Report - hentailib.net/p/13938

Report Overview

Submitted URL
hentailib.net/p/13938
IP
104.21.74.37
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-30 22:41:50
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.76.226
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	41 kB	151.101.65.229
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	80 kB	142.250.74.40
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.1 kB	93.184.220.29
external-preview.redd.it	3232	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	122 kB	151.101.193.140
cdn.fluidplayer.com	33284	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	29 kB	205.185.216.10
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.41.253.170
owlunimmvn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	52 kB	62.122.171.6
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
preview.redd.it	3176	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	764 kB	151.101.193.140
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	216.58.211.3
lkpmprksau.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	124 kB	62.122.171.6
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	918 B	76 kB	172.64.132.15
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	77 kB	77.88.21.119
hentailib.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	12 kB	172.67.197.104
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	114 kB	142.250.74.106
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	42 kB	104.16.124.175

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	lkpmprksau.com/lv/esnk/1942066/code.js	Phishing
2022-11-30	medium	lkpmprksau.com/lv/esnk/1942064/code.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	lkpmprksau.com	Sinkholed
2022-11-30	medium	lkpmprksau.com	Sinkholed
2022-11-30	medium	lkpmprksau.com	Sinkholed
2022-11-30	medium	owlunimmvn.com	Sinkholed
2022-11-30	medium	owlunimmvn.com	Sinkholed
2022-11-30	medium	owlunimmvn.com	Sinkholed
2022-11-30	medium	lkpmprksau.com	Sinkholed
2022-11-30	medium	lkpmprksau.com	Sinkholed
2022-11-30	medium	owlunimmvn.com	Sinkholed
2022-11-30	medium	owlunimmvn.com	Sinkholed
2022-11-30	medium	lkpmprksau.com	Sinkholed

JavaScript (19)

	URL	Size	First Seen	Last Seen
	lkpmprksau.com/lv/esnk/1942064/code.js	109 kB	2023-03-11	2023-03-11
Pretty URL lkpmprksau.com/lv/esnk/1942064/code.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:35:27 Last Seen2023-03-11 23:13:11 Times Seen1 Hash dc271b164b1d64d1ae2ef27f622ce255 8237a937f0729d58f861d20828fe065c101d7ef3 dcea2dc75e0865f02a56815128b186e3095540b1f1f8337121acd3146ba2b6ce Loading...

	lkpmprksau.com/lv/esnk/1942066/code.js	109 kB	2023-03-11	2023-03-11
Pretty URL lkpmprksau.com/lv/esnk/1942066/code.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:35:27 Last Seen2023-03-11 23:13:11 Times Seen1 Hash ed7fa6409e7adbe94f8432e479f6255d 09665990caf686743403a0f9753f3d835a45b1f1 0b44fe9ad07aa758af0cf072b75c9fee34ebc0b23f62c2c7eefc4778fcbc9d91 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 08:14:54 Times Seen36954876 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/js/bootstrap.bundle.min.js	80 kB	2023-03-07	2024-04-18
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/js/bootstrap.bundle.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:56 Last Seen2024-04-18 23:00:17 Times Seen379 Hash 042c7b121492b284f48e2a815de85a7a 2dac85f8c54408276a0bf3cffa91dfd4ef7a3f51 05304a8f26373142efa126a87977201cbc22d408c573f151ee2907933e9099f7 Loading...

	owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_1	109 kB	2023-03-11	2023-03-11
Pretty URL owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_1 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:59:03 Last Seen2023-03-11 23:13:11 Times Seen1 Hash 168359abd2914e851e1bd13c75d4dc6d 34f01e58de3d92a7dd0b2fee5356c04d510f6fe0 e20dcfc177d65fd32ad522fc4c2a5554fc1821d296ff788c7d220f83b921a8a9 Loading...

	mc.yandex.ru/metrika/tag.js	214 kB	2023-03-11	2023-03-11
Pretty URL mc.yandex.ru/metrika/tag.js IP 77.88.21.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:05:47 Last Seen2023-03-11 23:40:23 Times Seen1 Hash 69affab62c527f101c5f94ef1d942796 49965ce6a3aedc9ecd5bd84df4f35aed3a350587 5d2aed090d3053f5ce03cf83712c314bb3f8354af47e248f5168983d4c61c60a Loading...

	hentailib.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-04-19
Pretty URL hentailib.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 01:39:50 Times Seen42895 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	hentailib.net/p/13938	439 B	2023-03-11	2023-03-11
Pretty URL hentailib.net/p/13938 IP 172.67.197.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:35:27 Last Seen2023-03-11 23:13:11 Times Seen1 Hash 755e0c93a3971f7d132fda03b72a9e5e 6fdf1dd460338e6b6137a95152f0112016e502ef d29adc9b8cf30e855c35b2d8cbc2adb91757cb34480500e5bfda41009a965219 Loading...

	hentailib.net/p/13938	59 B	2023-03-07	2024-04-18
Pretty URL hentailib.net/p/13938 IP 172.67.197.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-18 15:17:27 Times Seen3601 Hash de7507ad26c6c904109c87dd5dfac288 952cae1ce6ce1e74b010b31b4357424c12a5960c 09f81a5c463b570b389ce0b118a29bf489353d0ae7d47eefee9b9e7b703e0e02 Loading...

	owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_2	109 kB	2023-03-11	2023-03-11
Pretty URL owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_2 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:59:03 Last Seen2023-03-11 23:13:11 Times Seen1 Hash d8742cb59e15bb381f91d8ecb7b5811a d4b97b3d8252f79121cb482928c727d87f48d2a3 da2deef81cb12a4c8982062b210d4a19fc542392f33f7a0b4754b779289478cf Loading...

	owlunimmvn.com/get/1942061?zoneid=1942061&pid=_cb-1942061_2&jp=_clkqceee3pkszzwqzl3j47&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=2&cid=1798285025261698	3.4 kB	2023-03-11	2023-03-11
Pretty URL owlunimmvn.com/get/1942061?zoneid=1942061&pid=_cb-1942061_2&jp=_clkqceee3pkszzwqzl3j47&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=2&cid=1798285025261698 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:13:11 Last Seen2023-03-11 23:13:11 Times Seen1 Hash d7be6a52b7826131fe43373d309f5016 c201f66944046681365fa66b2369088ca99c3b5b 0864d11f28084db56dc6c058c1584c6ea40308969190055f11077e2145e71d2f Loading...

	hentailib.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-19
Pretty URL hentailib.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 07:47:47 Times Seen54540 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	cdn.fluidplayer.com/v2/current/fluidplayer.min.js	126 kB	2023-03-07	2024-04-05
Pretty URL cdn.fluidplayer.com/v2/current/fluidplayer.min.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:52 Last Seen2024-04-05 17:07:49 Times Seen340 Hash 75fe4c766bbf4b39fe3d753e6a2438a0 c08fe1b344edb4f563b019b1d2e4621fd4656a7f 6d35529e97ac48abda83c68a13d780e8505ec839865a7fb84a91fde809cc6f14 Loading...

	hentailib.net/p/13938	426 B	2023-03-11	2023-03-11
Pretty URL hentailib.net/p/13938 IP 172.67.197.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:59:03 Last Seen2023-03-11 23:13:11 Times Seen1 Hash 36463090715c735f3d11c6715db0ab30 31b1dff7d7d876732a2256328797fe094a93e316 405b2f98d22244acd8d9707e3fa44dd5fc4c35d76c99ef7210cd89113b431ed8 Loading...

	hentailib.net/p/13938	408 B	2023-03-11	2023-03-11
Pretty URL hentailib.net/p/13938 IP 172.67.197.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:35:27 Last Seen2023-03-11 23:13:11 Times Seen1 Hash c6e3d4032654361733dfc07923bdbe90 ab58e0170c081e57cdee5df83fa635feb8c60fa6 72c2328d3f876dc57c2ff030c847880185d802dec42005ad34bb371857029389 Loading...

	owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_0	109 kB	2023-03-11	2023-03-11
Pretty URL owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_0 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:59:03 Last Seen2023-03-11 23:13:11 Times Seen1 Hash 4751b3ea27af8782feb17cd16742bc00 8f584d798763538b49b3e420be1ccfee397ed4c9 6bc384082cfb1d47285400bbecc4f7155c016023e99a929a8613c61fe9642f41 Loading...

	hentailib.net/p/13938	153 B	2023-03-11	2023-03-11
Pretty URL hentailib.net/p/13938 IP 172.67.197.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:35:27 Last Seen2023-03-11 23:13:11 Times Seen1 Hash ae91ed2ef8eb36452a849540d92d2926 e7d0feb154b6dfc5e2ba013ace4701dd7565b2c7 de2a2f7d1627f3c9b2000394325f8f98b5300f8ff4c33eec3e7d86156c436ab2 Loading...

	unpkg.com/masonry-layout@4/dist/masonry.pkgd.min.js	24 kB	2023-03-07	2024-04-19
Pretty URL unpkg.com/masonry-layout@4/dist/masonry.pkgd.min.js IP 104.16.124.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-19 08:00:47 Times Seen1464 Hash 520e46df77727aaf3d5e799ef241be02 d20252cf76c3be8af37a8415d13ad368c762b4d8 367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2 Loading...

	unpkg.com/infinite-scroll@3/dist/infinite-scroll.pkgd.min.js	26 kB	2023-03-07	2024-04-16
Pretty URL unpkg.com/infinite-scroll@3/dist/infinite-scroll.pkgd.min.js IP 104.16.124.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:51 Last Seen2024-04-16 04:06:52 Times Seen723 Hash 4dd9a5c6d0be090b107ed878587f0039 c91cf6169d0dcb5e52ab0a48f430b9b6d7bd5620 f3bb8b08d88d8c2aecdcc22d44304bb5011631ed25f7b92ef36e834392cd227b Loading...

HTTP Transactions (75)

URL IP Response Size

hentailib.net/p/13938

172.67.197.104

301 Moved Permanently

0 B

URL HTTP/1.1
hentailib.net/p/13938
IP
172.67.197.104:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/13938 HTTP/1.1
Host: hentailib.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 22:41:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 30 Nov 2022 23:41:38 GMT
Location: https://hentailib.net/p/13938
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bs7WyDtH9mNPChDpPZ%2BwTReo5dYuaL9aI33BC5MDLYJu1PDT%2FEO8creX3sj3WEeeP4thK4KOpZSrDqO%2BdCX1SRMKPrKnTE05ztcNP4cHfMCv1z3Vn90HuNqZXD5cdUVf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7727177789040b02-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11425
Expires: Thu, 01 Dec 2022 01:52:03 GMT
Date: Wed, 30 Nov 2022 22:41:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2374
Expires: Wed, 30 Nov 2022 23:21:12 GMT
Date: Wed, 30 Nov 2022 22:41:38 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6585
Cache-Control: max-age=135566
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 22:41:38 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 12:21:04 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Z1TXZxYlGTttHa9Ae22jEzpIj5YUl67WY8b9Xm21OgN+saEDhoAEx3cU1/+GO9ExX/dicSD+gsRYFhlexR/GfQ==
x-amz-request-id: 6HHABGRM5V50FCAK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 21:45:23 GMT
age: 3375
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 22:18:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1414
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d0b4db60f259742303554de4fdcfaedf
9398ca5fa08a59df4bcda085a5d8c08d95316d33
62275140f0e928834d506e75e0f4b406499e1d63748ef86acea6da9c8a8375bd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "62275140F0E928834D506E75E0F4B406499E1D63748EF86ACEA6DA9C8A8375BD"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Thu, 01 Dec 2022 04:41:08 GMT
Date: Wed, 30 Nov 2022 22:41:38 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 22:08:56 GMT
cache-control: public,max-age=3600
age: 1963
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d0b4db60f259742303554de4fdcfaedf
9398ca5fa08a59df4bcda085a5d8c08d95316d33
62275140f0e928834d506e75e0f4b406499e1d63748ef86acea6da9c8a8375bd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "62275140F0E928834D506E75E0F4B406499E1D63748EF86ACEA6DA9C8A8375BD"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21569
Expires: Thu, 01 Dec 2022 04:41:08 GMT
Date: Wed, 30 Nov 2022 22:41:39 GMT
Connection: keep-alive

cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css

151.101.65.229

200 OK

3.3 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (15598), with no line terminators
Size
3.3 kB (3333 bytes)
Hash
11500bf957fd66824746d1f0878f97d2
2b7f51a848f24af4038faeeae03bbd52cd54cd8b
08d5f11e00ff7e62f31247503f88df2dd947e43405becd03af05dbe3971d567a

HTTP Headers

GET /npm/@fancyapps/ui/dist/fancybox.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.31
x-jsd-version-type: version
etag: W/"3cee-0nBcDQHfsMIPKlPzBhAaX/pebOA"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
age: 14294
x-served-by: cache-fra-eddf8230096-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3333
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/bootstrap.min.css

151.101.65.229

200 OK

23 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/bootstrap.min.css
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65300)
Size
23 kB (22890 bytes)
Hash
77493e970187bd6e1f81ee54f45d97b1
67d66426912a003e54930e46f07c869076a482e4
ac37e1c6843d58febd8e1b631f4f1951d873ff06299c9ec7a625c252cd2782d7

HTTP Headers

GET /npm/bootstrap@5.0.0-beta3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentailib.net
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.0-beta3
x-jsd-version-type: version
etag: W/"25cfb-UcVSpq1X1XvRNJScPVMSiB9RqJM"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
age: 18714268
x-served-by: cache-fra19150-FRA, cache-bma1632-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22890
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css

151.101.65.229

200 OK

12 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
ASCII text
Size
12 kB (12488 bytes)
Hash
db5702be4c936c66e485cc8255456548
f0b1d47264aa3a2ef597142682b908f87119367a
87548a02b4360c94d82d1632ee7667f99493fb553d7a9488a461de06ba3f0db4

HTTP Headers

GET /npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.9.1
x-jsd-version-type: version
etag: W/"15a09-bhLh682YP4SOXCgKt3ZJ7rROdLw"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
age: 11831129
x-served-by: cache-fra19158-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12488
X-Firefox-Spdy: h2

hentailib.net/p/13938

104.21.74.37

200 OK

10 kB

URL HTTP/2
hentailib.net/p/13938
IP
104.21.74.37:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (801)
Size
10 kB (10438 bytes)
Hash
161fbb5b2cbf13e7f0e4b7a5071f209f
d72b498f1461bfebb393c2b520ff89ea0052e348
b327f4dbbc5a5c9bf866bfce00ec4f608c660b983a78962fdea6ca4cfb5af3b7

HTTP Headers

GET /p/13938 HTTP/1.1
Host: hentailib.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0GVLIJtsaKWMKkxcNkM13kjdpVq7sVOPzvFsI8db2It0VsHvM%2B2FIcVNxpZCBEKkx1nvEorwJ7D0YsudyAA3jiMPAUVydYfaHGYIHM6iiqx4ZhAZkDeWN5zM4YUpVYN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7727177a7a32fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

preview.redd.it/3szn7t7o103a1.jpg?width=320&crop=smart&auto=webp&s=b51455d223bdd0abf758f822a7744284253475aa

151.101.193.140

200 OK

20 kB

URL HTTP/2
preview.redd.it/3szn7t7o103a1.jpg?width=320&crop=smart&auto=webp&s=b51455d223bdd0abf758f822a7744284253475aa
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x383, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
20 kB (20154 bytes)
Hash
52b61c3f672e2ff4c204419fffbe1949
ce799ddd06869042686e94688b5ed36790c8f6cb
6c1a766d7c8a0f7d8fd5c116ed83af8dc9b891c30267ad66f6e0fdf53d3a5796

HTTP Headers

GET /3szn7t7o103a1.jpg?width=320&crop=smart&auto=webp&s=b51455d223bdd0abf758f822a7744284253475aa HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "EleeZbogkPJ8P+kDqXb9zjCFyHpWiVUlHsVAotN3K/g"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=85113 idim=850x1017 ifmt=jpeg ofsz=20154 odim=320x383 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 20154
X-Firefox-Spdy: h2

preview.redd.it/enhhja04xz2a1.jpg?width=320&crop=smart&auto=webp&s=76c2d3b4c1efcec4833581e5430be5cbb1470205

151.101.193.140

200 OK

14 kB

URL HTTP/2
preview.redd.it/enhhja04xz2a1.jpg?width=320&crop=smart&auto=webp&s=76c2d3b4c1efcec4833581e5430be5cbb1470205
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x461, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
14 kB (13458 bytes)
Hash
7109536f0ffe06ce89201d6a53d2099c
a08724670d186f2d26c5d8aebd6178109c5cf17c
3ef509b52171b718e55c9639baabf14f26fe27485f4f04764c8e26bf5adb8459

HTTP Headers

GET /enhhja04xz2a1.jpg?width=320&crop=smart&auto=webp&s=76c2d3b4c1efcec4833581e5430be5cbb1470205 HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "Q1rrM140uGmI2P3LHGcR6GRSYNAGo/tCLfoJyiyNDOE"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=144861 idim=749x1080 ifmt=jpeg ofsz=13458 odim=320x461 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 13458
X-Firefox-Spdy: h2

preview.redd.it/mowbc6gxwz2a1.jpg?width=320&crop=smart&auto=webp&s=8c9789c89657a88493b647deb3face5b7c86e31b

151.101.193.140

200 OK

12 kB

URL HTTP/2
preview.redd.it/mowbc6gxwz2a1.jpg?width=320&crop=smart&auto=webp&s=8c9789c89657a88493b647deb3face5b7c86e31b
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x226, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (12370 bytes)
Hash
12adb498b7b077f4a74bdf8f2fe2adc6
815b6f2aeb9aa803aa3488213b0374fa490f0785
78d04444f5c499f662252ed55f0aa467f81e2e7d1e07808f8e758031ad24381d

HTTP Headers

GET /mowbc6gxwz2a1.jpg?width=320&crop=smart&auto=webp&s=8c9789c89657a88493b647deb3face5b7c86e31b HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "lDkgW9KlB5qmTOfyWeov3qS4frdWD8hLQTtDzto0Sts"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=67095 idim=850x601 ifmt=jpeg ofsz=12370 odim=320x226 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 12370
X-Firefox-Spdy: h2

preview.redd.it/t37175ecxz2a1.jpg?width=320&crop=smart&auto=webp&s=09da40351a2aaa8c918efb724502edb6dd1377b6

151.101.193.140

200 OK

12 kB

URL HTTP/2
preview.redd.it/t37175ecxz2a1.jpg?width=320&crop=smart&auto=webp&s=09da40351a2aaa8c918efb724502edb6dd1377b6
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x226, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (12404 bytes)
Hash
d1fff84c30382e70ebcfaca79ac7fbb2
b583caeb9cb18159d0e1e4835aadb070b5e649fa
1f0296ead8b60f1f5af35abd999ab4c4486af095e7d72a4da81c2d2dfe645c4a

HTTP Headers

GET /t37175ecxz2a1.jpg?width=320&crop=smart&auto=webp&s=09da40351a2aaa8c918efb724502edb6dd1377b6 HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "WS10q/c3Hb5t0ExZ5EkUlahEZGeuQhIurbcw4KUUM8U"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=74394 idim=1023x724 ifmt=jpeg ofsz=12404 odim=320x226 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 12404
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6594
Cache-Control: max-age=130506
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 22:41:39 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:56:45 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
d8dfae277d07dc3f3c9d350ee7dece36
993dfa62381d28506a13c5770a7d07b631b090fe
e00245ffd93e12206bece885bdd405d298c81a06299b9bb942d73ca25d6577f3

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 22:41:39 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "5F6E89EA845C1154D6415A702707C174C7044C74"
Expires: Thu, 01 Dec 2022 10:00:00 GMT
Last-Modified: Wed, 30 Nov 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1793
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7727177d8badb517-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
82636550758e8604b4162568f2b413af
82555ec2c38ac3939b5fff3aa242a3d34ea7988b
f53c6bbc1d16c790805894ca6437c2ef11c8990bb95f2be2a6b7a0062cad9376

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6579
Cache-Control: max-age=141295
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 22:41:39 GMT
Etag: "6387475f-117"
Expires: Fri, 02 Dec 2022 13:56:34 GMT
Last-Modified: Wed, 30 Nov 2022 12:06:55 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

preview.redd.it/jc6d3w4ie03a1.jpg?width=320&crop=smart&auto=webp&s=ba4015e5932cbc687d2a877507fa8fd8c6840525

151.101.193.140

200 OK

9.6 kB

URL HTTP/2
preview.redd.it/jc6d3w4ie03a1.jpg?width=320&crop=smart&auto=webp&s=ba4015e5932cbc687d2a877507fa8fd8c6840525
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x216, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.6 kB (9582 bytes)
Hash
b21da126adc9b074e40fa391af4c4e89
d6f95717e4c0fef0f482aee043e36fe475905f36
bbc1653c98e779e09a3a09731c1c3b46df7671ba7969f35c3c7748185da9b301

HTTP Headers

GET /jc6d3w4ie03a1.jpg?width=320&crop=smart&auto=webp&s=ba4015e5932cbc687d2a877507fa8fd8c6840525 HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "J9Cer4z1UQ+BPJz0JqDMPAAYE0cI6IW/RZdLZBfFOzw"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=98677 idim=850x575 ifmt=jpeg ofsz=9582 odim=320x216 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 9582
X-Firefox-Spdy: h2

preview.redd.it/w1c3a3wsuz2a1.jpg?width=320&crop=smart&auto=webp&s=5f6383145f45db7cafaced90062a7f14b45abcf3

151.101.193.140

200 OK

21 kB

URL HTTP/2
preview.redd.it/w1c3a3wsuz2a1.jpg?width=320&crop=smart&auto=webp&s=5f6383145f45db7cafaced90062a7f14b45abcf3
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x435, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
21 kB (20586 bytes)
Hash
decc7f6f42583e3b9d0a5cf727779e31
c38a7dc2cac05e6d7dc6f0e0707698885cd0869d
6109184dabfce9deebab5e4b9f7f1bc22db6ca649b924d396ef91153e6021f11

HTTP Headers

GET /w1c3a3wsuz2a1.jpg?width=320&crop=smart&auto=webp&s=5f6383145f45db7cafaced90062a7f14b45abcf3 HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "Qxwo2k+PrbULzcUP1FpZaoj8u8uTUkcsop98y2q+9es"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=275643 idim=1458x1983 ifmt=jpeg ofsz=20586 odim=320x435 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 20586
X-Firefox-Spdy: h2

preview.redd.it/r00lt8n2jz2a1.jpg?width=320&crop=smart&auto=webp&s=0c58f461411ff3b789aa5089f7d2fa7abf5226d5

151.101.193.140

200 OK

16 kB

URL HTTP/2
preview.redd.it/r00lt8n2jz2a1.jpg?width=320&crop=smart&auto=webp&s=0c58f461411ff3b789aa5089f7d2fa7abf5226d5
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x352, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
16 kB (16460 bytes)
Hash
77c259d8970418755813d37492431b43
ee1552899a7e2bc18a0835fb9466921b6f05adb9
0779d3576ad53161295629c621deb63b602fc1a6695e6a40dad74226c43aefdc

HTTP Headers

GET /r00lt8n2jz2a1.jpg?width=320&crop=smart&auto=webp&s=0c58f461411ff3b789aa5089f7d2fa7abf5226d5 HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "XOYp896KOISYkjpCk/UDOUKJnhPcR7Bt7eft+GGMelQ"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=107161 idim=1000x1100 ifmt=jpeg ofsz=16460 odim=320x352 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 16460
X-Firefox-Spdy: h2

preview.redd.it/n0fis6fdi03a1.jpg?width=320&crop=smart&auto=webp&s=829b988d2bbca00b87e8f8b9036982b11cbe9bbc

151.101.193.140

200 OK

17 kB

URL HTTP/2
preview.redd.it/n0fis6fdi03a1.jpg?width=320&crop=smart&auto=webp&s=829b988d2bbca00b87e8f8b9036982b11cbe9bbc
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x226, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
17 kB (17326 bytes)
Hash
8b6f4d1e9005823545a5be9ad99affef
3e230c882bd71c1175c1d58b731a67ef00f4eac5
c288a4deac5f6328f0e560a980f19328d4a782ac1f1b7a2c9ef54d2417f868b7

HTTP Headers

GET /n0fis6fdi03a1.jpg?width=320&crop=smart&auto=webp&s=829b988d2bbca00b87e8f8b9036982b11cbe9bbc HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "crmOQGEm0pS/hJOjgXjUwrlUhVjRjAxCwGEsFNZizKk"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=3953944 idim=5787x4093 ifmt=jpeg ofsz=17326 odim=320x226 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 17326
X-Firefox-Spdy: h2

preview.redd.it/pv3gwu0li03a1.jpg?width=320&crop=smart&auto=webp&s=9ecdc24d5b965088a3ace4a69d6fffcfa4a414e5

151.101.193.140

200 OK

23 kB

URL HTTP/2
preview.redd.it/pv3gwu0li03a1.jpg?width=320&crop=smart&auto=webp&s=9ecdc24d5b965088a3ace4a69d6fffcfa4a414e5
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x411, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
23 kB (23262 bytes)
Hash
73ade0e05af2d6076182b107d15782a8
65b600a32c7de828fd6e9c1a49d156529cb1c14b
05e70c1426329940482fcd73a8534d36945e387e7d3c2f4e56069ad58938a43e

HTTP Headers

GET /pv3gwu0li03a1.jpg?width=320&crop=smart&auto=webp&s=9ecdc24d5b965088a3ace4a69d6fffcfa4a414e5 HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "Sal8df+gPANVYxIfza9bj4v2dp/sXq7EJdp590Q2SSs"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=667542 idim=3196x4106 ifmt=jpeg ofsz=23262 odim=320x411 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 23262
X-Firefox-Spdy: h2

preview.redd.it/17jzxwy9h03a1.jpg?width=320&crop=smart&auto=webp&s=79aa774a5cf0d165ae682739b91bea4ff40c28c3

151.101.193.140

200 OK

24 kB

URL HTTP/2
preview.redd.it/17jzxwy9h03a1.jpg?width=320&crop=smart&auto=webp&s=79aa774a5cf0d165ae682739b91bea4ff40c28c3
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x517, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
24 kB (23570 bytes)
Hash
851383f79f06a3c20f9fcd7e514c5e50
8f47b5a73e0baac54ed0c0b853411ef00ea77b0b
a0d2b21b693c9a5d74c175639d22b3890ddf96ff9e2083d729d55891c427dd53

HTTP Headers

GET /17jzxwy9h03a1.jpg?width=320&crop=smart&auto=webp&s=79aa774a5cf0d165ae682739b91bea4ff40c28c3 HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "OenV04z/Dxc0ws6+pyY3OJX0uPBaPmjZzdMm8qrt0yk"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=67410 idim=743x1200 ifmt=jpeg ofsz=23570 odim=320x517 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 23570
X-Firefox-Spdy: h2

preview.redd.it/03kkk1b1rz2a1.jpg?width=320&crop=smart&auto=webp&s=93d8c449909238add6db3f6e8f59533c88e88148

151.101.193.140

200 OK

25 kB

URL HTTP/2
preview.redd.it/03kkk1b1rz2a1.jpg?width=320&crop=smart&auto=webp&s=93d8c449909238add6db3f6e8f59533c88e88148
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x398, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
25 kB (25268 bytes)
Hash
7878a279b3451175de663af73c7d1a16
ee6791951e2488e129b000f0118c3d684e25b6f7
4e5d4c143bd03e998a8ad24686441e8ca8ae0afd13a215a7c5f51d3d70f7dc07

HTTP Headers

GET /03kkk1b1rz2a1.jpg?width=320&crop=smart&auto=webp&s=93d8c449909238add6db3f6e8f59533c88e88148 HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "T7f+5AYqLm8xENaCtE3H8wlPyJWpT4CRfrnoHfMIWuE"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=88573 idim=850x1057 ifmt=jpeg ofsz=25268 odim=320x398 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 25268
X-Firefox-Spdy: h2

preview.redd.it/ipp0o0newz2a1.png?width=320&crop=smart&auto=webp&s=883ac5e2ef5c13634a6df17f5411fea9cc37505c

151.101.193.140

200 OK

162 kB

URL HTTP/2
preview.redd.it/ipp0o0newz2a1.png?width=320&crop=smart&auto=webp&s=883ac5e2ef5c13634a6df17f5411fea9cc37505c
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
162 kB (162404 bytes)
Hash
873a7c324e6f67939a2bf9b7e843bf63
b0a92eca362918bcf8ac25ec234c2d4d02198eea
7142267a324e86cbe65aab0616119ef1c05fa0b46f5ab1a93369f31320523ca9

HTTP Headers

GET /ipp0o0newz2a1.png?width=320&crop=smart&auto=webp&s=883ac5e2ef5c13634a6df17f5411fea9cc37505c HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "RdhY+/fXywiIfvKEYuBpOy0VdjXPqNL8lLmcyt398X0"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=9746073 idim=3400x5950 ifmt=png ofsz=162404 odim=320x560 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 162404
X-Firefox-Spdy: h2

preview.redd.it/1qk0l7jvyrm91.jpg?auto=webp&s=8a6df2f5c63739efb587d4df47bd4f0003ba0a14

151.101.193.140

200 OK

396 kB

URL HTTP/2
preview.redd.it/1qk0l7jvyrm91.jpg?auto=webp&s=8a6df2f5c63739efb587d4df47bd4f0003ba0a14
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 2504x3811, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
396 kB (395524 bytes)
Hash
1c7a37c497670e220671b22c1dfa4f17
a773f3874b930bc89c6a4e0ad5dd5e9e7590624e
3351405d8a938678f5d02a11622dd4bc88853c59b22e3bfd4c44270551e331cc

HTTP Headers

GET /1qk0l7jvyrm91.jpg?auto=webp&s=8a6df2f5c63739efb587d4df47bd4f0003ba0a14 HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "qegr3KXH5OmLwZDiSawTm45qcBRUiH47Jdg8uN0dUtA"
expires: Thu, 31 Dec 2037 23:59:59 GMT
fastly-io-info: ifsz=527507 idim=2504x3811 ifmt=jpeg ofsz=395524 odim=2504x3811 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 395524
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 22:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
82636550758e8604b4162568f2b413af
82555ec2c38ac3939b5fff3aa242a3d34ea7988b
f53c6bbc1d16c790805894ca6437c2ef11c8990bb95f2be2a6b7a0062cad9376

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6579
Cache-Control: max-age=141295
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 22:41:39 GMT
Etag: "6387475f-117"
Expires: Fri, 02 Dec 2022 13:56:34 GMT
Last-Modified: Wed, 30 Nov 2022 12:06:55 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

external-preview.redd.it/qXra5jJLTkKFZxYDRgGbAiiOzpHD6MdXcawdvJQ0j-o.jpg?width=320&crop=smart&auto=webp&s=123372d0b42b47c27796eeef656a3ce8b5004f64

151.101.193.140

200 OK

17 kB

URL HTTP/2
external-preview.redd.it/qXra5jJLTkKFZxYDRgGbAiiOzpHD6MdXcawdvJQ0j-o.jpg?width=320&crop=smart&auto=webp&s=123372d0b42b47c27796eeef656a3ce8b5004f64
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x221, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
17 kB (17024 bytes)
Hash
83fd228638c4af7d593990e054f36a6e
fda7d7e9b2ee39b4463c47cb72094f30fe9a1d75
a58b4fbaab8b32710a9835341e56c273eb8887d03754a96db4baa4599f7089f9

HTTP Headers

GET /qXra5jJLTkKFZxYDRgGbAiiOzpHD6MdXcawdvJQ0j-o.jpg?width=320&crop=smart&auto=webp&s=123372d0b42b47c27796eeef656a3ce8b5004f64 HTTP/1.1
Host: external-preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "o9aEnHkWaWKSsV3Hd3e8SZO+/42/JkG/3NwkreLXwns"
fastly-io-info: ifsz=135686 idim=1100x760 ifmt=jpeg ofsz=17024 odim=320x221 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
cache-control: public, max-age=604800
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.5, "failure_fraction": 0.5}
content-length: 17024
X-Firefox-Spdy: h2

external-preview.redd.it/zGRrRzLVpNk9RYMxVM7iAamdPkq6RlBOun8j6zroaHQ.png?width=320&crop=smart&auto=webp&s=bf238500083690178b60727d4b7f60e43915b9e4

151.101.193.140

200 OK

67 kB

URL HTTP/2
external-preview.redd.it/zGRrRzLVpNk9RYMxVM7iAamdPkq6RlBOun8j6zroaHQ.png?width=320&crop=smart&auto=webp&s=bf238500083690178b60727d4b7f60e43915b9e4
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
67 kB (67174 bytes)
Hash
54b662f48f1f722dfd3482f0b28256f9
16007d19891b608cb080e19174576510ecab2bcc
4dc7cbe63fed992730e741611739fbf2a89cc7df5d4fce38b7198278cfddee0e

HTTP Headers

GET /zGRrRzLVpNk9RYMxVM7iAamdPkq6RlBOun8j6zroaHQ.png?width=320&crop=smart&auto=webp&s=bf238500083690178b60727d4b7f60e43915b9e4 HTTP/1.1
Host: external-preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "bnEKMti2ZH53/zy7uchER0Sins/FcSjgTbFxXr/3NPE"
fastly-io-info: ifsz=1117529 idim=1600x1297 ifmt=png ofsz=67174 odim=320x259 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
cache-control: public, max-age=604800
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.5, "failure_fraction": 0.5}
content-length: 67174
X-Firefox-Spdy: h2

external-preview.redd.it/Yed-tZokMcwcEfJmMcH_KbkLmZ-xCjVZNg5qKjPQaOk.jpg?width=320&crop=smart&auto=webp&s=32a686ce47088b80e162662b19a3db2902a31399

151.101.193.140

200 OK

35 kB

URL HTTP/2
external-preview.redd.it/Yed-tZokMcwcEfJmMcH_KbkLmZ-xCjVZNg5qKjPQaOk.jpg?width=320&crop=smart&auto=webp&s=32a686ce47088b80e162662b19a3db2902a31399
IP
151.101.193.140:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x464, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
35 kB (35274 bytes)
Hash
fa51574949774a49d4212e8a284813fe
b0f49c4b0292c335cc61ac9bab73709b01384786
f89c19a8761ecf31b190fa1c0c5cdb84344e0c8e80d477a2bb54b5ef5a49163f

HTTP Headers

GET /Yed-tZokMcwcEfJmMcH_KbkLmZ-xCjVZNg5qKjPQaOk.jpg?width=320&crop=smart&auto=webp&s=32a686ce47088b80e162662b19a3db2902a31399 HTTP/1.1
Host: external-preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "4rsmHVtryuFMXRDmJPbPdVHeaQV6fUun3vMj9HDE08o"
fastly-io-info: ifsz=179944 idim=787x1142 ifmt=jpeg ofsz=35274 odim=320x464 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
server: snooserv
cache-control: public, max-age=604800
accept-ranges: bytes
date: Wed, 30 Nov 2022 22:41:39 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.5, "failure_fraction": 0.5}
content-length: 35274
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 22:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open+Sans:300,400&subset=cyrillic,greek,latin-ext

142.250.74.106

200 OK

113 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400&subset=cyrillic,greek,latin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
113 kB (113079 bytes)
Hash
28bfb7f134c49864d7b575e32a13dd57
6ea744dc1408f6594eba0ec1e60d3388a9bd8783
d126e9a03fbd1f29d9fbdcb5f388e62ebb8ced6ea8f5c519154256eccc82352e

HTTP Headers

GET /css?family=Open+Sans:300,400&subset=cyrillic,greek,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.fluidplayer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 22:41:39 GMT
date: Wed, 30 Nov 2022 22:41:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.fluidplayer.com/v2/current/fluidplayer.min.js

205.185.216.10

200 OK

28 kB

URL HTTP/1.1
cdn.fluidplayer.com/v2/current/fluidplayer.min.js
IP
205.185.216.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28351 bytes)
Hash
6ec3c5eb5d06691a892c1dfbbd100d84
245b05947cd2162c6028cc668f1731632008691b
6ae3e50c7640b051f6bcf6a02a35bdf93d3d0dbd12de5b7ea3e4c8fdb6467238

HTTP Headers

GET /v2/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 22:41:39 GMT
Connection: Keep-Alive
ETag: "1584964688"
Cache-Control: max-age=79482
Content-Encoding: gzip
Content-Length: 28351
Content-Type: application/javascript
Last-Modified: Mon, 23 Mar 2020 11:58:08 GMT
Accept-Ranges: bytes
X-HW: 1669848099.dop231.sk1.t,1669848099.cds022.sk1.shn,1669848099.cds022.sk1.c

lkpmprksau.com/lv/esnk/1942066/code.js

62.122.171.6

200 OK

118 kB

URL HTTP/2
lkpmprksau.com/lv/esnk/1942066/code.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
118 kB (118312 bytes)
Hash
fbb9696e4635ccc248616523e1479143
03bcb9fad43a2c35392422314552b20a99d6075b
751cc79c6dc51d242d0051021e36887f58c99e691b7521912c1bd4e1419338bb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lv/esnk/1942066/code.js HTTP/1.1
Host: lkpmprksau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-1aaa0"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2

172.64.132.15

200 OK

74 kB

URL HTTP/2
use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 74328, version 329.-17695\012- data
Size
74 kB (74328 bytes)
Hash
64b3e814a66c2719b15abf8f7998bd73
fa5c5d34c7c375aa3e101f0b8104b6cdbcacd6a6
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

HTTP Headers

GET /releases/v5.8.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hentailib.net
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: font/woff2
content-length: 74328
x-amz-id-2: srLjAKPCSnmOq104CGMdU4/sHVT/vUi+6C+AmjJPB+Ls0xQvqlTex0DObXMtODgT+hgCFkbGOVE=
x-amz-request-id: NTMC62VWV6E04APS
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:21 GMT
etag: "64b3e814a66c2719b15abf8f7998bd73"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 6801
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2A38qczwQLb%2FaUYflgYi84qAVOtRMMoTe8wSZFxSNMLUxS52LxdJv%2BU9XHpRCLzky5kLI3TwVAVRcHyuscfXACwHQbvriaWbPaEVI9dlV0i3nnj4TThBFB4zi8lovTUjznRu2Akv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7727177ece49405e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a7768a8a4d5f2b246e1c7184e4526eef
424a0bbdad4a58e0eeced80d976613d4925a8f55
6233da50858bbd760a4da93d72eaf8b0a3379184601e8eb76db9a306af568c71

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6595
Cache-Control: max-age=151394
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 22:41:39 GMT
Etag: "63876ec3-117"
Expires: Fri, 02 Dec 2022 16:44:53 GMT
Last-Modified: Wed, 30 Nov 2022 14:54:59 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 22:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a7768a8a4d5f2b246e1c7184e4526eef
424a0bbdad4a58e0eeced80d976613d4925a8f55
6233da50858bbd760a4da93d72eaf8b0a3379184601e8eb76db9a306af568c71

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6574
Cache-Control: max-age=151374
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 22:41:39 GMT
Etag: "63876ec3-117"
Expires: Fri, 02 Dec 2022 16:44:33 GMT
Last-Modified: Wed, 30 Nov 2022 14:54:59 GMT
Server: ECS (amb/6BBF)
X-Cache: HIT
Content-Length: 279

push.services.mozilla.com/

52.41.253.170

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.253.170:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QkSkanKjoeqk26sXSSHVNw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KCQA8bAzGFIFNUupwIhDdv8XvHA=

www.googletagmanager.com/gtag/js?id=G-KDYWPHB1FV

142.250.74.40

200 OK

79 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-KDYWPHB1FV
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (26337)
Size
79 kB (78828 bytes)
Hash
043f20cdd2a835a1c7421f2320c482a1
048ef761967f90cdb4be6d66ea1eebd3dd708a46
25fb56810107fb0acf1ee3c6019d04e083f969479e1daf6a8c78df69187747fc

HTTP Headers

GET /gtag/js?id=G-KDYWPHB1FV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 22:41:39 GMT
expires: Wed, 30 Nov 2022 22:41:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78828
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

unpkg.com/infinite-scroll@3/dist/infinite-scroll.pkgd.min.js

104.16.124.175

302 Found

549 B

URL HTTP/2
unpkg.com/infinite-scroll@3/dist/infinite-scroll.pkgd.min.js
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
549 B (549 bytes)
Hash
9aa3267a3a3a44a40e6b4d8c9b30026d
ddd5af1cd40befea5551bbb982d1864cd4cfaa6c
451d602a33194a5ab264d2ef4e4932100912543a6b5b703c6cc5f7f698690c84

HTTP Headers

GET /infinite-scroll@3/dist/infinite-scroll.pkgd.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /infinite-scroll@3.0.6/dist/infinite-scroll.pkgd.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK5ASXV2KHHVHG1G7E0XQMXD-ams
cf-cache-status: HIT
age: 455
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7727177f6ea11c16-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2b18451ba62ba716293e9a696fb5cbf1
b7f3bec739b526057f6ca306892ee2d405b39ce3
0fb71815562197c1c65c974aa191640bce0c5c9ba0e21cc5d273875caf2670bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5754
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 22:41:39 GMT
Last-Modified: Wed, 30 Nov 2022 21:05:46 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

unpkg.com/masonry-layout@4/dist/masonry.pkgd.min.js

104.16.124.175

302 Found

25 kB

URL HTTP/2
unpkg.com/masonry-layout@4/dist/masonry.pkgd.min.js
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
25 kB (24958 bytes)
Hash
f1e78bd58c2505ff61fce4ab541b8141
f634989711ebbe2d6cdd101160be60c7dae6bbc0
dc65e517066a10bb07c1af7bb430bac72334881dc01f16d6564ae1b8fa1da720

HTTP Headers

GET /masonry-layout@4/dist/masonry.pkgd.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /masonry-layout@4.2.2/dist/masonry.pkgd.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK5B2FKD5A7Q5F0B3TFH38M3-ams
cf-cache-status: HIT
age: 175
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7727177fcee81c16-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2b18451ba62ba716293e9a696fb5cbf1
b7f3bec739b526057f6ca306892ee2d405b39ce3
0fb71815562197c1c65c974aa191640bce0c5c9ba0e21cc5d273875caf2670bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5754
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 22:41:39 GMT
Last-Modified: Wed, 30 Nov 2022 21:05:46 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

lkpmprksau.com/chicken.gif?z=1942064&pb=97097a9595d05b84bd61d5088bab83e01669855299&psp=zAT8qxvUCVpfbsFOZDEpO-TrChAs0NjBvwX9ngtpsJlhLv7nJ8NivJrQNjcRrpxx96zLr2UYBJC8H3pJNSkHdfBQFgdLra6MRZZguUcRIvBoUwq3g5qf66GpQldmh3cl7W3QLmmxQ18XCT8BrDiCfQ890UHWGTrZOOK0ayyNTmxfBvwgwVnLdRs9mCTQqQnRzvkp8OzZi-BMUIrodnGm4xIT298I5V1xZYw-1iwpy3uYH6VgVkDovmL9HksBSa3pClJ66Joak2ECqS0jVFPsUHUZ0eh9sh3w9PO2Q-5bI1w65L6Khy6RY6ssXmJE6SDqx3nKac0WtlTBk29SkqwSBOcpqSa54IX1cfgMVducfIH2vzGWhljvOZ9BHR0E-RO2E9kILEKrF73DDhfr4gAUJvcogTzta2tk88KrRa7eJAok_HHy3FwPX4KimfBspD3WYcwqGVzjkV--IPx860BWUz03r9RAwh2zH27b4gDIt1nh6QyFMNM0hnG5x5ObjOw58HkmJ_espc98Wxmy_AL8dRCODAdkn3u629FUqjcrodtSn4iI1ow0VROfCP7do8ptis8A2G5vPzyZ0xPluIizCuyf8eaFT8f4T-LybVI86onbVChKtjCDCf4hBwQz-Fdi_oGVaqLbeYBj_D0_Ca_pRwsaaZhaVoTkaZ2W4Q==&abvar=0&os=0

62.122.171.6

200 OK

43 B

URL HTTP/2
lkpmprksau.com/chicken.gif?z=1942064&pb=97097a9595d05b84bd61d5088bab83e01669855299&psp=zAT8qxvUCVpfbsFOZDEpO-TrChAs0NjBvwX9ngtpsJlhLv7nJ8NivJrQNjcRrpxx96zLr2UYBJC8H3pJNSkHdfBQFgdLra6MRZZguUcRIvBoUwq3g5qf66GpQldmh3cl7W3QLmmxQ18XCT8BrDiCfQ890UHWGTrZOOK0ayyNTmxfBvwgwVnLdRs9mCTQqQnRzvkp8OzZi-BMUIrodnGm4xIT298I5V1xZYw-1iwpy3uYH6VgVkDovmL9HksBSa3pClJ66Joak2ECqS0jVFPsUHUZ0eh9sh3w9PO2Q-5bI1w65L6Khy6RY6ssXmJE6SDqx3nKac0WtlTBk29SkqwSBOcpqSa54IX1cfgMVducfIH2vzGWhljvOZ9BHR0E-RO2E9kILEKrF73DDhfr4gAUJvcogTzta2tk88KrRa7eJAok_HHy3FwPX4KimfBspD3WYcwqGVzjkV--IPx860BWUz03r9RAwh2zH27b4gDIt1nh6QyFMNM0hnG5x5ObjOw58HkmJ_espc98Wxmy_AL8dRCODAdkn3u629FUqjcrodtSn4iI1ow0VROfCP7do8ptis8A2G5vPzyZ0xPluIizCuyf8eaFT8f4T-LybVI86onbVChKtjCDCf4hBwQz-Fdi_oGVaqLbeYBj_D0_Ca_pRwsaaZhaVoTkaZ2W4Q==&abvar=0&os=0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /chicken.gif?z=1942064&pb=97097a9595d05b84bd61d5088bab83e01669855299&psp=zAT8qxvUCVpfbsFOZDEpO-TrChAs0NjBvwX9ngtpsJlhLv7nJ8NivJrQNjcRrpxx96zLr2UYBJC8H3pJNSkHdfBQFgdLra6MRZZguUcRIvBoUwq3g5qf66GpQldmh3cl7W3QLmmxQ18XCT8BrDiCfQ890UHWGTrZOOK0ayyNTmxfBvwgwVnLdRs9mCTQqQnRzvkp8OzZi-BMUIrodnGm4xIT298I5V1xZYw-1iwpy3uYH6VgVkDovmL9HksBSa3pClJ66Joak2ECqS0jVFPsUHUZ0eh9sh3w9PO2Q-5bI1w65L6Khy6RY6ssXmJE6SDqx3nKac0WtlTBk29SkqwSBOcpqSa54IX1cfgMVducfIH2vzGWhljvOZ9BHR0E-RO2E9kILEKrF73DDhfr4gAUJvcogTzta2tk88KrRa7eJAok_HHy3FwPX4KimfBspD3WYcwqGVzjkV--IPx860BWUz03r9RAwh2zH27b4gDIt1nh6QyFMNM0hnG5x5ObjOw58HkmJ_espc98Wxmy_AL8dRCODAdkn3u629FUqjcrodtSn4iI1ow0VROfCP7do8ptis8A2G5vPzyZ0xPluIizCuyf8eaFT8f4T-LybVI86onbVChKtjCDCf4hBwQz-Fdi_oGVaqLbeYBj_D0_Ca_pRwsaaZhaVoTkaZ2W4Q==&abvar=0&os=0 HTTP/1.1
Host: lkpmprksau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2211301741431e00d751f34e8c9a1c419efa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Thu, 01 Dec 2022 22:41:40 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

lkpmprksau.com/chicken.gif?z=1942066&pb=97097a9595d05b84bd61d5088bab83e01669855299&psp=adzAOcAvZP6IszyyhmF8EnnA0S3DpHwwY7BSvqejBsQ4EBBmIHosgjuB8wZt4l0X8Kano8qxVmOX6ybOX30ZrbaI5fr7DHKFvsbTJRvNWVnFhFhGWAkYBCs0vXoNkL38GUxTJTrERuADgSJUymo0EZrWv88DLO3MOWwzlm8rUHeb8Vte5K9KxM9_XeH4mejx2s6UpKn_wbdRC4_OBVy7e63dPQEd0o1VjdjEcT--HXZxOg7hnLgMsnfdp41pXMhM0CObw015FmbSKK_XlLAOBVgqtxKuOS43e6arY10d36wBMD6xnvtM94RfVrSou8gAX0s9YH_y7vPeCKVyPmNi10c0z5UxDc2aeu38tOGBq2flBoIPkrdYIPj2XenkUs0cn1_vrDleDMkn50oEg1gOd38cT6gCaHeeiJQqwHZjdOrHKoIM0RuwLyBaBGgcxlYZmuspQRq_AOjidQn2f6elW_V9npn4Xvf4jAfQpmuPQUhfqCXN_ujQFV1FvW3Dp-pu8XaXhv-6q7xZEaf-rdijJB0kzIYQ2gya4SRUZEtGztVdDUMLNed1kLoZUwh1-_i12rgzebT8fGUfl8VKOGpzr7qeAX1GFOsvZOkVngjR2uExxXU3KGnau-2CZexqpNPfIHJkiBGrrNvvx_BfAkIKANgpy2Z6pJbqmThLfw==&abvar=0&os=0

62.122.171.6

200 OK

43 B

URL HTTP/2
lkpmprksau.com/chicken.gif?z=1942066&pb=97097a9595d05b84bd61d5088bab83e01669855299&psp=adzAOcAvZP6IszyyhmF8EnnA0S3DpHwwY7BSvqejBsQ4EBBmIHosgjuB8wZt4l0X8Kano8qxVmOX6ybOX30ZrbaI5fr7DHKFvsbTJRvNWVnFhFhGWAkYBCs0vXoNkL38GUxTJTrERuADgSJUymo0EZrWv88DLO3MOWwzlm8rUHeb8Vte5K9KxM9_XeH4mejx2s6UpKn_wbdRC4_OBVy7e63dPQEd0o1VjdjEcT--HXZxOg7hnLgMsnfdp41pXMhM0CObw015FmbSKK_XlLAOBVgqtxKuOS43e6arY10d36wBMD6xnvtM94RfVrSou8gAX0s9YH_y7vPeCKVyPmNi10c0z5UxDc2aeu38tOGBq2flBoIPkrdYIPj2XenkUs0cn1_vrDleDMkn50oEg1gOd38cT6gCaHeeiJQqwHZjdOrHKoIM0RuwLyBaBGgcxlYZmuspQRq_AOjidQn2f6elW_V9npn4Xvf4jAfQpmuPQUhfqCXN_ujQFV1FvW3Dp-pu8XaXhv-6q7xZEaf-rdijJB0kzIYQ2gya4SRUZEtGztVdDUMLNed1kLoZUwh1-_i12rgzebT8fGUfl8VKOGpzr7qeAX1GFOsvZOkVngjR2uExxXU3KGnau-2CZexqpNPfIHJkiBGrrNvvx_BfAkIKANgpy2Z6pJbqmThLfw==&abvar=0&os=0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /chicken.gif?z=1942066&pb=97097a9595d05b84bd61d5088bab83e01669855299&psp=adzAOcAvZP6IszyyhmF8EnnA0S3DpHwwY7BSvqejBsQ4EBBmIHosgjuB8wZt4l0X8Kano8qxVmOX6ybOX30ZrbaI5fr7DHKFvsbTJRvNWVnFhFhGWAkYBCs0vXoNkL38GUxTJTrERuADgSJUymo0EZrWv88DLO3MOWwzlm8rUHeb8Vte5K9KxM9_XeH4mejx2s6UpKn_wbdRC4_OBVy7e63dPQEd0o1VjdjEcT--HXZxOg7hnLgMsnfdp41pXMhM0CObw015FmbSKK_XlLAOBVgqtxKuOS43e6arY10d36wBMD6xnvtM94RfVrSou8gAX0s9YH_y7vPeCKVyPmNi10c0z5UxDc2aeu38tOGBq2flBoIPkrdYIPj2XenkUs0cn1_vrDleDMkn50oEg1gOd38cT6gCaHeeiJQqwHZjdOrHKoIM0RuwLyBaBGgcxlYZmuspQRq_AOjidQn2f6elW_V9npn4Xvf4jAfQpmuPQUhfqCXN_ujQFV1FvW3Dp-pu8XaXhv-6q7xZEaf-rdijJB0kzIYQ2gya4SRUZEtGztVdDUMLNed1kLoZUwh1-_i12rgzebT8fGUfl8VKOGpzr7qeAX1GFOsvZOkVngjR2uExxXU3KGnau-2CZexqpNPfIHJkiBGrrNvvx_BfAkIKANgpy2Z6pJbqmThLfw==&abvar=0&os=0 HTTP/1.1
Host: lkpmprksau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2211301741431e00d751f34e8c9a1c419efa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Thu, 01 Dec 2022 22:41:40 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

owlunimmvn.com/chicken.gif?z=1942061&pid=_cb-1942061_2&pb=1b3456d2ad09745795271dacf11f936a1669855300&psp=tBHkWUnd-FHqGhUy3B054-p2U3rBrlluVfCWDZW0nJOwh9OGsIgbkQTqOX4YSfBR5Ho-1wLtBxtpT27ARSMgcksCXLtTHdQNCo6lszvPNqjysVl3IShEechB-hfPl0uS9c4Z30ixueCKdUnvGT4kqkXl-WxegHygQargCwRndat3HtfhdUu6hp9SV-Yv18JQ47yuLs3LD9hVETFdcgVCYcnylXF8ed-uvgid2ZqDTP1niJFF2hww9T-mzwBbZ22eDp1oP3YlbqFjuSD4ZlUxhppWYKj-QBTpruS78FkAgW0V-2zAlI0zRZBJ4_KfKCIOwgcGsTdLjFqDZyZNEsgz-gD_hwjkeec_5y1cUUFhF2VkGhWuWH8tBVU7XG8UnjcMWWOOCbBSputaalFzFf3FxulFNrXFeftR1CFVmBCvP9W0zrBd9DiMhmdKLkoB1E6WIR55kTTU7K2LDLj2bmi2P88X9qY2bSg8yle0OUOAtun5NL0jsKFHQJVCd6HCPPPL_9tm34wYEfmpvof9OzEaEMeeFXwgBspvPJd3D-zxQMDSnL98Q_-GXCEFlwIzMAF-0QJDr1fkro_zKY33jpuZNLTMVbV31D-RlBndwi6gAc-th_eZget1Jr8lzl8hGH7MyLH3Kc2UTBSJ_7ppkETDKwWW7FRwrLbuFZ_JhD6dxu-BbYWO_GPwY8iolVlUaOdVBx1iRDSzIu6b8UZEqsZrJreTQcOCRG3vGkdbgYqu7X87Bct7Sxdt1R8sXD5UqCAmbk9seB1Q_GHl-tGt&abvar=0&os=0

62.122.171.6

200 OK

43 B

URL HTTP/2
owlunimmvn.com/chicken.gif?z=1942061&pid=_cb-1942061_2&pb=1b3456d2ad09745795271dacf11f936a1669855300&psp=tBHkWUnd-FHqGhUy3B054-p2U3rBrlluVfCWDZW0nJOwh9OGsIgbkQTqOX4YSfBR5Ho-1wLtBxtpT27ARSMgcksCXLtTHdQNCo6lszvPNqjysVl3IShEechB-hfPl0uS9c4Z30ixueCKdUnvGT4kqkXl-WxegHygQargCwRndat3HtfhdUu6hp9SV-Yv18JQ47yuLs3LD9hVETFdcgVCYcnylXF8ed-uvgid2ZqDTP1niJFF2hww9T-mzwBbZ22eDp1oP3YlbqFjuSD4ZlUxhppWYKj-QBTpruS78FkAgW0V-2zAlI0zRZBJ4_KfKCIOwgcGsTdLjFqDZyZNEsgz-gD_hwjkeec_5y1cUUFhF2VkGhWuWH8tBVU7XG8UnjcMWWOOCbBSputaalFzFf3FxulFNrXFeftR1CFVmBCvP9W0zrBd9DiMhmdKLkoB1E6WIR55kTTU7K2LDLj2bmi2P88X9qY2bSg8yle0OUOAtun5NL0jsKFHQJVCd6HCPPPL_9tm34wYEfmpvof9OzEaEMeeFXwgBspvPJd3D-zxQMDSnL98Q_-GXCEFlwIzMAF-0QJDr1fkro_zKY33jpuZNLTMVbV31D-RlBndwi6gAc-th_eZget1Jr8lzl8hGH7MyLH3Kc2UTBSJ_7ppkETDKwWW7FRwrLbuFZ_JhD6dxu-BbYWO_GPwY8iolVlUaOdVBx1iRDSzIu6b8UZEqsZrJreTQcOCRG3vGkdbgYqu7X87Bct7Sxdt1R8sXD5UqCAmbk9seB1Q_GHl-tGt&abvar=0&os=0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /chicken.gif?z=1942061&pid=_cb-1942061_2&pb=1b3456d2ad09745795271dacf11f936a1669855300&psp=tBHkWUnd-FHqGhUy3B054-p2U3rBrlluVfCWDZW0nJOwh9OGsIgbkQTqOX4YSfBR5Ho-1wLtBxtpT27ARSMgcksCXLtTHdQNCo6lszvPNqjysVl3IShEechB-hfPl0uS9c4Z30ixueCKdUnvGT4kqkXl-WxegHygQargCwRndat3HtfhdUu6hp9SV-Yv18JQ47yuLs3LD9hVETFdcgVCYcnylXF8ed-uvgid2ZqDTP1niJFF2hww9T-mzwBbZ22eDp1oP3YlbqFjuSD4ZlUxhppWYKj-QBTpruS78FkAgW0V-2zAlI0zRZBJ4_KfKCIOwgcGsTdLjFqDZyZNEsgz-gD_hwjkeec_5y1cUUFhF2VkGhWuWH8tBVU7XG8UnjcMWWOOCbBSputaalFzFf3FxulFNrXFeftR1CFVmBCvP9W0zrBd9DiMhmdKLkoB1E6WIR55kTTU7K2LDLj2bmi2P88X9qY2bSg8yle0OUOAtun5NL0jsKFHQJVCd6HCPPPL_9tm34wYEfmpvof9OzEaEMeeFXwgBspvPJd3D-zxQMDSnL98Q_-GXCEFlwIzMAF-0QJDr1fkro_zKY33jpuZNLTMVbV31D-RlBndwi6gAc-th_eZget1Jr8lzl8hGH7MyLH3Kc2UTBSJ_7ppkETDKwWW7FRwrLbuFZ_JhD6dxu-BbYWO_GPwY8iolVlUaOdVBx1iRDSzIu6b8UZEqsZrJreTQcOCRG3vGkdbgYqu7X87Bct7Sxdt1R8sXD5UqCAmbk9seB1Q_GHl-tGt&abvar=0&os=0 HTTP/1.1
Host: owlunimmvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2211301741ba4c91ecec054714bf8d210432
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:40 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACMWJQAAAAAAAAAB; Path=/; Expires=Fri, 30 Dec 2022 22:41:40 GMT; Secure; SameSite=None
OACIBLOCK=ACMWJQAAAABjhuNQ; Path=/; Expires=Fri, 30 Dec 2022 22:41:40 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Thu, 01 Dec 2022 22:41:40 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_1

62.122.171.6

200 OK

47 kB

URL HTTP/2
owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_1
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
47 kB (46922 bytes)
Hash
699c0a2b33f6858c14d2e8a244489719
a36656b4c6ecac5bf7d59999a8df0d20c234eb5e
9c92a9bd40859fbba8d22bd026294e67535a237cec7216aa50156629795a3316

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /lv/esnk/1942061/code.js?pid=_cb-1942061_1 HTTP/1.1
Host: owlunimmvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:40 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-1aaa0"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

owlunimmvn.com/chicken.gif?z=1942061&pid=_cb-1942061_0&pb=1b3456d2ad09745795271dacf11f936a1669855300&psp=CvODjpCyPECtFV0prK17GhmEMvZN_fQjKOVMn_LaygcvmJ0lrBqURTED90ng0DAqC2TDo9B1geBEuDjXU02uYJOQGP89OrdlofrvMgONocmyy7E6lkkyz7YIIsMA30NUtvu14j84V8uiP3DQ1mpFTLyM6wWD8EZL6AjsTS5k3Q6z7RKGlmZYlFMe9lDc9IMs9RAgxyJSx0pL4JLPrXVs5IvSp_3gVpc9Lq_48IBCh7v8uO8X1iXXX7UEvAl5kP5a37vDXz0y8bPQ6BIwhih3nHZYqRyc_8JgvaGelzfGjAtI_ZA7ih94RrAEByGecCqjIOH0q0P2BcCOXQZjmzb98LdO2UT5xv_VYkrYSXqNhiso55AiBO60_m--EYw4Uhsx8dyVi_TehSvSn3SnG5pMn_ddIG_pRQ2_JkZqQ8EC9CCzQ0vOupJ8hHpWF1vhzS8bLtpdoLhohLiQQwx2672Woc_R989vKoq5y-nvV5jmLsDlKtnfAHOucIWLagt22wpWbAJv4WRZM0LKlZx6KOO7uTVlWDC59cLC0OqdA0PTWz7cff91viJwQ5UDVv9EIQvbeUYJdorrZ__UqcpuxrG9rZu3a7m7ELzrtwErCa0xdMpQ0eWXqi8cwlCunMNMQgmTdbiRYWx_rxZ35ykw9ze1BXBiXDRslx3L5h9VZA==&abvar=0&os=0

62.122.171.6

200 OK

43 B

URL HTTP/2
owlunimmvn.com/chicken.gif?z=1942061&pid=_cb-1942061_0&pb=1b3456d2ad09745795271dacf11f936a1669855300&psp=CvODjpCyPECtFV0prK17GhmEMvZN_fQjKOVMn_LaygcvmJ0lrBqURTED90ng0DAqC2TDo9B1geBEuDjXU02uYJOQGP89OrdlofrvMgONocmyy7E6lkkyz7YIIsMA30NUtvu14j84V8uiP3DQ1mpFTLyM6wWD8EZL6AjsTS5k3Q6z7RKGlmZYlFMe9lDc9IMs9RAgxyJSx0pL4JLPrXVs5IvSp_3gVpc9Lq_48IBCh7v8uO8X1iXXX7UEvAl5kP5a37vDXz0y8bPQ6BIwhih3nHZYqRyc_8JgvaGelzfGjAtI_ZA7ih94RrAEByGecCqjIOH0q0P2BcCOXQZjmzb98LdO2UT5xv_VYkrYSXqNhiso55AiBO60_m--EYw4Uhsx8dyVi_TehSvSn3SnG5pMn_ddIG_pRQ2_JkZqQ8EC9CCzQ0vOupJ8hHpWF1vhzS8bLtpdoLhohLiQQwx2672Woc_R989vKoq5y-nvV5jmLsDlKtnfAHOucIWLagt22wpWbAJv4WRZM0LKlZx6KOO7uTVlWDC59cLC0OqdA0PTWz7cff91viJwQ5UDVv9EIQvbeUYJdorrZ__UqcpuxrG9rZu3a7m7ELzrtwErCa0xdMpQ0eWXqi8cwlCunMNMQgmTdbiRYWx_rxZ35ykw9ze1BXBiXDRslx3L5h9VZA==&abvar=0&os=0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /chicken.gif?z=1942061&pid=_cb-1942061_0&pb=1b3456d2ad09745795271dacf11f936a1669855300&psp=CvODjpCyPECtFV0prK17GhmEMvZN_fQjKOVMn_LaygcvmJ0lrBqURTED90ng0DAqC2TDo9B1geBEuDjXU02uYJOQGP89OrdlofrvMgONocmyy7E6lkkyz7YIIsMA30NUtvu14j84V8uiP3DQ1mpFTLyM6wWD8EZL6AjsTS5k3Q6z7RKGlmZYlFMe9lDc9IMs9RAgxyJSx0pL4JLPrXVs5IvSp_3gVpc9Lq_48IBCh7v8uO8X1iXXX7UEvAl5kP5a37vDXz0y8bPQ6BIwhih3nHZYqRyc_8JgvaGelzfGjAtI_ZA7ih94RrAEByGecCqjIOH0q0P2BcCOXQZjmzb98LdO2UT5xv_VYkrYSXqNhiso55AiBO60_m--EYw4Uhsx8dyVi_TehSvSn3SnG5pMn_ddIG_pRQ2_JkZqQ8EC9CCzQ0vOupJ8hHpWF1vhzS8bLtpdoLhohLiQQwx2672Woc_R989vKoq5y-nvV5jmLsDlKtnfAHOucIWLagt22wpWbAJv4WRZM0LKlZx6KOO7uTVlWDC59cLC0OqdA0PTWz7cff91viJwQ5UDVv9EIQvbeUYJdorrZ__UqcpuxrG9rZu3a7m7ELzrtwErCa0xdMpQ0eWXqi8cwlCunMNMQgmTdbiRYWx_rxZ35ykw9ze1BXBiXDRslx3L5h9VZA==&abvar=0&os=0 HTTP/1.1
Host: owlunimmvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2211301741cfc243cb50ae4c28b347b298e6; OACICAP=ACMWJQAAAAAAAAAB; OACIBLOCK=ACMWJQAAAABjhuNQ; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:40 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Thu, 01 Dec 2022 22:41:40 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

unpkg.com/infinite-scroll@3.0.6/dist/infinite-scroll.pkgd.min.js

104.16.124.175

200 OK

15 kB

URL HTTP/2
unpkg.com/infinite-scroll@3.0.6/dist/infinite-scroll.pkgd.min.js
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (25581)
Size
15 kB (14916 bytes)
Hash
6cde64d16e76783b6e5854eca1ebaaf9
d6b92a33d9edecad2358ca1ad4e31a8dce5a6589
57b944501f677b1085a2c66250684576143b7d339d84bb4a67e54509a1395b34

HTTP Headers

GET /infinite-scroll@3.0.6/dist/infinite-scroll.pkgd.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentailib.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"64db-yRz2Fp0Ny15SqwpI9DC5tte9ViA"
via: 1.1 fly.io
fly-request-id: 01G4XPMABVF78KW6ZVR3KKRVK4-fra
cf-cache-status: HIT
age: 15288867
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7727177feef91c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/tag.js

77.88.21.119

200 OK

73 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Size
73 kB (73267 bytes)
Hash
1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 73267
date: Wed, 30 Nov 2022 22:41:40 GMT
access-control-allow-origin: *
etag: "63875d46-11e33"
expires: Wed, 30 Nov 2022 23:41:40 GMT
last-modified: Wed, 30 Nov 2022 16:40:22 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 22:41:40 GMT
access-control-allow-origin: *
etag: "63875d46-2b"
expires: Wed, 30 Nov 2022 23:41:40 GMT
accept-ranges: bytes
last-modified: Wed, 30 Nov 2022 16:40:22 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/86872389/1?wmode=7&page-url=https%3A%2F%2Fhentailib.net%2Fp%2F13938&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1171%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A706043516602%3Ahid%3A333623626%3Az%3A0%3Ai%3A20221130224139%3Aet%3A1669848099%3Ac%3A1%3Arn%3A904421096%3Arqn%3A1%3Au%3A16698480999548886%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C194%2C216%2C1%2C311%2C0%2C%2C469%2C2%2C1456%2C1456%2C2%2C1260%3Ans%3A1669848097143%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669848099%3At%3ASexy%20Yae%20%5BGenshin%20Impact%5D%20-%20Read%20hentai%20online%20for%20free%20at%20HentaiLib.net&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29

77.88.21.119

200 OK

407 B

URL HTTP/2
mc.yandex.ru/watch/86872389/1?wmode=7&page-url=https%3A%2F%2Fhentailib.net%2Fp%2F13938&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1171%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A706043516602%3Ahid%3A333623626%3Az%3A0%3Ai%3A20221130224139%3Aet%3A1669848099%3Ac%3A1%3Arn%3A904421096%3Arqn%3A1%3Au%3A16698480999548886%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C194%2C216%2C1%2C311%2C0%2C%2C469%2C2%2C1456%2C1456%2C2%2C1260%3Ans%3A1669848097143%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669848099%3At%3ASexy%20Yae%20%5BGenshin%20Impact%5D%20-%20Read%20hentai%20online%20for%20free%20at%20HentaiLib.net&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size
407 B (407 bytes)
Hash
26c178cb7392445587a604655beb8a3f
eb3348b756b469192bf280fb502e049c8fffbbc4
7d286a280cbda3747ce8af3204faa2c3e6e7467303efd1d88c5de25d195b5c31

HTTP Headers

GET /watch/86872389/1?wmode=7&page-url=https%3A%2F%2Fhentailib.net%2Fp%2F13938&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1171%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A706043516602%3Ahid%3A333623626%3Az%3A0%3Ai%3A20221130224139%3Aet%3A1669848099%3Ac%3A1%3Arn%3A904421096%3Arqn%3A1%3Au%3A16698480999548886%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C194%2C216%2C1%2C311%2C0%2C%2C469%2C2%2C1456%2C1456%2C2%2C1260%3Ans%3A1669848097143%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669848099%3At%3ASexy%20Yae%20%5BGenshin%20Impact%5D%20-%20Read%20hentai%20online%20for%20free%20at%20HentaiLib.net&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentailib.net
Referer: https://hentailib.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 407
date: Wed, 30 Nov 2022 22:41:40 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://hentailib.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 22:41:40 GMT
last-modified: Wed, 30-Nov-2022 22:41:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/86872389?wmode=7&page-url=https%3A%2F%2Fhentailib.net%2Fp%2F13938&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1171%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A706043516602%3Ahid%3A333623626%3Az%3A0%3Ai%3A20221130224139%3Aet%3A1669848099%3Ac%3A1%3Arn%3A904421096%3Arqn%3A1%3Au%3A16698480999548886%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C194%2C216%2C1%2C311%2C0%2C%2C469%2C2%2C1456%2C1456%2C2%2C1260%3Ans%3A1669848097143%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669848099%3At%3ASexy%20Yae%20%5BGenshin%20Impact%5D%20-%20Read%20hentai%20online%20for%20free%20at%20HentaiLib.net&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)

77.88.21.119

302 Found

0 B

URL HTTP/2
mc.yandex.ru/watch/86872389?wmode=7&page-url=https%3A%2F%2Fhentailib.net%2Fp%2F13938&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1171%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A706043516602%3Ahid%3A333623626%3Az%3A0%3Ai%3A20221130224139%3Aet%3A1669848099%3Ac%3A1%3Arn%3A904421096%3Arqn%3A1%3Au%3A16698480999548886%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C194%2C216%2C1%2C311%2C0%2C%2C469%2C2%2C1456%2C1456%2C2%2C1260%3Ans%3A1669848097143%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669848099%3At%3ASexy%20Yae%20%5BGenshin%20Impact%5D%20-%20Read%20hentai%20online%20for%20free%20at%20HentaiLib.net&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/86872389?wmode=7&page-url=https%3A%2F%2Fhentailib.net%2Fp%2F13938&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1171%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A706043516602%3Ahid%3A333623626%3Az%3A0%3Ai%3A20221130224139%3Aet%3A1669848099%3Ac%3A1%3Arn%3A904421096%3Arqn%3A1%3Au%3A16698480999548886%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C194%2C216%2C1%2C311%2C0%2C%2C469%2C2%2C1456%2C1456%2C2%2C1260%3Ans%3A1669848097143%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669848099%3At%3ASexy%20Yae%20%5BGenshin%20Impact%5D%20-%20Read%20hentai%20online%20for%20free%20at%20HentaiLib.net&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentailib.net
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/86872389/1?wmode=7&page-url=https%3A%2F%2Fhentailib.net%2Fp%2F13938&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1171%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A706043516602%3Ahid%3A333623626%3Az%3A0%3Ai%3A20221130224139%3Aet%3A1669848099%3Ac%3A1%3Arn%3A904421096%3Arqn%3A1%3Au%3A16698480999548886%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C194%2C216%2C1%2C311%2C0%2C%2C469%2C2%2C1456%2C1456%2C2%2C1260%3Ans%3A1669848097143%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669848099%3At%3ASexy%20Yae%20%5BGenshin%20Impact%5D%20-%20Read%20hentai%20online%20for%20free%20at%20HentaiLib.net&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 30 Nov 2022 22:41:40 GMT
access-control-allow-origin: https://hentailib.net
set-cookie: yandexuid=5973781301669848100; Expires=Thu, 30-Nov-2023 22:41:40 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5973781301669848100; Expires=Thu, 30-Nov-2023 22:41:40 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2051301811669848100; Path=/; SameSite=None; Secure
i=e7fyGMN599DO+L94BWXWaCu98qU9V0wHJX4vnpPXuPE5qc+GxWKkjpo7QN3wMtPP+rmVS0kF0q0s4dZtWSWub7Do7Z8=; Expires=Sat, 27-Nov-2032 22:41:27 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701384100.yc.1669848100#1701384100.yrts.1669848100#1701384100.yrtsi.1669848100; Expires=Thu, 30-Nov-2023 22:41:40 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 22:41:40 GMT
last-modified: Wed, 30-Nov-2022 22:41:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4424
Expires: Wed, 30 Nov 2022 23:55:25 GMT
Date: Wed, 30 Nov 2022 22:41:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4424
Expires: Wed, 30 Nov 2022 23:55:25 GMT
Date: Wed, 30 Nov 2022 22:41:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4424
Expires: Wed, 30 Nov 2022 23:55:25 GMT
Date: Wed, 30 Nov 2022 22:41:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4424
Expires: Wed, 30 Nov 2022 23:55:25 GMT
Date: Wed, 30 Nov 2022 22:41:41 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12898 bytes)
Hash
820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 3141
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13411 bytes)
Hash
328ce221bcf3442f88d09373193ff594
63bfa2ea925aa2c188c664a7bf7af7b0e5417e60
21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13411
x-amzn-requestid: 17fcc4e1-76c1-4eca-9235-c1a513bca24a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80FCQoAMFs1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-26da4f265d74215f31425eb9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MttRByNp1C1ZeFFicFVa0w3XRyXJnUycPy2Izk8hzGEgXGdDqD3L3A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:48:17 GMT
age: 3204
etag: "63bfa2ea925aa2c188c664a7bf7af7b0e5417e60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10437 bytes)
Hash
291127b670135b42b6e9687aa2a13237
99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wQc8gdA6brp46QVd0ee9cBtnmA9q1j3nUO2ou9MDIhecNINtmphq0Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:50:06 GMT
age: 3095
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4199 bytes)
Hash
4fd5f7a9e04d27654062b3e18b8aecca
07fafbd614cdb49f20bceea29d5e684725d3bdf6
0cb64a9a33f66b92eed5a591b6c368f3d74363941d8876e553a8ea6aaa547590

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4199
x-amzn-requestid: d7983896-c4a5-4133-9b0e-51ac412cf732
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZttXFcZIAMFmJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386f655-139cd6a82eaa934d5d411029;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 06:21:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 91_Pv2sUA4286BEZXTKFctgZOrzWy6VWFDGiUV3_p_QnyckRDFb-lw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:51:29 GMT
age: 3012
etag: "07fafbd614cdb49f20bceea29d5e684725d3bdf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12655 bytes)
Hash
1039182464db1365a476dd88029b97d8
06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac
2e081da1464a18d755a841558f63303634a9e22df888c9c43246565abfc3d48d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12655
x-amzn-requestid: beeeccd0-a494-4d0c-91e9-0d1e2ab37b6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YoFmMIAMFT4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-60f5e2286cf3965a42ab31b9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CiGOvF7Lmz8cICQcjUcE6QGokbAIAd3WClI4PK_aDSxo-yHVcPPA7w==
via: 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:29 GMT
age: 3372
etag: "06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38aeadfb-098c-4e6a-8abc-40288efe2526.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.8 kB (3751 bytes)
Hash
609419f1a2c58ae67febde5e2cb91c9f
bfb37735a2500848338a8fa12f28516a1ad9b5ba
32a4a65c8bd4da715b5331537bd606bab2767ad8c07af3b8aebbe5cad5591812

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38aeadfb-098c-4e6a-8abc-40288efe2526.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3751
x-amzn-requestid: 80396218-5515-4f77-9d57-95b323e1f1c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzNHHGGoAMF8mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbed-09f83d1a5b7f65175fb137ab;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _mQdH9J5CaTiYNIQf5xVn-HGUP5tKhW_1foVDdpsVIoG_NKb9wZOJg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:48:09 GMT
age: 3212
etag: "bfb37735a2500848338a8fa12f28516a1ad9b5ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lkpmprksau.com/get/1942064?zoneid=1942064&jp=_clrrkxymhbynsz12wv6af3&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4050084838963371

62.122.171.6

200 OK

0 B

URL HTTP/2
lkpmprksau.com/get/1942064?zoneid=1942064&jp=_clrrkxymhbynsz12wv6af3&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4050084838963371
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /get/1942064?zoneid=1942064&jp=_clrrkxymhbynsz12wv6af3&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4050084838963371 HTTP/1.1
Host: lkpmprksau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=221130174186e2e74faf3d4b9cbc4ed1bc7e; Path=/; Expires=Thu, 30 Nov 2023 22:41:39 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

lkpmprksau.com/lv/esnk/1942064/code.js

62.122.171.6

200 OK

0 B

URL HTTP/2
lkpmprksau.com/lv/esnk/1942064/code.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lv/esnk/1942064/code.js HTTP/1.1
Host: lkpmprksau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-1aaa0"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_2

62.122.171.6

200 OK

0 B

URL HTTP/2
owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_2
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /lv/esnk/1942061/code.js?pid=_cb-1942061_2 HTTP/1.1
Host: owlunimmvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:40 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-1aaa0"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.8.2/css/all.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.8.2/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.8.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentailib.net
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: text/css
x-amz-id-2: cDTsB+DgHVeidYsR2svorG5XLQawCnkrMjkaTa7wJJwhHRHIi2B9geRjR+2dW6L1gPpcJ+tWGmM=
x-amz-request-id: 73382GE1F5A0FW74
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
etag: W/"77cbad34e5ce95e70847b074e05faeab"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2195771
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZ9qnd0KTQcgjzPMyvlB2yS2xMuj5554V%2FVFysNGu40vG10BwOj5Bie3muVtmqaIURPoNqGGo93whJKOvqx3kCIEtnhQmHK%2BmPuZLeHSC6UPPXUbyZEwXofnZ1rcGIO3bkqmKhRe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7727177ded62405e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_0

62.122.171.6

200 OK

0 B

URL HTTP/2
owlunimmvn.com/lv/esnk/1942061/code.js?pid=_cb-1942061_0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /lv/esnk/1942061/code.js?pid=_cb-1942061_0 HTTP/1.1
Host: owlunimmvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:40 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-1aaa0"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

lkpmprksau.com/get/1942066?zoneid=1942066&jp=_cl75u0j0bbne0jxt2iwvs4&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5738934699181138

62.122.171.6

200 OK

0 B

URL HTTP/2
lkpmprksau.com/get/1942066?zoneid=1942066&jp=_cl75u0j0bbne0jxt2iwvs4&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5738934699181138
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /get/1942066?zoneid=1942066&jp=_cl75u0j0bbne0jxt2iwvs4&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5738934699181138 HTTP/1.1
Host: lkpmprksau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentailib.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 22:41:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2211301741431e00d751f34e8c9a1c419efa; Path=/; Expires=Thu, 30 Nov 2023 22:41:39 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP