

	qhentai.net/wp-content/cache/min/1/wp-content/themes/fairy/candidthemes/assets/custom/js/custom-86036d803d1837603edae91340653dac.js	4.1 kB	2023-03-07	2023-09-16
Pretty URL qhentai.net/wp-content/cache/min/1/wp-content/themes/fairy/candidthemes/assets/custom/js/custom-86036d803d1837603edae91340653dac.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:35 Last Seen2023-09-16 20:31:52 Times Seen12 Hash 6f90b49e0a2d5c66ce14698ec201a4e8 d6ec9075adf9eeabc2ac0f8a487b05d6ea4e6b4c 506524d4794402c68208f920b3d06db190829b1eb16a68a0eafde7f3e8a1e07d Loading...

	coliassfeurytheme.com/get/1808823?zoneid=1808823&jp=_clbe45c6c90a6irbccuey4&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8271839527196376	3.4 kB	2023-03-08	2023-03-08
Pretty URL coliassfeurytheme.com/get/1808823?zoneid=1808823&jp=_clbe45c6c90a6irbccuey4&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8271839527196376 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:45:27 Last Seen2023-03-08 01:45:27 Times Seen1 Hash be434cf5056e31a854d23ee80890db9d 42fbacd910f9fa8c933de634d5e8b1db7069766c f0d94a47ab225cecf2a8226313449a0fc3280823798173d167d448d1e6be1372 Loading...

	qhentai.net/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-migrate.min-3.3.2.js	11 kB	2023-03-07	2024-05-10
Pretty URL qhentai.net/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-migrate.min-3.3.2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-10 12:26:04 Times Seen69191 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	qhentai.net/wp-content/cache/busting/1/wp-includes/js/masonry.min-4.2.2.js	24 kB	2023-03-07	2024-05-10
Pretty URL qhentai.net/wp-content/cache/busting/1/wp-includes/js/masonry.min-4.2.2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-05-10 13:58:01 Times Seen15502 Hash 3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb Loading...

	qhentai.net/	92 B	2023-03-08	2023-12-27
Pretty URL qhentai.net/ IP 172.67.179.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:45:27 Last Seen2023-12-27 07:47:31 Times Seen2 Hash f6af13b2ef28da6699008f5a2f887e04 55ceff5a195b08edcf5f3d2e22ef095a0a085443 fc479869009266ad0becc43a33e8a523d1e88eb1368d3767f15a5f1cd9421bfa Loading...

	qhentai.net/wp-content/cache/min/1/wp-content/themes/fairy/candidthemes/assets/custom/js/theia-sticky-sidebar-0f5fd298fb7fb97ce447af50fa920c8a.js	6.5 kB	2023-03-07	2023-09-16
Pretty URL qhentai.net/wp-content/cache/min/1/wp-content/themes/fairy/candidthemes/assets/custom/js/theia-sticky-sidebar-0f5fd298fb7fb97ce447af50fa920c8a.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:35 Last Seen2023-09-16 20:31:52 Times Seen17 Hash 416301ecbb604cc06cc1ba60c7dec88a 92384df9ce69f1fe6d64773ef24d1add28e003ab 8e7df8d3e60ec93fc8aa72baa550993ba0f4d427f5ae58dedde5f3a12794d30c Loading...

	t.dtscout.com/pv/?_a=v&_h=qhentai.net&_ss=2fsm50uetz&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6nh7&_cb=_dtspv.c	51 B	2023-03-08	2023-03-08
Pretty URL t.dtscout.com/pv/?_a=v&_h=qhentai.net&_ss=2fsm50uetz&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6nh7&_cb=_dtspv.c IP 158.69.139.238 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:45:27 Last Seen2023-03-08 01:45:27 Times Seen1 Hash 6e74a4f33ccf1778452a7accf73400b7 dfa14f72eb2b4c5a217ec229ce587bffce75c094 a1f930d01fb2a67a9b43569b4f9f468f6b573c520d933c8d496714a78d28e82e Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	whos.amung.us/pingjs/?k=c0p2get2un&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&c=d&x=https%3A%2F%2Fqhentai.net%2F&y=&a=0&v=27&r=4294	31 B	2023-03-08	2023-03-08
Pretty URL whos.amung.us/pingjs/?k=c0p2get2un&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&c=d&x=https%3A%2F%2Fqhentai.net%2F&y=&a=0&v=27&r=4294 IP 104.22.75.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:45:27 Last Seen2023-03-08 01:45:27 Times Seen1 Hash 3c93faeea8f78c87e626d3d2587d816b 4dabfbd5efa72d6a0e84e8ae4a616e1af1551c3d 630e7f878ceb1508775e5fc7bbec47f53fd4dc7a49019d720b37b084fab762f7 Loading...

	limurol.com/ssp/req/1808823/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=lSdfZ7m9hBEG1lJrWoDAkQqmrmWIFWMD2jZGYtT19vgfCYvvmI9gDCAsn6f5UK076DfDmJZBaJhqu7SkSVF9iDmaKDj1AsXJfvGsqPHk6ON7XGRcHF3-1E08wMSSAefloTSAvitrjEfHYSfjNneKuae1YzYeu6kDewtHoRe9LWrjRLjqnnhWcpA4ehGzRBetll_xCpaYBSBomIkFqcAGniHnSyqCt-j7CL5XX1b2xeHtPzH4ss0XZCVlVwEgNo5I40KTBT1TAJ8nH2_ZZb4CKvZ9DM82zXvGCya9RATluy1DuQHtSTf9LwVsV3gUEtpJsCPeEnG7XT7Fsti0qAffCU8pzCsNR3O4k2nAds8Pv4pMOWxcqGuGTF-Kvgd830lSxT-92jNoBAwcVxZ2OYHpYx804YdU_wtnMEux1mWCIiIvS79hKn8eOeKzGNqZ2_XmhXVHEitTu_-POoykrwzNEIwXAj6iPf7peo8yFqS_4_K6yKHs_EdprBi_P6DchvUMbjjdD5TZev7W8XbU8yNZO-oP8a37qAzsdF69l4UbU7BKl099zG3ysoW_6jiPRmVYhxQqP80GYbDFqaJnwjVmuJskEA==&cb=_clytrs1je8eb8s1799xdae&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24	7 B	2023-03-07	2024-04-17
Pretty URL limurol.com/ssp/req/1808823/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=lSdfZ7m9hBEG1lJrWoDAkQqmrmWIFWMD2jZGYtT19vgfCYvvmI9gDCAsn6f5UK076DfDmJZBaJhqu7SkSVF9iDmaKDj1AsXJfvGsqPHk6ON7XGRcHF3-1E08wMSSAefloTSAvitrjEfHYSfjNneKuae1YzYeu6kDewtHoRe9LWrjRLjqnnhWcpA4ehGzRBetll_xCpaYBSBomIkFqcAGniHnSyqCt-j7CL5XX1b2xeHtPzH4ss0XZCVlVwEgNo5I40KTBT1TAJ8nH2_ZZb4CKvZ9DM82zXvGCya9RATluy1DuQHtSTf9LwVsV3gUEtpJsCPeEnG7XT7Fsti0qAffCU8pzCsNR3O4k2nAds8Pv4pMOWxcqGuGTF-Kvgd830lSxT-92jNoBAwcVxZ2OYHpYx804YdU_wtnMEux1mWCIiIvS79hKn8eOeKzGNqZ2_XmhXVHEitTu_-POoykrwzNEIwXAj6iPf7peo8yFqS_4_K6yKHs_EdprBi_P6DchvUMbjjdD5TZev7W8XbU8yNZO-oP8a37qAzsdF69l4UbU7BKl099zG3ysoW_6jiPRmVYhxQqP80GYbDFqaJnwjVmuJskEA==&cb=_clytrs1je8eb8s1799xdae&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-04-17 16:44:22 Times Seen16320 Hash a97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Loading...

	qhentai.net/wp-content/cache/min/1/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick-7830a82bd7d513dd5e67242ec32e14df.js	53 kB	2023-03-07	2024-04-10
Pretty URL qhentai.net/wp-content/cache/min/1/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick-7830a82bd7d513dd5e67242ec32e14df.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:35 Last Seen2024-04-10 17:01:48 Times Seen42 Hash 73bdb2137ecd79e21392cade42ba7208 97c960fcd7e5ec0e7650f60e999ab961c140847f 1d94e36ef5ab196c9679fb700502f4660b27bf55792b7f784259631191754cf9 Loading...

	qhentai.net/wp-content/cache/busting/1/wp-includes/js/imagesloaded.min-4.1.4.js	5.6 kB	2023-03-07	2024-05-10
Pretty URL qhentai.net/wp-content/cache/busting/1/wp-includes/js/imagesloaded.min-4.1.4.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-05-10 10:07:04 Times Seen31131 Hash 3a56752b736635bf69cb069b8818cbfd 42e0951fe74bb3f56a30f51291823bcd4a84d76e ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Loading...

	qhentai.net/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.min.js	5.3 kB	2023-03-07	2024-05-07
Pretty URL qhentai.net/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2024-05-07 19:12:27 Times Seen235 Hash b906c7b5d31efde9c615de31cf4c089c 721540e4babc25b6f245b92aeef70e993e408d80 fd9b21475370627e77a6988f76c0bf93a005f9e66c4f2e9fd62e5c2de5976dc9 Loading...

	waust.at/d.js	15 kB	2023-03-07	2023-03-17
Pretty URL waust.at/d.js IP 104.26.4.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2023-03-17 12:43:01 Times Seen1 Hash c6681ccbe8ce73c588bdb5a7a13b94a7 4f995dfb129046f640ecf89f5b2caa384b4460ee 95c9628c1b9999a708886345c166c5234c9e0f4e8f540939a0e2fe66168d320c Loading...

	coliassfeurytheme.com/get/1831526?zoneid=1831526&jp=_clohpyuiou7r9vte9h0uhm&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4612664829992131	3.3 kB	2023-03-08	2023-03-08
Pretty URL coliassfeurytheme.com/get/1831526?zoneid=1831526&jp=_clohpyuiou7r9vte9h0uhm&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4612664829992131 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:45:27 Last Seen2023-03-08 01:45:27 Times Seen1 Hash 0da64904d3a31be49f2fc287083dc761 50e447fad518fff050698af6f6e0b4cdae30c1a3 49af24a5691601eb4b9138a76dd77bc903877e4a4194b37c02a8fb35ea4c8429 Loading...

	qhentai.net/wp-content/cache/busting/1/wp-includes/js/jquery/jquery.min-3.6.0.js	90 kB	2023-03-07	2024-05-10
Pretty URL qhentai.net/wp-content/cache/busting/1/wp-includes/js/jquery/jquery.min-3.6.0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-10 12:06:17 Times Seen32115 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	qhentai.net/wp-content/cache/min/1/wp-content/themes/fairy/js/navigation-5b7910ade214a218917767908d2dee27.js	1.4 kB	2023-03-07	2023-09-16
Pretty URL qhentai.net/wp-content/cache/min/1/wp-content/themes/fairy/js/navigation-5b7910ade214a218917767908d2dee27.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:35 Last Seen2023-09-16 20:31:52 Times Seen10 Hash 19eb9f07b5a48d2e0529aa2cbb6caf80 f964985e6465bd83d7a2efab8d73affca3223b78 76d398c7a1f21bc46e67cd199b98087675c1e4e3c6e326ecad51bcdcb43683d9 Loading...

	qhentai.net/	152 B	2023-03-08	2023-03-08
Pretty URL qhentai.net/ IP 172.67.179.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:45:27 Last Seen2023-03-08 01:45:27 Times Seen1 Hash b324de5a059d03fc5f71354ba8196d4f 75df3f7d1492c1a9dd49eac979dc9b924f8de716 dcb47f6e75f7acf7f929c0059fde47bcfa99e74e168893adf1df2fcd72399f21 Loading...

	coliassfeurytheme.com/t/9/fret/meow4/1808823/brt.js	68 kB	2023-03-08	2023-03-08
Pretty URL coliassfeurytheme.com/t/9/fret/meow4/1808823/brt.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:45:27 Last Seen2023-03-08 01:45:27 Times Seen1 Hash 668b74a97c8933c4362cb44520642937 9c990187963b0f08c876fc151bb79917888a51fc 258ba9add0d0a3038b6d62ea0e921a0209440e2aed7cd110cfaade89fe06fb88 Loading...

	qhentai.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-10
Pretty URL qhentai.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-10 13:57:16 Times Seen56516 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	qhentai.net/	1.6 kB	2023-03-07	2024-05-10
Pretty URL qhentai.net/ IP 172.67.179.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-05-10 05:46:17 Times Seen694 Hash 388722716c8c89af1136cef19a98017c 50875c3734cfd73eb9856bef783de97dbb496dae d39b00bf80cd9591e726005002d8084407bdb41ce867ac0e70ede5b7a781c472 Loading...

	qhentai.net/	92 B	2023-03-07	2023-08-14
Pretty URL qhentai.net/ IP 172.67.179.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:35 Last Seen2023-08-14 00:20:24 Times Seen23 Hash 7b2012ac5055cc424557b490903f46b9 32fbdb195e16d56b89afd394656a8cdab3ce7bd9 f665cf0cb2cd5aaa8257a8b28c1570dbfe7ba8ef10ed2deb9039f69bb5bb8bf7 Loading...

	www.googletagmanager.com/gtag/js?id=UA-179947176-13	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-179947176-13 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:45:27 Last Seen2023-03-08 01:45:27 Times Seen1 Hash e521435bce0796f5b6b2464d7ec6aa03 c92b1940582c8640f95c9b309c36179d09a1fc0b dcbeb55653b0deb5812551ddb8d31ca80974c15c439a1b98d542a1000be2acb4 Loading...

	cdn.tynt.com/tc.js	18 kB	2023-03-07	2023-03-17
Pretty URL cdn.tynt.com/tc.js IP 172.64.151.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 12:46:36 Times Seen1 Hash f9ab02a95c5035df7c44c8c046e95866 bafa1e72a0fa99774b56e31d04f5393bb1c04bbc 937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae Loading...

	http:blank	659 B	2023-03-08	2023-03-10
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:44:01 Last Seen2023-03-10 15:58:50 Times Seen1 Hash d6868a98494b99fd5723dcf5abdfebf2 0fc1dc53eab65d405fd7e0d9169b79f96ed4184c 29b702c02ac4b6088a6c7618622af9a62834c459eb2c704c4a800f8eac942db6 Loading...

	coliassfeurytheme.com/t/9/fret/meow4/1831526/8767118e.js	68 kB	2023-03-08	2023-03-08
Pretty URL coliassfeurytheme.com/t/9/fret/meow4/1831526/8767118e.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:44:01 Last Seen2023-03-08 01:45:27 Times Seen1 Hash d39c11c5e925d2c086c7d619c4fb036b 748613dac8303118ed8a8d42f82f14debcf516c5 c9c05d11b99b7770ef905d1e2ec4353b5e5fc7258fde1054ad8c78279a7faac0 Loading...

	de.tynt.com/deb/v2?id=w!c0p2get2un~w!1uevt03ymc&dn=TC&cc=1&r=	4 B	2023-03-07	2024-05-10
Pretty URL de.tynt.com/deb/v2?id=w!c0p2get2un~w!1uevt03ymc&dn=TC&cc=1&r= IP 67.202.105.32 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-05-10 10:18:42 Times Seen3084 Hash 350fd6ef6446635f7a8f608434a405ec a4b6c275ac2c80ec925b5c0c5c6abb79ba897356 d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b2c2041f8d99c45e0f21474fe4f8b7bc	17 B	2023-03-07	2024-05-10
Pretty Observations First Seen2023-03-07 01:03:01 Last Seen2024-05-10 10:18:19 Times Seen7483 Hash b2c2041f8d99c45e0f21474fe4f8b7bc 0b876666393469c726a2e3edbb29544c03a92154 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061 Loading...

HTTP Transactions (91)

URL IP Response Size

qhentai.net/

172.67.179.83

301 Moved Permanently

0 B

URL HTTP/1.1
qhentai.net/
IP
172.67.179.83:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: qhentai.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 14:35:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 26 Sep 2022 15:35:21 GMT
Location: https://qhentai.net/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3euc1U7oUcKu1OZQKDmQ83Tut804%2FMxVdHziYfCpyy0cY4qu%2BQO9eoT8SC4NqH7tgIkcdMBnQ4%2B9cFRjDeOhUzhvsOcX4xHNzbHym45TWgY4sMA1om05vp14tnlwlw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750cb9c2eee3fabc-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 14:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qffI_0iSsN2Br8z_J-Ip5PMOgnSPGghJ03u_AztzJG2QZAW9Id6t7g==
Age: 1203

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9332
Expires: Mon, 26 Sep 2022 17:10:53 GMT
Date: Mon, 26 Sep 2022 14:35:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5674
Expires: Mon, 26 Sep 2022 16:09:55 GMT
Date: Mon, 26 Sep 2022 14:35:21 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: f2ROkgLhdz2fqnxlqZNL8zqE6+rt1KBXLtSRwUkRo7eoWMAOOjmj7EF3NoA5lsB+Fn/8IuelZLA=
x-amz-request-id: NYRPN9X6740BANWF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Sep 2022 13:46:20 GMT
age: 2941
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
892c01032e07d3deb1251043625e1e69
a4215c74aa6d71423498f18368dbfe5a9a277b17
0db68b86eb8fe60a4998abfbf92a1983c87469451099cab1bba1990547942800

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:35:21 GMT
Server: ECS (amb/6BB9)
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
892c01032e07d3deb1251043625e1e69
a4215c74aa6d71423498f18368dbfe5a9a277b17
0db68b86eb8fe60a4998abfbf92a1983c87469451099cab1bba1990547942800

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:35:21 GMT
Last-Modified: Mon, 26 Sep 2022 14:35:21 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

12 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
12 kB (12252 bytes)
Hash
7fbb19ac75a244fcd0ebd632ab1bffaf
a4f28ac570b1d617fd470e43726902b424df087a
5b74eaf089bec09d435e3dc8e5fc6cf132fd35e5472c4af5cdbb3ca7179167ac

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5836
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:35:22 GMT
Last-Modified: Mon, 26 Sep 2022 12:58:06 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

32 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
32 kB (31563 bytes)
Hash
2a1f54e2520f59b001f7a4d80f617ebe
4d8d4be8acc5714bfdab173d8f6d13dba543ae3f
e8687b37a3d5fca62df9844350996a9a66d37ec769534898e871f4360928c64a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:35:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:35:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-179947176-13

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-179947176-13
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
42 kB (42208 bytes)
Hash
8fbd5815f986d13c5d7222234f2355ac
c1a829e827dae268c977ccb17addd384d185c589
e26a8623c965aae8916fb11b013dbf787870af20af06f8ba75a9c6b0a523bfba

HTTP Headers

GET /gtag/js?id=UA-179947176-13 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 14:35:22 GMT
expires: Mon, 26 Sep 2022 14:35:22 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 14:10:46 GMT
Expires: Mon, 26 Sep 2022 14:30:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XwA2N_ryo89V6P67CnmvvQlRkyfq2DbrHx7w4l3HcZjOUpv3vf7bMg==
Age: 1476

coliassfeurytheme.com/t/9/fret/meow4/1831526/8767118e.js

62.122.171.6

200 OK

26 kB

URL HTTP/2
coliassfeurytheme.com/t/9/fret/meow4/1831526/8767118e.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
26 kB (26508 bytes)
Hash
8457440d8cc05ee7b3bc6128f8151cb3
259057b5297667ef6dca34441f446659c14521b2
9ec7e29f47badb4a1b80dc63f20568e77ede636be680416fc351c25c3287d7fa

HTTP Headers

GET /t/9/fret/meow4/1831526/8767118e.js HTTP/1.1
Host: coliassfeurytheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:22 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1091a"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

coliassfeurytheme.com/t/9/fret/meow4/1808823/brt.js

62.122.171.6

200 OK

26 kB

URL HTTP/2
coliassfeurytheme.com/t/9/fret/meow4/1808823/brt.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
26 kB (26431 bytes)
Hash
650725a4c908e8ae736641d6b42b38c3
bd8e9f04f646eabc0bf62babb025b99043cab6c4
e1930867f1e5251c58aa7f453328ad031ce0c12de548500f7b0eb875c9cb8200

HTTP Headers

GET /t/9/fret/meow4/1808823/brt.js HTTP/1.1
Host: coliassfeurytheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:22 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 10:23:52 GMT
vary: Accept-Encoding
etag: W/"63284338-107c5"
x-js-ab1: var28
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

coliassfeurytheme.com/solid.gif?z=1808823&abvar=28

62.122.171.6

200 OK

43 B

URL HTTP/2
coliassfeurytheme.com/solid.gif?z=1808823&abvar=28
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=1808823&abvar=28 HTTP/1.1
Host: coliassfeurytheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:22 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

coliassfeurytheme.com/solid.gif?z=1831526&abvar=0

62.122.171.6

200 OK

43 B

URL HTTP/2
coliassfeurytheme.com/solid.gif?z=1831526&abvar=0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=1831526&abvar=0 HTTP/1.1
Host: coliassfeurytheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:22 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5099
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:35:22 GMT
Last-Modified: Mon, 26 Sep 2022 13:10:23 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:35:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:35:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/mulish/v12/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2

142.250.74.163

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/mulish/v12/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
12 kB (11779 bytes)
Hash
e1c4bc29f06e41c182ebbb54d18ca49f
6ed2ce4b4da956dc9f6ade1fab5a8a23f87eb831
3631b8ecb9973d084ae7f523e51fcb261aa00f16b5cf43aac4c259550df45f42

HTTP Headers

GET /s/mulish/v12/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11232
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 03:24:49 GMT
expires: Tue, 26 Sep 2023 03:24:49 GMT
cache-control: public, max-age=31536000
age: 40233
last-modified: Mon, 11 Jul 2022 19:08:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.163

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:32:09 GMT
expires: Thu, 21 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 414193
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:35:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
53c8ab2a5cefc5d1a41ab47047afbd93
fdb8c2835f96cb4ffe6a97e3a95d19afe1cc269e
cf6f6451fbcad3628dfdfdf006955b804c184869a75cb25395c71df099d2d45c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF6F6451FBCAD3628DFDFDF006955B804C184869A75CB25395C71DF099D2D45C"
Last-Modified: Sat, 24 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5177
Expires: Mon, 26 Sep 2022 16:01:39 GMT
Date: Mon, 26 Sep 2022 14:35:22 GMT
Connection: keep-alive

push.services.mozilla.com/

52.41.98.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.98.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2+o0r1E1YeEASNhgvCMWJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6LGec6GoXYhzzLcfQTUVgZEt7aA=

limurol.com/ssp/req/1808823/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=lSdfZ7m9hBEG1lJrWoDAkQqmrmWIFWMD2jZGYtT19vgfCYvvmI9gDCAsn6f5UK076DfDmJZBaJhqu7SkSVF9iDmaKDj1AsXJfvGsqPHk6ON7XGRcHF3-1E08wMSSAefloTSAvitrjEfHYSfjNneKuae1YzYeu6kDewtHoRe9LWrjRLjqnnhWcpA4ehGzRBetll_xCpaYBSBomIkFqcAGniHnSyqCt-j7CL5XX1b2xeHtPzH4ss0XZCVlVwEgNo5I40KTBT1TAJ8nH2_ZZb4CKvZ9DM82zXvGCya9RATluy1DuQHtSTf9LwVsV3gUEtpJsCPeEnG7XT7Fsti0qAffCU8pzCsNR3O4k2nAds8Pv4pMOWxcqGuGTF-Kvgd830lSxT-92jNoBAwcVxZ2OYHpYx804YdU_wtnMEux1mWCIiIvS79hKn8eOeKzGNqZ2_XmhXVHEitTu_-POoykrwzNEIwXAj6iPf7peo8yFqS_4_K6yKHs_EdprBi_P6DchvUMbjjdD5TZev7W8XbU8yNZO-oP8a37qAzsdF69l4UbU7BKl099zG3ysoW_6jiPRmVYhxQqP80GYbDFqaJnwjVmuJskEA==&cb=_clytrs1je8eb8s1799xdae&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1808823/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=lSdfZ7m9hBEG1lJrWoDAkQqmrmWIFWMD2jZGYtT19vgfCYvvmI9gDCAsn6f5UK076DfDmJZBaJhqu7SkSVF9iDmaKDj1AsXJfvGsqPHk6ON7XGRcHF3-1E08wMSSAefloTSAvitrjEfHYSfjNneKuae1YzYeu6kDewtHoRe9LWrjRLjqnnhWcpA4ehGzRBetll_xCpaYBSBomIkFqcAGniHnSyqCt-j7CL5XX1b2xeHtPzH4ss0XZCVlVwEgNo5I40KTBT1TAJ8nH2_ZZb4CKvZ9DM82zXvGCya9RATluy1DuQHtSTf9LwVsV3gUEtpJsCPeEnG7XT7Fsti0qAffCU8pzCsNR3O4k2nAds8Pv4pMOWxcqGuGTF-Kvgd830lSxT-92jNoBAwcVxZ2OYHpYx804YdU_wtnMEux1mWCIiIvS79hKn8eOeKzGNqZ2_XmhXVHEitTu_-POoykrwzNEIwXAj6iPf7peo8yFqS_4_K6yKHs_EdprBi_P6DchvUMbjjdD5TZev7W8XbU8yNZO-oP8a37qAzsdF69l4UbU7BKl099zG3ysoW_6jiPRmVYhxQqP80GYbDFqaJnwjVmuJskEA==&cb=_clytrs1je8eb8s1799xdae&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ssp/req/1808823/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=lSdfZ7m9hBEG1lJrWoDAkQqmrmWIFWMD2jZGYtT19vgfCYvvmI9gDCAsn6f5UK076DfDmJZBaJhqu7SkSVF9iDmaKDj1AsXJfvGsqPHk6ON7XGRcHF3-1E08wMSSAefloTSAvitrjEfHYSfjNneKuae1YzYeu6kDewtHoRe9LWrjRLjqnnhWcpA4ehGzRBetll_xCpaYBSBomIkFqcAGniHnSyqCt-j7CL5XX1b2xeHtPzH4ss0XZCVlVwEgNo5I40KTBT1TAJ8nH2_ZZb4CKvZ9DM82zXvGCya9RATluy1DuQHtSTf9LwVsV3gUEtpJsCPeEnG7XT7Fsti0qAffCU8pzCsNR3O4k2nAds8Pv4pMOWxcqGuGTF-Kvgd830lSxT-92jNoBAwcVxZ2OYHpYx804YdU_wtnMEux1mWCIiIvS79hKn8eOeKzGNqZ2_XmhXVHEitTu_-POoykrwzNEIwXAj6iPf7peo8yFqS_4_K6yKHs_EdprBi_P6DchvUMbjjdD5TZev7W8XbU8yNZO-oP8a37qAzsdF69l4UbU7BKl099zG3ysoW_6jiPRmVYhxQqP80GYbDFqaJnwjVmuJskEA==&cb=_clytrs1je8eb8s1799xdae&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:22 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2209260935bf3008720b914e01908d5c040e; Path=/; Expires=Tue, 26 Sep 2023 14:35:22 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

academyenrage.com/e7/cf/e5/e7cfe544518aace9f643b4f7f49e840d.js

192.243.59.20

200 OK

13 kB

URL HTTP/1.1
academyenrage.com/e7/cf/e5/e7cfe544518aace9f643b4f7f49e840d.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37112), with no line terminators
Size
13 kB (13394 bytes)
Hash
f8ee0cee90f7a0304972e5267ae223cd
51ddda7152bbf779e23bac97834bc0339f717a46
2ba0b1edfdecc3978a981880ed68e2664f60eb7b819e0fefed88830a70e447d8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e7/cf/e5/e7cfe544518aace9f643b4f7f49e840d.js HTTP/1.1
Host: academyenrage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 14:35:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5750a9fda01a5d2100c441b37fe9e35c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

limurol.com/ssp/req/1831526/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=wKFyg55XbKVY-u0Zdihjn2C_lNk4VyyoAUTvNM6X0WijMknjbC5wJDmYcZ3CiSO_e0P3lNj8KrvHezAWrkYD7uJfAqz93ABXg61Qr9z7dUvhJwqei90UO2IPlqwkhbN38dFj-KS8zPotLN7fqXLzI-L-o4nRHYXqIaj341bgnu4JRLuMCp07BeV3Tsbp1IGLH2Xa3Yuz1N7xJajpIIJnSxXhtWAEUXrH5CeYvSQlE0gCYmVAIuXSaECKxPky7MFUF9_0ZBCKlbsgLra6WWYxKu73tDkLMjvLdrUptX2kizV8OuhfDXuW-Qbh0T5IS33aB2uixJ4Svw-sLF3C_2sqXJLp64Smr9SouuGkTRXeenmGd0eDcydTuWnY-4-5jaQsz3Y59efe6b9mbrLQV-OrlhurIHcsulOFYdZNxFG0-6J0gK0o4mi3QIS4JylA1UyHtdW-BAHxdWGd0lz4tUIV58XZ8cOi9VCGVrx8zXAnaKgi-j_V8YbYopoQmXUVKG0Z2iQHA9lO6m22vFO2vIhuYPG7m9zKNSTRSA==&cb=_cl378qewlz8a9oxeyj62eg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1831526/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=wKFyg55XbKVY-u0Zdihjn2C_lNk4VyyoAUTvNM6X0WijMknjbC5wJDmYcZ3CiSO_e0P3lNj8KrvHezAWrkYD7uJfAqz93ABXg61Qr9z7dUvhJwqei90UO2IPlqwkhbN38dFj-KS8zPotLN7fqXLzI-L-o4nRHYXqIaj341bgnu4JRLuMCp07BeV3Tsbp1IGLH2Xa3Yuz1N7xJajpIIJnSxXhtWAEUXrH5CeYvSQlE0gCYmVAIuXSaECKxPky7MFUF9_0ZBCKlbsgLra6WWYxKu73tDkLMjvLdrUptX2kizV8OuhfDXuW-Qbh0T5IS33aB2uixJ4Svw-sLF3C_2sqXJLp64Smr9SouuGkTRXeenmGd0eDcydTuWnY-4-5jaQsz3Y59efe6b9mbrLQV-OrlhurIHcsulOFYdZNxFG0-6J0gK0o4mi3QIS4JylA1UyHtdW-BAHxdWGd0lz4tUIV58XZ8cOi9VCGVrx8zXAnaKgi-j_V8YbYopoQmXUVKG0Z2iQHA9lO6m22vFO2vIhuYPG7m9zKNSTRSA==&cb=_cl378qewlz8a9oxeyj62eg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ssp/req/1831526/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=wKFyg55XbKVY-u0Zdihjn2C_lNk4VyyoAUTvNM6X0WijMknjbC5wJDmYcZ3CiSO_e0P3lNj8KrvHezAWrkYD7uJfAqz93ABXg61Qr9z7dUvhJwqei90UO2IPlqwkhbN38dFj-KS8zPotLN7fqXLzI-L-o4nRHYXqIaj341bgnu4JRLuMCp07BeV3Tsbp1IGLH2Xa3Yuz1N7xJajpIIJnSxXhtWAEUXrH5CeYvSQlE0gCYmVAIuXSaECKxPky7MFUF9_0ZBCKlbsgLra6WWYxKu73tDkLMjvLdrUptX2kizV8OuhfDXuW-Qbh0T5IS33aB2uixJ4Svw-sLF3C_2sqXJLp64Smr9SouuGkTRXeenmGd0eDcydTuWnY-4-5jaQsz3Y59efe6b9mbrLQV-OrlhurIHcsulOFYdZNxFG0-6J0gK0o4mi3QIS4JylA1UyHtdW-BAHxdWGd0lz4tUIV58XZ8cOi9VCGVrx8zXAnaKgi-j_V8YbYopoQmXUVKG0Z2iQHA9lO6m22vFO2vIhuYPG7m9zKNSTRSA==&cb=_cl378qewlz8a9oxeyj62eg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:22 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=220926093536e1b21941f545c6a3a3008db9; Path=/; Expires=Tue, 26 Sep 2023 14:35:22 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
d4b6754623c703f8f659ab34993db691
afe4c2d19ed5b935cee021d22ffcc087cb28bc5a
ab870c0885ad500c1311869458cff15e32783b8f83d0e441fea398ae60431cae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2526
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:35:22 GMT
Last-Modified: Mon, 26 Sep 2022 13:53:16 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
e6cc8d18632fa35acd3fd25dbfd9e947
b7bf2efc706dfbbb1c09923600b0e4bd4e768d4b
9e08b27e4fca30c3c4ef7bcb4e2cf509cd44d18f80687317f55659ff55cad152

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 14:35:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 05:56:49 GMT
Expires: Sun, 02 Oct 2022 05:56:48 GMT
Etag: "b7bf2efc706dfbbb1c09923600b0e4bd4e768d4b"
Cache-Control: max-age=486685,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750cb9cbdd97b527-OSL

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1808823/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=lSdfZ7m9hBEG1lJrWoDAkQqmrmWIFWMD2jZGYtT19vgfCYvvmI9gDCAsn6f5UK076DfDmJZBaJhqu7SkSVF9iDmaKDj1AsXJfvGsqPHk6ON7XGRcHF3-1E08wMSSAefloTSAvitrjEfHYSfjNneKuae1YzYeu6kDewtHoRe9LWrjRLjqnnhWcpA4ehGzRBetll_xCpaYBSBomIkFqcAGniHnSyqCt-j7CL5XX1b2xeHtPzH4ss0XZCVlVwEgNo5I40KTBT1TAJ8nH2_ZZb4CKvZ9DM82zXvGCya9RATluy1DuQHtSTf9LwVsV3gUEtpJsCPeEnG7XT7Fsti0qAffCU8pzCsNR3O4k2nAds8Pv4pMOWxcqGuGTF-Kvgd830lSxT-92jNoBAwcVxZ2OYHpYx804YdU_wtnMEux1mWCIiIvS79hKn8eOeKzGNqZ2_XmhXVHEitTu_-POoykrwzNEIwXAj6iPf7peo8yFqS_4_K6yKHs_EdprBi_P6DchvUMbjjdD5TZev7W8XbU8yNZO-oP8a37qAzsdF69l4UbU7BKl099zG3ysoW_6jiPRmVYhxQqP80GYbDFqaJnwjVmuJskEA==&cb=_clytrs1je8eb8s1799xdae&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ssp/req/1808823/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=lSdfZ7m9hBEG1lJrWoDAkQqmrmWIFWMD2jZGYtT19vgfCYvvmI9gDCAsn6f5UK076DfDmJZBaJhqu7SkSVF9iDmaKDj1AsXJfvGsqPHk6ON7XGRcHF3-1E08wMSSAefloTSAvitrjEfHYSfjNneKuae1YzYeu6kDewtHoRe9LWrjRLjqnnhWcpA4ehGzRBetll_xCpaYBSBomIkFqcAGniHnSyqCt-j7CL5XX1b2xeHtPzH4ss0XZCVlVwEgNo5I40KTBT1TAJ8nH2_ZZb4CKvZ9DM82zXvGCya9RATluy1DuQHtSTf9LwVsV3gUEtpJsCPeEnG7XT7Fsti0qAffCU8pzCsNR3O4k2nAds8Pv4pMOWxcqGuGTF-Kvgd830lSxT-92jNoBAwcVxZ2OYHpYx804YdU_wtnMEux1mWCIiIvS79hKn8eOeKzGNqZ2_XmhXVHEitTu_-POoykrwzNEIwXAj6iPf7peo8yFqS_4_K6yKHs_EdprBi_P6DchvUMbjjdD5TZev7W8XbU8yNZO-oP8a37qAzsdF69l4UbU7BKl099zG3ysoW_6jiPRmVYhxQqP80GYbDFqaJnwjVmuJskEA==&cb=_clytrs1je8eb8s1799xdae&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:23 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22092609351291c2a560ba47c19484e8308b; Path=/; Expires=Tue, 26 Sep 2023 14:35:22 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ee09b6ab7cfd6fb00b3abacbba58e7bc
4903c09b843081d2e873e272515d2ac8751a0461
92828a32c13bba32c5986661a9570f69f67020c43f452302d7501f159905b731

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 14:35:23 GMT
Last-Modified: Mon, 26 Sep 2022 13:40:51 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: safIr0DKD8NgZk7thTuegiVYxgF1gBNqQ368p8U6DxOrQ3BcSA0LsQ==
Age: 3272

simplewebanalysis.com/stats

3.66.118.16

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.66.118.16:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
bb3407e43746617cfa74e1c2f8b82e3e
8c3df1417626359abf7c83e36b45609a5417d8ec
8414be0bf0e3b4e70a0177d584f5061b2ecdf6f2cdea1b21daf6ac091d80c864

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://qhentai.net
access-control-allow-credentials: true
set-cookie: uid_id2=e29172cc-2c6f-4f95-984a-021478cfb372:3:1; expires=Thu, 23 Sep 2032 14:35:23 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
d4b6754623c703f8f659ab34993db691
afe4c2d19ed5b935cee021d22ffcc087cb28bc5a
ab870c0885ad500c1311869458cff15e32783b8f83d0e441fea398ae60431cae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2527
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:35:23 GMT
Last-Modified: Mon, 26 Sep 2022 13:53:16 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

t.dtscout.com/i/?l=https%3A%2F%2Fqhentai.net%2F&j=

158.69.139.238

200 OK

2.1 kB

URL HTTP/1.1
t.dtscout.com/i/?l=https%3A%2F%2Fqhentai.net%2F&j=
IP
158.69.139.238:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (2077)
Size
2.1 kB (2079 bytes)
Hash
51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c

HTTP Headers

GET /i/?l=https%3A%2F%2Fqhentai.net%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 26 Sep 2022 14:35:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: mtl2
Set-Cookie: m=1; Domain=dtscout.com; Expires=Mon, 26-Sep-2022 15:58:43 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Mon, 26-Sep-2022 18:35:23 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1664202923; Domain=dtscout.com; Expires=Wed, 04-Jan-2023 14:35:23 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 5.323
Expires: Mon, 26 Sep 2022 14:35:22 GMT
Cache-Control: no-cache

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1831526/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=wKFyg55XbKVY-u0Zdihjn2C_lNk4VyyoAUTvNM6X0WijMknjbC5wJDmYcZ3CiSO_e0P3lNj8KrvHezAWrkYD7uJfAqz93ABXg61Qr9z7dUvhJwqei90UO2IPlqwkhbN38dFj-KS8zPotLN7fqXLzI-L-o4nRHYXqIaj341bgnu4JRLuMCp07BeV3Tsbp1IGLH2Xa3Yuz1N7xJajpIIJnSxXhtWAEUXrH5CeYvSQlE0gCYmVAIuXSaECKxPky7MFUF9_0ZBCKlbsgLra6WWYxKu73tDkLMjvLdrUptX2kizV8OuhfDXuW-Qbh0T5IS33aB2uixJ4Svw-sLF3C_2sqXJLp64Smr9SouuGkTRXeenmGd0eDcydTuWnY-4-5jaQsz3Y59efe6b9mbrLQV-OrlhurIHcsulOFYdZNxFG0-6J0gK0o4mi3QIS4JylA1UyHtdW-BAHxdWGd0lz4tUIV58XZ8cOi9VCGVrx8zXAnaKgi-j_V8YbYopoQmXUVKG0Z2iQHA9lO6m22vFO2vIhuYPG7m9zKNSTRSA==&cb=_cl378qewlz8a9oxeyj62eg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ssp/req/1831526/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=wKFyg55XbKVY-u0Zdihjn2C_lNk4VyyoAUTvNM6X0WijMknjbC5wJDmYcZ3CiSO_e0P3lNj8KrvHezAWrkYD7uJfAqz93ABXg61Qr9z7dUvhJwqei90UO2IPlqwkhbN38dFj-KS8zPotLN7fqXLzI-L-o4nRHYXqIaj341bgnu4JRLuMCp07BeV3Tsbp1IGLH2Xa3Yuz1N7xJajpIIJnSxXhtWAEUXrH5CeYvSQlE0gCYmVAIuXSaECKxPky7MFUF9_0ZBCKlbsgLra6WWYxKu73tDkLMjvLdrUptX2kizV8OuhfDXuW-Qbh0T5IS33aB2uixJ4Svw-sLF3C_2sqXJLp64Smr9SouuGkTRXeenmGd0eDcydTuWnY-4-5jaQsz3Y59efe6b9mbrLQV-OrlhurIHcsulOFYdZNxFG0-6J0gK0o4mi3QIS4JylA1UyHtdW-BAHxdWGd0lz4tUIV58XZ8cOi9VCGVrx8zXAnaKgi-j_V8YbYopoQmXUVKG0Z2iQHA9lO6m22vFO2vIhuYPG7m9zKNSTRSA==&cb=_cl378qewlz8a9oxeyj62eg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Cookie: UID=2209260935bf3008720b914e01908d5c040e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:23 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1831526/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=wKFyg55XbKVY-u0Zdihjn2C_lNk4VyyoAUTvNM6X0WijMknjbC5wJDmYcZ3CiSO_e0P3lNj8KrvHezAWrkYD7uJfAqz93ABXg61Qr9z7dUvhJwqei90UO2IPlqwkhbN38dFj-KS8zPotLN7fqXLzI-L-o4nRHYXqIaj341bgnu4JRLuMCp07BeV3Tsbp1IGLH2Xa3Yuz1N7xJajpIIJnSxXhtWAEUXrH5CeYvSQlE0gCYmVAIuXSaECKxPky7MFUF9_0ZBCKlbsgLra6WWYxKu73tDkLMjvLdrUptX2kizV8OuhfDXuW-Qbh0T5IS33aB2uixJ4Svw-sLF3C_2sqXJLp64Smr9SouuGkTRXeenmGd0eDcydTuWnY-4-5jaQsz3Y59efe6b9mbrLQV-OrlhurIHcsulOFYdZNxFG0-6J0gK0o4mi3QIS4JylA1UyHtdW-BAHxdWGd0lz4tUIV58XZ8cOi9VCGVrx8zXAnaKgi-j_V8YbYopoQmXUVKG0Z2iQHA9lO6m22vFO2vIhuYPG7m9zKNSTRSA==&cb=_cl378qewlz8a9oxeyj62eg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ssp/req/1831526/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=wKFyg55XbKVY-u0Zdihjn2C_lNk4VyyoAUTvNM6X0WijMknjbC5wJDmYcZ3CiSO_e0P3lNj8KrvHezAWrkYD7uJfAqz93ABXg61Qr9z7dUvhJwqei90UO2IPlqwkhbN38dFj-KS8zPotLN7fqXLzI-L-o4nRHYXqIaj341bgnu4JRLuMCp07BeV3Tsbp1IGLH2Xa3Yuz1N7xJajpIIJnSxXhtWAEUXrH5CeYvSQlE0gCYmVAIuXSaECKxPky7MFUF9_0ZBCKlbsgLra6WWYxKu73tDkLMjvLdrUptX2kizV8OuhfDXuW-Qbh0T5IS33aB2uixJ4Svw-sLF3C_2sqXJLp64Smr9SouuGkTRXeenmGd0eDcydTuWnY-4-5jaQsz3Y59efe6b9mbrLQV-OrlhurIHcsulOFYdZNxFG0-6J0gK0o4mi3QIS4JylA1UyHtdW-BAHxdWGd0lz4tUIV58XZ8cOi9VCGVrx8zXAnaKgi-j_V8YbYopoQmXUVKG0Z2iQHA9lO6m22vFO2vIhuYPG7m9zKNSTRSA==&cb=_cl378qewlz8a9oxeyj62eg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:23 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22092609355f9eee80ccae4dce9a43bbc4d7; Path=/; Expires=Tue, 26 Sep 2023 14:35:22 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1808823/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=lSdfZ7m9hBEG1lJrWoDAkQqmrmWIFWMD2jZGYtT19vgfCYvvmI9gDCAsn6f5UK076DfDmJZBaJhqu7SkSVF9iDmaKDj1AsXJfvGsqPHk6ON7XGRcHF3-1E08wMSSAefloTSAvitrjEfHYSfjNneKuae1YzYeu6kDewtHoRe9LWrjRLjqnnhWcpA4ehGzRBetll_xCpaYBSBomIkFqcAGniHnSyqCt-j7CL5XX1b2xeHtPzH4ss0XZCVlVwEgNo5I40KTBT1TAJ8nH2_ZZb4CKvZ9DM82zXvGCya9RATluy1DuQHtSTf9LwVsV3gUEtpJsCPeEnG7XT7Fsti0qAffCU8pzCsNR3O4k2nAds8Pv4pMOWxcqGuGTF-Kvgd830lSxT-92jNoBAwcVxZ2OYHpYx804YdU_wtnMEux1mWCIiIvS79hKn8eOeKzGNqZ2_XmhXVHEitTu_-POoykrwzNEIwXAj6iPf7peo8yFqS_4_K6yKHs_EdprBi_P6DchvUMbjjdD5TZev7W8XbU8yNZO-oP8a37qAzsdF69l4UbU7BKl099zG3ysoW_6jiPRmVYhxQqP80GYbDFqaJnwjVmuJskEA==&cb=_clytrs1je8eb8s1799xdae&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ssp/req/1808823/?pb=791b91d8182276239cea77f47e2be2421664210122&psp=lSdfZ7m9hBEG1lJrWoDAkQqmrmWIFWMD2jZGYtT19vgfCYvvmI9gDCAsn6f5UK076DfDmJZBaJhqu7SkSVF9iDmaKDj1AsXJfvGsqPHk6ON7XGRcHF3-1E08wMSSAefloTSAvitrjEfHYSfjNneKuae1YzYeu6kDewtHoRe9LWrjRLjqnnhWcpA4ehGzRBetll_xCpaYBSBomIkFqcAGniHnSyqCt-j7CL5XX1b2xeHtPzH4ss0XZCVlVwEgNo5I40KTBT1TAJ8nH2_ZZb4CKvZ9DM82zXvGCya9RATluy1DuQHtSTf9LwVsV3gUEtpJsCPeEnG7XT7Fsti0qAffCU8pzCsNR3O4k2nAds8Pv4pMOWxcqGuGTF-Kvgd830lSxT-92jNoBAwcVxZ2OYHpYx804YdU_wtnMEux1mWCIiIvS79hKn8eOeKzGNqZ2_XmhXVHEitTu_-POoykrwzNEIwXAj6iPf7peo8yFqS_4_K6yKHs_EdprBi_P6DchvUMbjjdD5TZev7W8XbU8yNZO-oP8a37qAzsdF69l4UbU7BKl099zG3ysoW_6jiPRmVYhxQqP80GYbDFqaJnwjVmuJskEA==&cb=_clytrs1je8eb8s1799xdae&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Cookie: UID=2209260935bf3008720b914e01908d5c040e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:23 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 12:41:09 GMT
expires: Mon, 26 Sep 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 6854
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
deffda2fbf60714b76c498b7f739006a
b5843b4a0150cf071c318d773993c3007b952e7c
d61bcea184a125d4cd76651f9e4d5bfa60b4a81662f06fd51740f7161159fcbc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 14:35:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 05:29:12 GMT
Expires: Sat, 01 Oct 2022 05:29:11 GMT
Etag: "b5843b4a0150cf071c318d773993c3007b952e7c"
Cache-Control: max-age=398627,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750cb9cf5aafb512-OSL

t.dtscout.com/pv/?_a=v&_h=qhentai.net&_ss=2fsm50uetz&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6nh7&_cb=_dtspv.c

158.69.139.238

200 OK

51 B

URL HTTP/1.1
t.dtscout.com/pv/?_a=v&_h=qhentai.net&_ss=2fsm50uetz&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6nh7&_cb=_dtspv.c
IP
158.69.139.238:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
51 B (51 bytes)
Hash
6e74a4f33ccf1778452a7accf73400b7
dfa14f72eb2b4c5a217ec229ce587bffce75c094
a1f930d01fb2a67a9b43569b4f9f468f6b573c520d933c8d496714a78d28e82e

HTTP Headers

GET /pv/?_a=v&_h=qhentai.net&_ss=2fsm50uetz&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6nh7&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Cookie: m=1; oa=1; df=1664202923
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 26 Sep 2022 14:35:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.432
X-C: 0
Expires: Mon, 26 Sep 2022 14:35:22 GMT
Cache-Control: no-cache

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
deffda2fbf60714b76c498b7f739006a
b5843b4a0150cf071c318d773993c3007b952e7c
d61bcea184a125d4cd76651f9e4d5bfa60b4a81662f06fd51740f7161159fcbc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 14:35:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 05:29:12 GMT
Expires: Sat, 01 Oct 2022 05:29:11 GMT
Etag: "b5843b4a0150cf071c318d773993c3007b952e7c"
Cache-Control: max-age=398627,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750cb9cf5a77b527-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e8650a8ac74c7407115a2cc8bb305774
5786e6d532f6a0397d8e9227e608b958e01a1364
d8bb6afb2eddd7882deee11fd43c8caca3844f32c22edb9300225b5c086667f2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8BB6AFB2EDDD7882DEEE11FD43C8CACA3844F32C22EDB9300225B5C086667F2"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4832
Expires: Mon, 26 Sep 2022 15:55:55 GMT
Date: Mon, 26 Sep 2022 14:35:23 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
760e203f71319bb8eeec0cb73938f531
42230e136a99d87c331c83b02daf34464d5378df
c2d89cadc71b65a36bc991d5fde1efbb2f68236161b4f6fad07967846c4c4130

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 14:35:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 11:33:41 GMT
Expires: Sun, 02 Oct 2022 11:33:40 GMT
Etag: "42230e136a99d87c331c83b02daf34464d5378df"
Cache-Control: max-age=506896,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750cb9d14df7b512-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12873
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 14:35:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12873
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 14:35:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12873
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 14:35:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12873
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 14:35:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

8.1 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
8.1 kB (8128 bytes)
Hash
0417304d418999e4da7e946b198d6a1b
b117dec9ebb53178b895aecdcab704a544406850
2f8fda5ca5ee5b7997583648c6a9c04b303b9e4d1c03d54fadb86a199ab6b03c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12873
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 14:35:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8637 bytes)
Hash
d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 58483
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5157 bytes)
Hash
2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 59107
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5980 bytes)
Hash
ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iy0oyFx_T6CEuOQckEzvUQOUo307Jm_OgJzomWlMz9BhgD3eOaysdA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 60391
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13584 bytes)
Hash
2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yl8BCwdlIePsc4gIX4IYH0L6NHipn_5fBsa9nyYy14w0m49jPUYXBw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:51 GMT
age: 59852
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10927 bytes)
Hash
3b6b51846ec2b7d856b7dc12e4d720f4
5a69190a9a778a6979e11fafedd43e1031caf8e2
a497c04d1c9d0be88aa9c288423346e83c6a7b296295387b3b7b855c550492a2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10927
x-amzn-requestid: a4c6c1b1-3777-4410-bef1-5dd2518af86a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCjSEqfIAMF1kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e14-4cdfc5ea1c42120d4a085752;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: b3Zf70hsIlHF67m0hhfBtDxu7FeNv0Z7JY7-Iei61XiGbDOqfKoUGQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 04:00:42 GMT
age: 38081
etag: "5a69190a9a778a6979e11fafedd43e1031caf8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11728 bytes)
Hash
968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 56727
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dictatepantry.com/sbar.json?key=e7cfe544518aace9f643b4f7f49e840d&uuid=e29172cc-2c6f-4f95-984a-021478cfb372%3A3%3A1

192.243.59.20

200 OK

4.3 kB

URL HTTP/1.1
dictatepantry.com/sbar.json?key=e7cfe544518aace9f643b4f7f49e840d&uuid=e29172cc-2c6f-4f95-984a-021478cfb372%3A3%3A1
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (6111), with no line terminators
Size
4.3 kB (4286 bytes)
Hash
25f50ca7396d9e306e1d15c02f75bf34
8d876c575b04a1c8c1be7eb1c769d0efaffc4a39
8495e13deda7b6e6c2975c6f6963489aaa44bb1e2e01b86d726c0d6654386e1f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=e7cfe544518aace9f643b4f7f49e840d&uuid=e29172cc-2c6f-4f95-984a-021478cfb372%3A3%3A1 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 14:35:24 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://qhentai.net
Access-Control-Allow-Origin: https://qhentai.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17621880; expires=Tue, 27 Sep 2022 14:35:23 GMT; secure; SameSite=None
uid_id2=e29172cc-2c6f-4f95-984a-021478cfb372:3:1; expires=Mon, 03 Oct 2022 14:35:23 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 27 Sep 2022 14:35:24 GMT; secure; SameSite=None
uncs=1; expires=Tue, 27 Sep 2022 14:35:24 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 27 Sep 2022 14:35:24 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 27 Sep 2022 14:35:24 GMT; secure; SameSite=None
slece7cfe544518aace9f643b4f7f49e840d=[3520332]; expires=Mon, 26 Sep 2022 14:35:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd7109b31cc975d682082005745826d0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f97fb3901ca271d482507144beb94227
1e11e37741ce260eb4333678fdd1ee977faf4073
9ac322b9a22c80ac8386a51efd64e14349144b1a159471e18689cc729a8ed97f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AC322B9A22C80AC8386A51EFD64E14349144B1A159471E18689CC729A8ED97F"
Last-Modified: Sun, 25 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3484
Expires: Mon, 26 Sep 2022 15:33:28 GMT
Date: Mon, 26 Sep 2022 14:35:24 GMT
Connection: keep-alive

whos.amung.us/pingjs/?k=1uevt03ymc&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&c=d&x=https%3A%2F%2Fqhentai.net%2F&y=&a=1&v=27&r=7968

104.22.75.171

200 OK

49 B

URL HTTP/2
whos.amung.us/pingjs/?k=1uevt03ymc&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&c=d&x=https%3A%2F%2Fqhentai.net%2F&y=&a=1&v=27&r=7968
IP
104.22.75.171:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
49 B (49 bytes)
Hash
043c16164953e2ce6d736271e4aaa62c
8e43295b45491cd97641dae0da3882b7e39c74be
7e3326f42a18f91a6e5798a25e07fe9494efc01d7be4eec6f6e30f98a17c0405

HTTP Headers

GET /pingjs/?k=1uevt03ymc&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&c=d&x=https%3A%2F%2Fqhentai.net%2F&y=&a=1&v=27&r=7968 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:23 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750cb9d0bfe815f0-ARN
X-Firefox-Spdy: h2

dictatepantry.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxRut3uTw%2B6EHlQUVdJmDBwUz6e7p6Z5xD8EYswTjZtlV9CbV1dWTMtVdTVX39GS8BBdkBQ%2Bz%2F0HnTbLBbAiKB724yGRB2ICQ8ZSDgUX%2Fg4U9y8wGo9%2Fle1XvFbx63%2FfVdnFGbBT0dOlD1RdS0vlm3a69%2BanjXK2tirTo1Xot%2FzPfu1rT3Xfaft1%2Bq3aNsw0179qObTu2U1sWmseqNz8hIbKDtlNv23XPrTtNDz3937MpLBhqIeqekZcgovHsQ%2BsyBBshTb5b4mYjV9nb7yeFpLnS6EZ7H6cbqSpTJBcw1hbidO9cDWVOlh9ApbtTu1Ddf4ShGBPr1wcI071zkwi7O1OfoQRPEUbPoeyOwOUIgo7A1G2I6IQALML1NaTJvetKl3TzGUsn7JjMPn0CUY7J7B%2BXkSaHi1L0areULHKhUoNeXEH0RhCdEbLiCHn%2FEkR5BJZ%2FCRH9RuafriJNdtaMVBDR6RvcbTuBy9icy%2Fx4zovbzbl2y6Nztut4QYvFYSNwpwEJMYKIR5B8AGpmUBgLhbBQxBaKzEISndaY4ziBHTFqt9qMNaKAh35kOzSIHerYfgsFm%2FxhgDwbgMkBmN5CprewIQbQxS8w6xVMZMHkBN2oQskJSkNQUoJSEJQ5QdmtdiNpXFPdi6QpQue8u%2Be9UQ1V3tmmuyrv8JRsZ2fkxUlw1vN%2F9rDBT2s8YDFvel7TaVHKeDv2vUboxUHstXnLsyMYUUGYS6DGQl%2BMyZWZ%2B8jEmPzvlasI6RGMPAITL4AWr4OWw8C1QdeHXstGP91f52lORa%2BecESqQpbPIt%2B0tuUZeXU6vuaPq%2BDseOHR42uHl%2FuPwXSFTFf4XDwk6Mg7w5uqJDs3VWnI92tZLhLRp5PR3sppzmf2P%2BCbpdLRypIZfPsumxATePARN%2FkqTSORdgy5vyiiiOtlpRknP6%2BYT3h4ozDri4VOi2z1xnvLK0mmuTFCpSNQcWK%2BARNj8n%2Bqpjv72stfQ%2BgRdFEhKY7JeUGoI7BsCya7cG%2FUDLS80ISZhbKohtoNLy6lGBP3ySNIfrxw%2BMUP%2B3f%2FSkHDCob%2F6%2BEF3jZ30NFXQPPbSJMKXV2hKytQOYApZoZ5po8Xfm9MC6G0hqHU1k4otbz7LF4jTmtBo2FTv910goDyIPTcVuw7EaWu57u%2BTxvIzZg5Px38DQAA%2F%2F8BAAD%2F%2F6Ih9VSCBAAA

192.243.59.20

200 OK

7 B

URL HTTP/1.1
dictatepantry.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxRut3uTw%2B6EHlQUVdJmDBwUz6e7p6Z5xD8EYswTjZtlV9CbV1dWTMtVdTVX39GS8BBdkBQ%2Bz%2F0HnTbLBbAiKB724yGRB2ICQ8ZSDgUX%2Fg4U9y8wGo9%2Fle1XvFbx63%2FfVdnFGbBT0dOlD1RdS0vlm3a69%2BanjXK2tirTo1Xot%2FzPfu1rT3Xfaft1%2Bq3aNsw0179qObTu2U1sWmseqNz8hIbKDtlNv23XPrTtNDz3937MpLBhqIeqekZcgovHsQ%2BsyBBshTb5b4mYjV9nb7yeFpLnS6EZ7H6cbqSpTJBcw1hbidO9cDWVOlh9ApbtTu1Ddf4ShGBPr1wcI071zkwi7O1OfoQRPEUbPoeyOwOUIgo7A1G2I6IQALML1NaTJvetKl3TzGUsn7JjMPn0CUY7J7B%2BXkSaHi1L0areULHKhUoNeXEH0RhCdEbLiCHn%2FEkR5BJZ%2FCRH9RuafriJNdtaMVBDR6RvcbTuBy9icy%2Fx4zovbzbl2y6Nztut4QYvFYSNwpwEJMYKIR5B8AGpmUBgLhbBQxBaKzEISndaY4ziBHTFqt9qMNaKAh35kOzSIHerYfgsFm%2FxhgDwbgMkBmN5CprewIQbQxS8w6xVMZMHkBN2oQskJSkNQUoJSEJQ5QdmtdiNpXFPdi6QpQue8u%2Be9UQ1V3tmmuyrv8JRsZ2fkxUlw1vN%2F9rDBT2s8YDFvel7TaVHKeDv2vUboxUHstXnLsyMYUUGYS6DGQl%2BMyZWZ%2B8jEmPzvlasI6RGMPAITL4AWr4OWw8C1QdeHXstGP91f52lORa%2BecESqQpbPIt%2B0tuUZeXU6vuaPq%2BDseOHR42uHl%2FuPwXSFTFf4XDwk6Mg7w5uqJDs3VWnI92tZLhLRp5PR3sppzmf2P%2BCbpdLRypIZfPsumxATePARN%2FkqTSORdgy5vyiiiOtlpRknP6%2BYT3h4ozDri4VOi2z1xnvLK0mmuTFCpSNQcWK%2BARNj8n%2Bqpjv72stfQ%2BgRdFEhKY7JeUGoI7BsCya7cG%2FUDLS80ISZhbKohtoNLy6lGBP3ySNIfrxw%2BMUP%2B3f%2FSkHDCob%2F6%2BEF3jZ30NFXQPPbSJMKXV2hKytQOYApZoZ5po8Xfm9MC6G0hqHU1k4otbz7LF4jTmtBo2FTv910goDyIPTcVuw7EaWu57u%2BTxvIzZg5Px38DQAA%2F%2F8BAAD%2F%2F6Ih9VSCBAAA
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxRut3uTw%2B6EHlQUVdJmDBwUz6e7p6Z5xD8EYswTjZtlV9CbV1dWTMtVdTVX39GS8BBdkBQ%2Bz%2F0HnTbLBbAiKB724yGRB2ICQ8ZSDgUX%2Fg4U9y8wGo9%2Fle1XvFbx63%2FfVdnFGbBT0dOlD1RdS0vlm3a69%2BanjXK2tirTo1Xot%2FzPfu1rT3Xfaft1%2Bq3aNsw0179qObTu2U1sWmseqNz8hIbKDtlNv23XPrTtNDz3937MpLBhqIeqekZcgovHsQ%2BsyBBshTb5b4mYjV9nb7yeFpLnS6EZ7H6cbqSpTJBcw1hbidO9cDWVOlh9ApbtTu1Ddf4ShGBPr1wcI071zkwi7O1OfoQRPEUbPoeyOwOUIgo7A1G2I6IQALML1NaTJvetKl3TzGUsn7JjMPn0CUY7J7B%2BXkSaHi1L0areULHKhUoNeXEH0RhCdEbLiCHn%2FEkR5BJZ%2FCRH9RuafriJNdtaMVBDR6RvcbTuBy9icy%2Fx4zovbzbl2y6Nztut4QYvFYSNwpwEJMYKIR5B8AGpmUBgLhbBQxBaKzEISndaY4ziBHTFqt9qMNaKAh35kOzSIHerYfgsFm%2FxhgDwbgMkBmN5CprewIQbQxS8w6xVMZMHkBN2oQskJSkNQUoJSEJQ5QdmtdiNpXFPdi6QpQue8u%2Be9UQ1V3tmmuyrv8JRsZ2fkxUlw1vN%2F9rDBT2s8YDFvel7TaVHKeDv2vUboxUHstXnLsyMYUUGYS6DGQl%2BMyZWZ%2B8jEmPzvlasI6RGMPAITL4AWr4OWw8C1QdeHXstGP91f52lORa%2BecESqQpbPIt%2B0tuUZeXU6vuaPq%2BDseOHR42uHl%2FuPwXSFTFf4XDwk6Mg7w5uqJDs3VWnI92tZLhLRp5PR3sppzmf2P%2BCbpdLRypIZfPsumxATePARN%2FkqTSORdgy5vyiiiOtlpRknP6%2BYT3h4ozDri4VOi2z1xnvLK0mmuTFCpSNQcWK%2BARNj8n%2Bqpjv72stfQ%2BgRdFEhKY7JeUGoI7BsCya7cG%2FUDLS80ISZhbKohtoNLy6lGBP3ySNIfrxw%2BMUP%2B3f%2FSkHDCob%2F6%2BEF3jZ30NFXQPPbSJMKXV2hKytQOYApZoZ5po8Xfm9MC6G0hqHU1k4otbz7LF4jTmtBo2FTv910goDyIPTcVuw7EaWu57u%2BTxvIzZg5Px38DQAA%2F%2F8BAAD%2F%2F6Ih9VSCBAAA HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Cookie: u_pl=17621880; uid_id2=e29172cc-2c6f-4f95-984a-021478cfb372:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece7cfe544518aace9f643b4f7f49e840d=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 14:35:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 66f951243faa6e767fc8a2dd4a89d3ac
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5719
Expires: Mon, 26 Sep 2022 16:10:43 GMT
Date: Mon, 26 Sep 2022 14:35:24 GMT
Connection: keep-alive

cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html

45.133.44.3

200 OK

536 B

URL HTTP/2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP
45.133.44.3:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
536 B (536 bytes)
Hash
cf7ee8349b818a3cd1fadd8d77db37d1
60e1a9ba542dbfaa699d3372d5659fd6fc74a88f
b2cb0aed6f41894e66409921d8fb1537ab5c94dcc15907d71a5eb59a64745999

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:24 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 26 Sep 2022 15:35:24 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

1.2 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, max compression\012- data
Size
1.2 kB (1163 bytes)
Hash
0ac73bf7b357612de4a280d444a59d60
fc222ba82d8921a58b32554a54b27aebdbef37f6
17a7761feb8318eca58faf4fe8f28b5e6020f93e525d7f4b3e84cb06848338fe

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B0151B6A2C52676AB8DE2403C9D6854439051654EACEA98975C1AE070659439"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11354
Expires: Mon, 26 Sep 2022 17:44:38 GMT
Date: Mon, 26 Sep 2022 14:35:24 GMT
Connection: keep-alive

cdn.cloudimagesb.com/si/e2/d0/7c/e2d07cfc54a4a2629ecb06a4ac9d023c/1658144633.jpg

45.133.44.9

200 OK

13 kB

URL HTTP/2
cdn.cloudimagesb.com/si/e2/d0/7c/e2d07cfc54a4a2629ecb06a4ac9d023c/1658144633.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (12632 bytes)
Hash
9a26092fd440aa10142a9e87e8370c2c
b1c33219c136dc2ee76d081d02f0cb9c15032f41
ef6e3d4a4df9d2c4f104857ab7b5b545e6f3e6c0dda989d6fcd0707513136445

HTTP Headers

GET /si/e2/d0/7c/e2d07cfc54a4a2629ecb06a4ac9d023c/1658144633.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:24 GMT
content-type: image/jpeg
content-length: 12632
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:44:01 GMT
etag: "62d54781-3158"
expires: Wed, 28 Sep 2022 14:35:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5719
Expires: Mon, 26 Sep 2022 16:10:43 GMT
Date: Mon, 26 Sep 2022 14:35:24 GMT
Connection: keep-alive

cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg

172.64.201.2

200 OK

585 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP
172.64.201.2:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
585 B (585 bytes)
Hash
bce897c680cae17c899994ba9f1a68da
698c9fbcd96ab6e61b7bb9b6039eb439a24839fd
8313e273fc788c1d37c114316ecf3b22cc7cd3c65c8585acc9c6b3595dd06734

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:24 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4681864
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrBcohb9AUQGSl0vTZcYRxRui78N85dR1BbyLUnnM4ZJ9Vpuiz4ntzZ%2BJ%2FXQPkAsZZ%2Bi1H7qax162OCdAjZFKW%2BOgo8xnyWKf632kbnBXW3qONizD3BddSirvWsXeRK06Zo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750cb9d51cc27756-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=348

192.243.59.20

200 OK

0 B

URL HTTP/1.1
dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=348
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=348 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Cookie: u_pl=17621880; uid_id2=e29172cc-2c6f-4f95-984a-021478cfb372:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece7cfe544518aace9f643b4f7f49e840d=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 14:35:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

de.tynt.com/deb/v2?id=w!c0p2get2un~w!1uevt03ymc&dn=TC&cc=1&r=

67.202.105.32

200 OK

4 B

URL HTTP/2
de.tynt.com/deb/v2?id=w!c0p2get2un~w!1uevt03ymc&dn=TC&cc=1&r=
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

HTTP Headers

GET /deb/v2?id=w!c0p2get2un~w!1uevt03ymc&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=86400
expires: Tue, 27 Sep 2022 14:35:24 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Mon, 26 Sep 2022 14:35:24 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&cu=https%3A%2F%2Fqhentai.net%2F

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&cu=https%3A%2F%2Fqhentai.net%2F
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&cu=https%3A%2F%2Fqhentai.net%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 26 Sep 2022 14:35:24 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=465

192.243.59.20

200 OK

0 B

URL HTTP/1.1
dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=465
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=465 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Cookie: u_pl=17621880; uid_id2=e29172cc-2c6f-4f95-984a-021478cfb372:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece7cfe544518aace9f643b4f7f49e840d=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 14:35:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 414076
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 414076
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dictatepantry.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3uTw%2FaIHlQUVdJmDBwUz6e7p%2BeUegjFmCcbNsqvoTaqrqidlqruaqu7pyXgJLsgKHmb%2Fg86bZIPZEBQPenGRyYKwASHjKQcDi%2F4HC3uWmQ1GP5fPq3qv4NX7fL7azs%2BIi5yeLn2o%2B1IpOl%2BvupU3P%2FW8q5VVmeS9Sq%2FV%2BKwRXK2Y7jvtRtV9q3JNsA0977ue63quV1mWRkS6Nz8hIdODtldtu9XAr3r1AD3z37PNHVjqgHfPyEuQfDz70LkMyUZI4u%2BWhN3IdPr2%2B3GuaKYNunzv42Qj0UWC%2BAJGxkGU7J2roe3J8gPoZHdqF7r7jzCUY%2BL8%2BgBhsnduEmF3Z%2BozVBAJQv4ciu4IQo0g6QhM34bkJwRgHNfXkMT3rmtT0M1nLJ2wYzL79AlkMSazf1xGEh8uKtmr3NIqz6ROLHpRCdkbQXZGSPMjZP1LkMURWPYlJP%2BNzD9dRRLvrFmlIfnpG8Jve02fsTmfNaK5IGrX59qtgM65vhc0WywKa01%2FGpCUI8hoBCUGoHYGuXWQSwd55CBPHcT8tMI8z2u6nFG31WasxpsibHDXo83Io57baCFnkz8MkKUDMDUAM1tIzRY25AAm%2FwV2vYTlDmxG0OUlCkFQWIKCEhSSoMgIim65y5X1bXmPK5uH3nn3z3utHOqss013ddYRCdlOz8iLk%2BCc5%2F%2FsYUOcVkSTRaIeBHWvRSkT7agR1MIgakZBW7QCl8PKEtJeArUO%2BnJMrszcRyrH5H%2BvXEVIj2DVEZh8ATR%2FHbQYNn0XdH0YtFz0k%2F11kWRU9qqxANcl0mwW2aazrc7Iq9Px1X9chWDHC48eXzu83H8MZkqkpsTn8iFBR90Z3tQF2bmpC0u%2BX0szGcs%2BnYz2VkYzMbP%2FgdgstOErS3bw7btsQkzgwUfCZqs04TLpWHJ%2FUXIuzLI2TJCfV%2BwnIryR2%2FXF3CR5unrjveWVODXCWqmTEag8sd%2BAyTH5P9XTnX3t5a8hzQgmLxHnx%2BS8IPURWLoFm164t3oGRl1owtRBkZdD44cXl0qOif%2FkEZQ4Xjj84of9u38loGEJK%2F718AJv2zvomCug2W0kcYmuKdFVJagawOYzwyw1xwu%2F16aFUDnDUBlnJ1RG3X0Wr5WnlZrLm6GIRDMUQT2IBONhvR66LGJhjbdaDJkdM%2B%2Bng78BAAD%2F%2FwEAAP%2F%2FIvUgvIIEAAA%3D

192.243.59.20

200 OK

7 B

URL HTTP/1.1
dictatepantry.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3uTw%2FaIHlQUVdJmDBwUz6e7p%2BeUegjFmCcbNsqvoTaqrqidlqruaqu7pyXgJLsgKHmb%2Fg86bZIPZEBQPenGRyYKwASHjKQcDi%2F4HC3uWmQ1GP5fPq3qv4NX7fL7azs%2BIi5yeLn2o%2B1IpOl%2BvupU3P%2FW8q5VVmeS9Sq%2FV%2BKwRXK2Y7jvtRtV9q3JNsA0977ue63quV1mWRkS6Nz8hIdODtldtu9XAr3r1AD3z37PNHVjqgHfPyEuQfDz70LkMyUZI4u%2BWhN3IdPr2%2B3GuaKYNunzv42Qj0UWC%2BAJGxkGU7J2roe3J8gPoZHdqF7r7jzCUY%2BL8%2BgBhsnduEmF3Z%2BozVBAJQv4ciu4IQo0g6QhM34bkJwRgHNfXkMT3rmtT0M1nLJ2wYzL79AlkMSazf1xGEh8uKtmr3NIqz6ROLHpRCdkbQXZGSPMjZP1LkMURWPYlJP%2BNzD9dRRLvrFmlIfnpG8Jve02fsTmfNaK5IGrX59qtgM65vhc0WywKa01%2FGpCUI8hoBCUGoHYGuXWQSwd55CBPHcT8tMI8z2u6nFG31WasxpsibHDXo83Io57baCFnkz8MkKUDMDUAM1tIzRY25AAm%2FwV2vYTlDmxG0OUlCkFQWIKCEhSSoMgIim65y5X1bXmPK5uH3nn3z3utHOqss013ddYRCdlOz8iLk%2BCc5%2F%2FsYUOcVkSTRaIeBHWvRSkT7agR1MIgakZBW7QCl8PKEtJeArUO%2BnJMrszcRyrH5H%2BvXEVIj2DVEZh8ATR%2FHbQYNn0XdH0YtFz0k%2F11kWRU9qqxANcl0mwW2aazrc7Iq9Px1X9chWDHC48eXzu83H8MZkqkpsTn8iFBR90Z3tQF2bmpC0u%2BX0szGcs%2BnYz2VkYzMbP%2FgdgstOErS3bw7btsQkzgwUfCZqs04TLpWHJ%2FUXIuzLI2TJCfV%2BwnIryR2%2FXF3CR5unrjveWVODXCWqmTEag8sd%2BAyTH5P9XTnX3t5a8hzQgmLxHnx%2BS8IPURWLoFm164t3oGRl1owtRBkZdD44cXl0qOif%2FkEZQ4Xjj84of9u38loGEJK%2F718AJv2zvomCug2W0kcYmuKdFVJagawOYzwyw1xwu%2F16aFUDnDUBlnJ1RG3X0Wr5WnlZrLm6GIRDMUQT2IBONhvR66LGJhjbdaDJkdM%2B%2Bng78BAAD%2F%2FwEAAP%2F%2FIvUgvIIEAAA%3D
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3uTw%2FaIHlQUVdJmDBwUz6e7p%2BeUegjFmCcbNsqvoTaqrqidlqruaqu7pyXgJLsgKHmb%2Fg86bZIPZEBQPenGRyYKwASHjKQcDi%2F4HC3uWmQ1GP5fPq3qv4NX7fL7azs%2BIi5yeLn2o%2B1IpOl%2BvupU3P%2FW8q5VVmeS9Sq%2FV%2BKwRXK2Y7jvtRtV9q3JNsA0977ue63quV1mWRkS6Nz8hIdODtldtu9XAr3r1AD3z37PNHVjqgHfPyEuQfDz70LkMyUZI4u%2BWhN3IdPr2%2B3GuaKYNunzv42Qj0UWC%2BAJGxkGU7J2roe3J8gPoZHdqF7r7jzCUY%2BL8%2BgBhsnduEmF3Z%2BozVBAJQv4ciu4IQo0g6QhM34bkJwRgHNfXkMT3rmtT0M1nLJ2wYzL79AlkMSazf1xGEh8uKtmr3NIqz6ROLHpRCdkbQXZGSPMjZP1LkMURWPYlJP%2BNzD9dRRLvrFmlIfnpG8Jve02fsTmfNaK5IGrX59qtgM65vhc0WywKa01%2FGpCUI8hoBCUGoHYGuXWQSwd55CBPHcT8tMI8z2u6nFG31WasxpsibHDXo83Io57baCFnkz8MkKUDMDUAM1tIzRY25AAm%2FwV2vYTlDmxG0OUlCkFQWIKCEhSSoMgIim65y5X1bXmPK5uH3nn3z3utHOqss013ddYRCdlOz8iLk%2BCc5%2F%2FsYUOcVkSTRaIeBHWvRSkT7agR1MIgakZBW7QCl8PKEtJeArUO%2BnJMrszcRyrH5H%2BvXEVIj2DVEZh8ATR%2FHbQYNn0XdH0YtFz0k%2F11kWRU9qqxANcl0mwW2aazrc7Iq9Px1X9chWDHC48eXzu83H8MZkqkpsTn8iFBR90Z3tQF2bmpC0u%2BX0szGcs%2BnYz2VkYzMbP%2FgdgstOErS3bw7btsQkzgwUfCZqs04TLpWHJ%2FUXIuzLI2TJCfV%2BwnIryR2%2FXF3CR5unrjveWVODXCWqmTEag8sd%2BAyTH5P9XTnX3t5a8hzQgmLxHnx%2BS8IPURWLoFm164t3oGRl1owtRBkZdD44cXl0qOif%2FkEZQ4Xjj84of9u38loGEJK%2F718AJv2zvomCug2W0kcYmuKdFVJagawOYzwyw1xwu%2F16aFUDnDUBlnJ1RG3X0Wr5WnlZrLm6GIRDMUQT2IBONhvR66LGJhjbdaDJkdM%2B%2Bng78BAAD%2F%2FwEAAP%2F%2FIvUgvIIEAAA%3D HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Cookie: u_pl=17621880; uid_id2=e29172cc-2c6f-4f95-984a-021478cfb372:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece7cfe544518aace9f643b4f7f49e840d=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 14:35:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5017a761c9eddb34bb641695484f1d4
Strict-Transport-Security: max-age=0; includeSubdomains

dictatepantry.com/pixel/sbs?c=1

192.243.59.20

200 OK

0 B

URL HTTP/1.1
dictatepantry.com/pixel/sbs?c=1
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Cookie: u_pl=17621880; uid_id2=e29172cc-2c6f-4f95-984a-021478cfb372:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece7cfe544518aace9f643b4f7f49e840d=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 14:35:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20- HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 26 Sep 2022 14:35:24 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 26 Sep 2022 14:35:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 26 Sep 2022 14:35:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 26 Sep 2022 14:35:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0

67.202.105.32

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!c0p2get2un~w!1uevt03ymc&lm=0&ts=1664202921985&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 26 Sep 2022 14:35:25 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
30f7bd40b234f7d4313f4d35ecef68a2
de0049b26d8484ad57bb61d0d84eabf4dae81e1d
536197d9b0247e1899a2d96c85fd95c3d7f2fa592fe5371e0f147a297f372982

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "536197D9B0247E1899A2D96C85FD95C3D7F2FA592FE5371E0F147A297F372982"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2836
Expires: Mon, 26 Sep 2022 15:22:41 GMT
Date: Mon, 26 Sep 2022 14:35:25 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=e29172cc-2c6f-4f95-984a-021478cfb372&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=e7cfe544518aace9f643b4f7f49e840d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14

192.243.61.227

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=e29172cc-2c6f-4f95-984a-021478cfb372&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=e7cfe544518aace9f643b4f7f49e840d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=e29172cc-2c6f-4f95-984a-021478cfb372&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=e7cfe544518aace9f643b4f7f49e840d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 14:35:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9db6219d1e6b4858804d59d9d08874bb
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.tynt.com/tc.js

172.64.151.83

200 OK

0 B

URL HTTP/2
cdn.tynt.com/tc.js
IP
172.64.151.83:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:23 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
vary: Accept-Encoding
etag: W/"62d96946-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 83772
expires: Thu, 29 Sep 2022 14:35:23 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 750cb9d19cadb4eb-OSL
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css

172.64.201.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP
172.64.201.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:24 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfYdyp0MmrE5N5lAzvs3M%2FOzXG0Jgi%2Bqy0t46CmrohYp3X8f4Msz6Rl4hzvzhWhcOw06T0Y30yrrRiIFJF5mt8C6SbKk5zsgIVimF6O9sOuNUZ0vY5I6bGQNc7QBMOyjPSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750cb9d4fc637756-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

qhentai.net/

172.67.179.83

200 OK

0 B

URL HTTP/2
qhentai.net/
IP
172.67.179.83:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: qhentai.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 13:29:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NWVHjr7DVFALVeZ%2Fhyv3RIFdyCKjXo5YZKv9E0R7iI%2B45QzrFJqKU1zct940hYkOgI3c%2BJqOCbfpcKuh2woBQKBpaGP4KnleB8X0HyUljyubpzeti%2Ba00JYFsKVxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750cb9c5a925b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

waust.at/d.js

104.26.4.7

200 OK

0 B

URL HTTP/2
waust.at/d.js
IP
104.26.4.7:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:22 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Aug 2022 18:12:38 GMT
etag: W/"630d0196-397a"
expires: Tue, 27 Sep 2022 14:22:21 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 781
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgchJ8KRv2fhuv3ec7Lbu9w%2BU2BCTxBEwjU%2F8z3%2B880%2F1lSOwg6n7Y4kvYuenB%2FGfkSi07DhYqP6gu%2FzKahEYiPeN38w3yTN5qht981AEG5HhMqr6QcUxdjr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750cb9c7589d1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins%3Awght%40400%3B500%3B600%3B700%7CMulish&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins%3Awght%40400%3B500%3B600%3B700%7CMulish&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins%3Awght%40400%3B500%3B600%3B700%7CMulish&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 14:35:22 GMT
date: Mon, 26 Sep 2022 14:35:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

coliassfeurytheme.com/get/1831526?zoneid=1831526&jp=_clohpyuiou7r9vte9h0uhm&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4612664829992131

62.122.171.6

200 OK

0 B

URL HTTP/2
coliassfeurytheme.com/get/1831526?zoneid=1831526&jp=_clohpyuiou7r9vte9h0uhm&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4612664829992131
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /get/1831526?zoneid=1831526&jp=_clohpyuiou7r9vte9h0uhm&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4612664829992131 HTTP/1.1
Host: coliassfeurytheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=220926093525f76c25e6cd4ea4bb378a98a6; Path=/; Expires=Tue, 26 Sep 2023 14:35:22 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

whos.amung.us/pingjs/?k=c0p2get2un&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&c=d&x=https%3A%2F%2Fqhentai.net%2F&y=&a=0&v=27&r=4294

104.22.75.171

200 OK

0 B

URL HTTP/2
whos.amung.us/pingjs/?k=c0p2get2un&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&c=d&x=https%3A%2F%2Fqhentai.net%2F&y=&a=0&v=27&r=4294
IP
104.22.75.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pingjs/?k=c0p2get2un&t=Read%20Hentai%20Doujinshi%2C%20Manga%20Updated%20Daily%20Free%20-%20QHENTAI.NET%20-&c=d&x=https%3A%2F%2Fqhentai.net%2F&y=&a=0&v=27&r=4294 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:23 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750cb9cfbedd15f0-ARN
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css

172.64.201.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP
172.64.201.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:24 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwvXVgGSp8IbIgs7eoy0krPDFUQlUBWBXCyoA4wEwDJvGEtsJP381OvBLZ8haBs48SJpGZeGLu8u22oAV7dLQpvu9uGCSe%2F7JG0vfjyhxTnva9CxrjmJmvWDNnBc1Bk5TG0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750cb9d4dc307756-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js

172.64.201.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP
172.64.201.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qhentai.net
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:24 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bF5Io1dDqdQoGXf6K3M3I%2BIGZWn3Dz1mVL2T9hHiY49aRQv%2FRwsQL0OnYvVeNX3OL5BB6tm1DWFzZTqehPMpazaBKjSQ8EW7%2F5D5VdQuwigvtpbLe0OOnOmEWAbW%2B%2F6N0o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750cb9d5de4d7756-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coliassfeurytheme.com/get/1808823?zoneid=1808823&jp=_clbe45c6c90a6irbccuey4&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8271839527196376

62.122.171.6

200 OK

0 B

URL HTTP/2
coliassfeurytheme.com/get/1808823?zoneid=1808823&jp=_clbe45c6c90a6irbccuey4&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8271839527196376
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /get/1808823?zoneid=1808823&jp=_clbe45c6c90a6irbccuey4&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8271839527196376 HTTP/1.1
Host: coliassfeurytheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:35:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2209260935012df33fa7024b88ac3e5daa03; Path=/; Expires=Tue, 26 Sep 2023 14:35:22 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

creepingbrings.com/sfp.js

172.64.129.12

200 OK

0 B

URL HTTP/2
creepingbrings.com/sfp.js
IP
172.64.129.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qhentai.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 14:35:23 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 67d8d977bcc0e93fdf724b035d68678a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 26 Sep 2022 14:35:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbNey55uLbRxpch9TWy9NZEOfFo%2BWZuXPiswf34h%2Fp2HSD9QC5kt2A2Q8A83gL%2FNr6QPpS54dbk9NLq5YoHqzvXAo7R352aSsWDSdgbfgIqBm%2BRO5alFUeTOb9%2FiiHkUZiOLxho%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750cb9ccbc5473ff-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML