| hentaiz.org/xfsearch/2022%20%D0%B3%D0%BE%D0%B4/ | 104.21.35.183 | 301 Moved Permanently | 0 B |
URL HTTP/1.1hentaiz.org/xfsearch/2022%20%D0%B3%D0%BE%D0%B4/ IP104.21.35.183:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xfsearch/2022%20%D0%B3%D0%BE%D0%B4/ HTTP/1.1
Host: hentaiz.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 30 Aug 2022 21:56:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 30 Aug 2022 22:56:44 GMT
Location: https://hentaiz.org/xfsearch/2022%20%D0%B3%D0%BE%D0%B4/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BRZUlYJOU0K8ayBStEKsXcsdU0D4FHQm%2F6EuiQHA5c9%2BkKgiMw9BXBSXYrRsfN9cBG7qsFbGYLEkMA7IjRNhGw0fy9RYFNJ5GLOIL8Le5bd92Ul9%2FwEIj9n961AFg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7430c7303b38b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.115 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash99b7d23c1748d0526782b9ff9ea45f09 eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 30 Aug 2022 21:19:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ksV00hfbraYfmAM2MIxEG9kLAMDS-vWjg3QHT17E0nVgGSLaLyWfNg==
Age: 2243
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash517693963cc46e7a35a054296d0edfd5 11dfcd7e118e5f8d31e664e56ac29c57f973b8b3 ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2474
Expires: Tue, 30 Aug 2022 22:37:58 GMT
Date: Tue, 30 Aug 2022 21:56:44 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.49 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.49:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 29 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Vs19E86aygdXhrqbGHIWK0OWPqzuH7xM6Zy5rxRsrJe78ms9cWzvfA==
age: 84046
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 21:56:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| a.realsrv.com/ad-provider.js | 205.185.216.42 | 200 OK | 24 kB |
URL HTTP/1.1a.realsrv.com/ad-provider.js IP205.185.216.42:0
File typeASCII text, with very long lines (65536), with no line terminators Hash93847b4fcf5aa0b6bda249d90c522139 77da55ffcb95f1b793b48c656aa24a0f765c6fd4 6f1b4c8323258030e79776838a788c52b1b2f845f4436078ef31a49831d78f47
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:56:44 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23721
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"4b8742770a4d1fdfd0603a54e5a"
X-HW: 1661896604.dop231.sk1.t,1661896604.cds258.sk1.shn,1661896604.dop231.sk1.t,1661896604.cds207.sk1.c
Access-Control-Allow-Origin: *, *
|
|
| cdn.discordapp.com/attachments/711905473846050847/759068066616574032/discord_soc.png | 162.159.130.233 | 200 OK | 2.5 kB |
URL HTTP/2cdn.discordapp.com/attachments/711905473846050847/759068066616574032/discord_soc.png IP162.159.130.233:0
File typePNG image data, 311 x 74, 8-bit colormap, non-interlaced\012- data Hash8fc7d2c0d6d087c2672761f3f9b351b6 6c9e9e2eb31ba774c413721e4e81a87713a7d6d8 a184aefdfce374cabdb90b48923b8187696b577a02e132c30aa30ae2bf0b142d
GET /attachments/711905473846050847/759068066616574032/discord_soc.png HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 30 Aug 2022 21:56:44 GMT
content-type: image/png
content-length: 2487
cf-ray: 7430c734bd10b4f4-OSL
accept-ranges: bytes
age: 344300
cache-control: public, max-age=31536000
etag: "8fc7d2c0d6d087c2672761f3f9b351b6"
expires: Wed, 30 Aug 2023 21:56:44 GMT
last-modified: Fri, 25 Sep 2020 15:05:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-generation: 1601046329911276
x-goog-hash: crc32c=rKT95g==, md5=j8fSwNbQh8JnJ2Hz+bNRtg==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2487
x-guploader-uploadid: ABg5-UzH9ukC20pAv-exqDZ0_4ZFvNQNI6g93SvDiM-vb0WETKOpr_3Izimhl_UHHTV86iZ3GcapwikyUpxtkvlVNKk
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oFLc9kes7JiWFnooG8KIP488fTj9K1nsAQlNLt4WQcTilLWliHo%2FYFz852r4nhw1vzS0Sc9TI1COqb7jd3pzuHSlwfzryu2UrIyamqFEHKycfHgCn%2BGDaMFFn7%2B75ZHJnkfPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashfe244465a99d48f257a3dda7ab28c6b8 69c89374520ca54adda7fd15ccb069def5fb3663 8f9938ffef09d02563d617ac9ff1ce97b05c5bf52b64f6724b9f19a5e90965f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashfe244465a99d48f257a3dda7ab28c6b8 69c89374520ca54adda7fd15ccb069def5fb3663 8f9938ffef09d02563d617ac9ff1ce97b05c5bf52b64f6724b9f19a5e90965f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:56:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| syndication.realsrv.com/splash.php?idzone=4704974 | 95.211.229.246 | 200 OK | 3.6 kB |
URL HTTP/1.1syndication.realsrv.com/splash.php?idzone=4704974 IP95.211.229.246:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeHTML document, ASCII text, with very long lines (3226) Hash09c508cbf71f4ec65bce1a911057b1e9 86a2dd6432ef3747cd8504604cb381beaed2a4c6 851d82fcfe3a1e09705af358c18c93599ca5bb3582fa550304b50c73fac87929
GET /splash.php?idzone=4704974 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 30 Aug 2022 21:56:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22630e879ce89270.50646843159434462%22%3B%7D; expires=Thu, 29 Aug 2024 21:56:44 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding: gzip
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.115 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 30 Aug 2022 21:17:12 GMT
Expires: Tue, 30 Aug 2022 21:28:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B-LLidNMLDS4RMq7DxxhC-KXR-qf8p7UUCVhNYHGh2GM7X55jPBiFw==
Age: 2373
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashf67e41cdd7e5f2aa8f93d031979c9109 5f4c0093f9bf8f8e48e0d7f56ed31aba0c6f43f6 608e2b7d208977f18da12165c9eb1539656d7754dc49f3f687736151a4810e06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4886
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:56:45 GMT
Last-Modified: Tue, 30 Aug 2022 20:35:19 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash0982b9e784a0a990d6318c92e33860a1 764377c393017e86d98a696da455509cba1806ac 27a19ec4ca0a052faface8ad45dca4d9a4a739c658d10f0e693aea065bdc607f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:56:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtag/js?id=G-NPVPT881WG | 142.250.74.72 | 200 OK | 74 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-NPVPT881WG IP142.250.74.72:0
File typeASCII text, with very long lines (14270) Hashd86ae618c7296c6b12c4aba438b24369 664476291685c3df84a2fda6a4134c0a22ecd4dd 4db171032cbd60ac20d09c676ed5fbe0e288155cc85defb99e996e4fafc85e7b
GET /gtag/js?id=G-NPVPT881WG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 Aug 2022 21:56:45 GMT
expires: Tue, 30 Aug 2022 21:56:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash0982b9e784a0a990d6318c92e33860a1 764377c393017e86d98a696da455509cba1806ac 27a19ec4ca0a052faface8ad45dca4d9a4a739c658d10f0e693aea065bdc607f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:56:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| syndication.realsrv.com/v1/api.php | 95.211.229.246 | 200 OK | 1.0 kB |
URL HTTP/1.1syndication.realsrv.com/v1/api.php IP95.211.229.246:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJSON data\012- , ASCII text, with very long lines (1376), with no line terminators Hash969d90f888958c1d1e6005c0f0c4b522 6342070de92d8bd626b038a3ca1dad7bd4e5e37c c5526f617c801f03a60c3d07ffe60b89ee6cf59d9b1e1799558f7a2f43dd85ea
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 271
Origin: https://hentaiz.org
Connection: keep-alive
Referer: https://hentaiz.org/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22630e879ce89270.50646843159434462%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 30 Aug 2022 21:56:45 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://hentaiz.org
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| syndication.realsrv.com/cimp.php?t=imp&data=H4sIAAAAAAAAA1VOy04DQQz7FX6gIyeTxwxnuIJU1A/YpbvABSTEoUL+eGZbtRLxIbZiOVao7tB2FXeS9x735uxSOoppETc+Pe9pwvfl82f6+C1f3280DXhn9m4Bdu+tBy1hPY29D9rSM5hulh5GcVZiQL2abaxAEOGKkGpahxc8vDzw8bCnFMD0uoIVOKmDcu5CA0cicdoCJ9V1ymVejq/IavNa67wCbUaPlpKb8V93XFAQ46RXySpWdXzbyU0Yx4DnM3lzXhDn4EZrW6/ZgaXmUaaQJaxXUV9F2nFKM5/jD6epY+llAQAA&d=inst | 95.211.229.246 | 200 OK | 20 B |
URL HTTP/1.1syndication.realsrv.com/cimp.php?t=imp&data=H4sIAAAAAAAAA1VOy04DQQz7FX6gIyeTxwxnuIJU1A/YpbvABSTEoUL+eGZbtRLxIbZiOVao7tB2FXeS9x735uxSOoppETc+Pe9pwvfl82f6+C1f3280DXhn9m4Bdu+tBy1hPY29D9rSM5hulh5GcVZiQL2abaxAEOGKkGpahxc8vDzw8bCnFMD0uoIVOKmDcu5CA0cicdoCJ9V1ymVejq/IavNa67wCbUaPlpKb8V93XFAQ46RXySpWdXzbyU0Yx4DnM3lzXhDn4EZrW6/ZgaXmUaaQJaxXUV9F2nFKM5/jD6epY+llAQAA&d=inst IP95.211.229.246:0 ASN#60781 LeaseWeb Netherlands B.V.
Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=imp&data=H4sIAAAAAAAAA1VOy04DQQz7FX6gIyeTxwxnuIJU1A/YpbvABSTEoUL+eGZbtRLxIbZiOVao7tB2FXeS9x735uxSOoppETc+Pe9pwvfl82f6+C1f3280DXhn9m4Bdu+tBy1hPY29D9rSM5hulh5GcVZiQL2abaxAEOGKkGpahxc8vDzw8bCnFMD0uoIVOKmDcu5CA0cicdoCJ9V1ymVejq/IavNa67wCbUaPlpKb8V93XFAQ46RXySpWdXzbyU0Yx4DnM3lzXhDn4EZrW6/ZgaXmUaaQJaxXUV9F2nFKM5/jD6epY+llAQAA&d=inst HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaiz.org
Connection: keep-alive
Referer: https://hentaiz.org/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22630e879ce89270.50646843159434462%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 30 Aug 2022 21:56:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://hentaiz.org
Access-Control-Allow-Credentials: true
Set-Cookie: impressions=mxmssbsanxgxaraaxosbageicxbmsboenxgxaaxboerxageialeblerenxgxarmeomobrgeimxmbasacnxgxaraaoasaageicxbmsbcenxgxaaxblcbacgeialeblecenxgxaralsbsaxgeimxmbasmbnxgxaraaolroageioslmrxbrnxgxaaxbbrelcgeicxbmsbocnxgxaaxblesccgeimsclxcabnxgxaramcssbcgeicxbmsbxcnxgxaaxblexlxgeialbserxenxgxaaxbsccmxgeioslmrxlrnxgxaaxcaoormgeimscamxrbnxgxaramxrbclgeimsclxreenxgxaramcssbcgeimxmssbrenxgxaramcsmccgeicraxcrebnxgxarmcrsxcxgeislsarosxnxgxaaxblexlxgeicmexsleonxgxarabcxolegeioslmrxbmnxgxaaxblesccgeirsxcecsenxgxarabbcraxgeialbserebnxgxaaxbxlaaogeioslmroemnxgxaaxbsaslsgeicmexsblcnxgxarmrcmolageiaaoboxbonxgxaralmcosrgeiamxmbxbonxgxaralsbsolgeimscamxccnxgxaralsbsaxgeiaaoabboonxgxarmeomobrgeislsaroornxgxaaxollooxgeimooxbxeanxgxarmescrbbgeirsxcecsbnxgxarmelblebgeicmexslxcnxgxarmcbccrbgeicraxcrocnxgxarmsoerxxgeicraxcclanxgxarmxmcmmcgeicmexslecnxgxarmsembabgeicraxcreanxgxarmaarabageirsxcecccnxgxarmoocmexgeicraxcrxanxgxarmarlrxmgeialbserxonxgxaaxxcmeaegeimcelelronxgxarbsrmlaageirsxcecxanxgxarbccmbcsgeirbabxabbnxgxaaxobsolageicmeecrxcnxgxarmbexrmogeicmeecclonxgxarmorasemgeialbsereanxgxaaxsosbblgeicmexslxonxgxarmcxcaregeicaxsscmbnxgxaaxbsccmxgeicmeexcaenxgxarmcxsxcageimcelelrcnxgxarmcxsxcageimcelelcenxgxarmcxsxcageimcoexclonxgxarmcxsxcageialbserecnxgxaaecsrerrgeicmeeccbcnxgxarmcarxemgeicmexsblenxgxarmarlrxmgeimcoexaabnxgxaaeosmmecgeimcoexasbnxgxaaeosmmecgeicmeecrecnxgxarmrxsamageicraxcroonxgxarmrasloageicmexrxxonxgxarmaarabageimcoexaxonxgxarbblarblgeicaormbbenxgxarlexsrrageimcebllronxgxarmarlrxmgeirbabxalenxgxarmabbsmmgeicraxcroenxgxarmbexrmogeirsxcecsonxgxarmbrrcsegeimcoexxlonxgxarbsasblxgeimcoexasanxgxaaexxllbrgeiroeaablbnxgxarlrlxmeegeimcoexarenxgxarlcbxlxageimcoexabbnxgxarbxeocasgeimcoexrlonxgxarbblarblgeimooxbelbnxgxarbexxealgeirsxcecebnxgxarbsasblxgeimcoexrlcnxgxarlcbxlxageimcoexaaanxgxarlcbxlxageirsxcecxenxgxarbxxxolxgeiraaoxbbcnxgxarbellsrxgeimcelelcanxgxaaxarbxxegeioslmrxlsnxgxaaxblexlxgeicaormbmanxgxaaxxlcxbmgeicaormlxcnxgxarbobbbbmgeicaormbbanxgxaaeoxexsxgeicaormlxanxgxarbobbbbmgeimcelelranxgxarbsrmlaageimcersrocnxgxarbsasblxgeimcoexaxcnxgxarbcslxbcgeisaeeasslnxgxarlmbxoosgeimcersxbenxgxaaxacacesgeimcersxacnxgxarbroammrgeicaormloenxgxaaeoxexsxgeimcersoeenxgxarbroammrgeimcelelaanxgxarbrboxregeimcelelbenxgxarbrboxregeimcoexaxbnxgxarbmrmscmgeimcoexamenxgxarbblarblgeimcoexabanxgxarbblarblgeimcoexacanxgxarbblarblgeimcoexaoonxgxarblslrsxgeimcclsxbcnxgxaaeosmmecgeimcclsoeonxgxaaxebmmobgeicaormleanxgxaaxxemrecgeimcclsebcnxgxarlexorssgeimcclsxmenxgxaaeoaolesgeimcclossbnxgxaaelalbbbgeimcclsxlenxgxarlesreebgeimcclsxsonxgxaaexxllbrgeimcclsxxcnxgxarlalasssgeimcclsxlanxgxaaemmeambgeimcclsxscnxgxaaxebmmobgeicaormbmbnxgxaaemaolsbgeimcclselcnxgxarleomllegeimccloscenxgxaaersaolbgeimcclsxaanxgxarlesreebgeimcclselanxgxaaebsleobgeimcclsebbnxgxarlcbxlxageicaormbmcnxgxarloeaexageicaormlxonxgxarlmbxoosgeiclsmrrrenxgxarloalasrgeiclsmarcanxgxarloalasrgeiclsmrbronxgxarloalasrgeimcclsxronxgxaaxarbxxegeimcclsxmanxgxaaexxsoasgeimcclossanxgxaaexxllbrgeimcclsxaonxgxaaxarbxxegeimcoexasonxgxarlcbxlxageimcclsxabnxgxarlreooaageimcclosscnxgxaaxxcmeaegeimcclsxlbnxgxaaxbsaslsgeimcclsxbbnxgxarlalasssgeicaormbbonxgxaaeoxexsxgeimcclsxcanxgxaaxxcmeaegeimcclsxmbnxgxaaeebrxsegeimcclsxxonxgxaaxobsolageimcclsxsbnxgxaaxbsaslsgeimcclsxcbnxgxaaexxllbrgeimcclsxmonxgxaaexoembogeimcclsxconxgxaaxbxlaaogeimcclselenxgxaaesmsscageimcclsxmcnxgxaaeosmmecgeimcoexacbnxgxaaeosmmecgeimcclsxbanxgxaaeoaolesgeimcclsebanxgxaaesobbblgeimcclsxxanxgxaaesalmmsgeimcclsxacnxgxaaemaexsegeimcoexcccnxgxaaecebcslgeimcclsxocnxgxaaesmsscageimcclsxbenxgxaaesalmlageimcclsxsenxgxaaeassbmlgeimcclsxrenxgxaaesmsscageimcclosccnxgxaaecexaasgeimcclsxobnxgxaaxmsebbegeimcelelsanxgxaaecebcslgeimcelelmanxgxaaecebcslgeimcclsxlonxgxaaxarbxxegeimcclsxlcnxgxaaxsxrlcsgeimcclosconxgxaaxbxlaaogeimrerbboanxgxaaemsosmogeicaormlxenxgxaaxacacesgeicaormbbcnxgxaaemrobacgeimrscomecnxgxaaxeeaxaegeimcclsxsanxgxaaxebmmobgeimcrxsbobnxgxaaxxxmxebgeimcoexsacnxgxaaxxcmeaegeimrscomeenxgxaaxsbxmrcgeimrcrbrxenxgxaaxrxelsbgeimcersxlbnxgxaaxacacesgeimcelelrenxgxaaxarbxxegeimrerbbsbnxgxaaxmbaarogeimcssmlrensgxaaxbxxloxgxcceimclobeoenxgxaaxbxxlosgxcceimclsaoxbncgxaaxbxsombgxcceimxeoxsbenrgxaaxbxlaaogxcceimxlbmxlcnogxaaxbxlaaogxcceimcoaxmxoncgxaaxbxlaaogxcceimeembeconxgxaaxbxlaaogxcceimcoaxmxcncgxaaxbxlaaogxcceimxlbalsbnogxaaxboeoxmgxcceimxeoclbanxgxaaxboeoxmgxcceimxlbmoscnogxaaxboerxagxcceimrccmraanxgxaaxboerxbgxcceiceecmorsnxgxaaxboerxbgxcceimcorllcanagxaaxboerxbgxcceimrsreamcnsgxaaxbocorxgxcceimrsreamensgxaaxboccbmgxcceimrsreabonsgxaaxboaarrgxcceimrcabexanxgxaaxbomxacgxcceimrsreamanogxaaxbomorbgxcceimrsreabensgxaaxbsesxxgxcceiclclsrmenogxaaxbsxlexgxcceimrxccosenogxaaxbsxlexgxcceimcssmlronsgxaaxbsxlexgxcceimxomsmconxgxaaxbscmasgxcceimrrsoxecnxgxaaxbscbsagxcceimrrsxbxcnxgxaaxbscbsagxcceialaroxrcnxgxaaxbscbrxgxcceimxxerrecnxgxaaxbsaslsgxcceixaoosscrnxgxaaxbcxamrgxcceialrexexbnxgxaaxbcxamrgxcceimrxccoscnxgxaaxbccssmgxcceimexexabbnxgxaaxbccssmgxcceimrsreamonxgxaaxbrrellgxcceiaaxcabaonxgxaaxbrborxgxcceimocolroanogxaaxbacaaagxcceixaoossalnxgxaaxbaasllgxcceimeembesonxgxaaxbaasllgxcceiaaxcamlenrgxaaxbamlebgxcceimxlbalcenogxaaxbamlebgxcceimxlbmxlenxgxaaxbamlebgxcceimxlbmxbbnogxaaxbamlebgxcceimxxrecsanxgxaaxbalrlrgxcceialoxxalenxgxaaxbalrlrgxcceimrcaeesbnrgxaaxbmxoeogxcceimrccmracnrgxaaxbmxoeogxcceimeembecenxgxaaxbmxoeogxcceimeembescnxgxaaxbmxoeogxcceimxlbmosenogxaaxbmxoeogxcceimxlbmoconxgxaaxbmxaslgxcceialbbebsbnxgxaaxbmxaslgxcceimxcbrxscnxgxaaxbmxaslgxcceimrcaoaoanmgxaaxbmrlolgxcceimsacexoonxgxaaxbbeblmgxcceimemlxbocnxgxaaxbbeblmgxcceimcssmlrcnsgxaaxbbeblmgxcceimslxlbocnxgxaaxbbobaagcbeimxlbalscnogxaaxblexlxgxcceixbblrmlanxgxaaxblexlxgxcceimocolrocnxgxaaxblescrgxcceimclobexbnxgxaaxblescrgxcceimxomsmcenxgxaaxblerlrgxcceicmarxbbonxgxaaxblerlagxcceimrxccosbnxgxaaxblxbxlgxcceimocbmmmanxgxaaxbloebbgxcceiallxlmscnxgxaaxblomoogxcceimxxerrxenxgxaaxblcbacgxcceimxlbmxlonxgxaaxblcbacgxcceiaaserllenxgxaaxblcbargxcceicloaecocnxgxaaxblcbargxcceiaaserlmbnxgxaaxblasoegxcce; expires=Wed, 31 Aug 2022 21:56:45 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding: gzip
|
|
| s3t3d2y8.afcdn.net/images/close-icon-circle.png | 185.76.9.22 | 200 OK | 405 B |
URL HTTP/2s3t3d2y8.afcdn.net/images/close-icon-circle.png IP185.76.9.22:0 ASN#60068 Datacamp Limited
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Hashbc8bf5d1633e548e9a178bf29be30b7b bd290b6eabd73d2c95db053620797503e9178484 94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb
GET /images/close-icon-circle.png HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 30 Aug 2022 21:56:45 GMT
content-type: image/png
content-length: 405
last-modified: Wed, 29 Jun 2022 13:13:10 GMT
etag: "62bc4fe6-195"
expires: Fri, 30 Jun 2023 18:46:41 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195204
server: CDN77-Turbo
x-77-nzt: AblMCRS4sa7/mepPAA
x-77-nzt-ray: P1qsJ4OUM0w
x-cache: HIT
x-age: 5237401
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| agle21xe2anfddirite.com/solid.gif?z=1892942&abvar=18 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2agle21xe2anfddirite.com/solid.gif?z=1892942&abvar=18 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /solid.gif?z=1892942&abvar=18 HTTP/1.1
Host: agle21xe2anfddirite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaiz.org
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 21:56:45 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| syndication.realsrv.com/splash.php?idzone=4708742&orientation=landscape&screen_resolution=1280x1024&p=https%3A%2F%2Fhentaiz.org%2Fxfsearch%2F2022%2520%25D0%25B3%25D0%25BE%25D0%25B4%2F&cookieconsent=true | 95.211.229.246 | 200 OK | 1.1 kB |
URL HTTP/1.1syndication.realsrv.com/splash.php?idzone=4708742&orientation=landscape&screen_resolution=1280x1024&p=https%3A%2F%2Fhentaiz.org%2Fxfsearch%2F2022%2520%25D0%25B3%25D0%25BE%25D0%25B4%2F&cookieconsent=true IP95.211.229.246:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJSON data\012- , ASCII text, with very long lines (1497), with no line terminators Hashf3c8d4fbfe138dbaf08195b6ffb9b486 6764fb2790ed106bb3a15646e49bc1be35e74ee6 b4133874673b39dba406af8b8cc6ac35e9a9f62e9d5a046b676db59fb16f9944
GET /splash.php?idzone=4708742&orientation=landscape&screen_resolution=1280x1024&p=https%3A%2F%2Fhentaiz.org%2Fxfsearch%2F2022%2520%25D0%25B3%25D0%25BE%25D0%25B4%2F&cookieconsent=true HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaiz.org
Connection: keep-alive
Referer: https://hentaiz.org/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22630e879ce89270.50646843159434462%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 30 Aug 2022 21:56:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://hentaiz.org
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22630e879ce89270.50646843159434462%22%3B%7D; expires=Thu, 29 Aug 2024 21:56:45 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-iframe-link%22%3A%22v3%7C%7CNOR%7C4708742%7C75079086%7C0%7C900x1600%7C110%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C630e879ce89270.50646843159434462%7C855b1d30d6fbd05236ceaf11f5e139b5%7C0%7Chentaiz.org%7C1280x1024%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Wed, 31 Aug 2022 21:56:45 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding: gzip
|
|
| s3t3d2y8.afcdn.net/library/426059/d513159ebac104c37b82c3bb25e708612fa2a412.mp4 | 185.76.9.22 | 206 Partial Content | 55 kB |
URL HTTP/2s3t3d2y8.afcdn.net/library/426059/d513159ebac104c37b82c3bb25e708612fa2a412.mp4 IP185.76.9.22:0 ASN#60068 Datacamp Limited
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Hash6ae9467c9c0c6544329334ba9805428a d513159ebac104c37b82c3bb25e708612fa2a412 099ab460aa2e6708b42651b8c2e8009e8cd150cde0300486617f4dd93fa70272
GET /library/426059/d513159ebac104c37b82c3bb25e708612fa2a412.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 30 Aug 2022 21:56:45 GMT
content-type: video/mp4
content-length: 55369
last-modified: Thu, 25 Aug 2022 16:11:43 GMT
etag: "63079f3f-d849"
expires: Fri, 25 Aug 2023 16:31:06 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1692981380
server: CDN77-Turbo
x-77-nzt: AblMCRSBzCb/meIGAA
x-77-nzt-ray: 9yKdZrfPQWU
x-cache: HIT
x-age: 451225
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-55368/55369
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 34.213.33.47 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.213.33.47:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SShYO6to1xAGX4XFOPmXLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zEEeItk4S46zoQqARszBw9/j92I=
|
|
| s3t3d2y8.afcdn.net/library/426059/d513159ebac104c37b82c3bb25e708612fa2a412.mp4 | 185.76.9.22 | 206 Partial Content | 55 kB |
URL HTTP/2s3t3d2y8.afcdn.net/library/426059/d513159ebac104c37b82c3bb25e708612fa2a412.mp4 IP185.76.9.22:0 ASN#60068 Datacamp Limited
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Hash6ae9467c9c0c6544329334ba9805428a d513159ebac104c37b82c3bb25e708612fa2a412 099ab460aa2e6708b42651b8c2e8009e8cd150cde0300486617f4dd93fa70272
GET /library/426059/d513159ebac104c37b82c3bb25e708612fa2a412.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 30 Aug 2022 21:56:45 GMT
content-type: video/mp4
content-length: 55369
last-modified: Thu, 25 Aug 2022 16:11:43 GMT
etag: "63079f3f-d849"
expires: Fri, 25 Aug 2023 16:31:06 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1692981380
server: CDN77-Turbo
x-77-nzt: AblMCRT1Jb3/meIGAA
x-77-nzt-ray: X3yS40MPhd8
x-cache: HIT
x-age: 451225
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-55368/55369
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/library/802598/dce7142b63f938d80d1b3e1bc9bb2ef05d9417b4.webp | 185.76.9.22 | 200 OK | 76 kB |
URL HTTP/2s3t3d2y8.afcdn.net/library/802598/dce7142b63f938d80d1b3e1bc9bb2ef05d9417b4.webp IP185.76.9.22:0 ASN#60068 Datacamp Limited
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 900x1600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash63f833f94561c41bbf32b2d0bf5c8455 dce7142b63f938d80d1b3e1bc9bb2ef05d9417b4 17552969442f963a131fc77fb470ed938c568bcbd1e5c852141f8e1dff40f634
GET /library/802598/dce7142b63f938d80d1b3e1bc9bb2ef05d9417b4.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 30 Aug 2022 21:56:45 GMT
content-type: image/webp
content-length: 75518
last-modified: Fri, 01 Jul 2022 10:14:43 GMT
etag: "62bec913-126fe"
expires: Fri, 04 Aug 2023 11:54:33 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1691228418
server: CDN77-Turbo
x-77-nzt: AblMCRQvE7j/G6IhAA
x-77-nzt-ray: YfktzQflR4U
x-cache: HIT
x-age: 2204187
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VPSU7DQBD8Ch/wqNeZ6ZzhClJQHmDHHuCSSMAhoHo8Ywci0XXorVRdLSQyUB2U7rjsPO/MEZyCkkliNzw+7WGM1+X0Ob59p/P7C0wyeaBEWCaER40MK31mgohe1uIlo7hZ8Wxgh4I6xNVsrRIxWfXwGkWUO5dweL7Hw2EPTkRd6DcJlOgiTuDNC4zQFUGXVbC6TzwrzblNM7loPi5jY26+sMbkK/Gfd7oikZe+k78eyqbSzw18aww9CNt6/Pg6HYEb/QrfBCqsru5q6Q8XbpN7WbR1a1LrtGgN1aY5fgCEyxdjawEAAA== | 95.211.229.246 | 200 OK | 20 B |
URL HTTP/1.1syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VPSU7DQBD8Ch/wqNeZ6ZzhClJQHmDHHuCSSMAhoHo8Ywci0XXorVRdLSQyUB2U7rjsPO/MEZyCkkliNzw+7WGM1+X0Ob59p/P7C0wyeaBEWCaER40MK31mgohe1uIlo7hZ8Wxgh4I6xNVsrRIxWfXwGkWUO5dweL7Hw2EPTkRd6DcJlOgiTuDNC4zQFUGXVbC6TzwrzblNM7loPi5jY26+sMbkK/Gfd7oikZe+k78eyqbSzw18aww9CNt6/Pg6HYEb/QrfBCqsru5q6Q8XbpN7WbR1a1LrtGgN1aY5fgCEyxdjawEAAA== IP95.211.229.246:0 ASN#60781 LeaseWeb Netherlands B.V.
Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA1VPSU7DQBD8Ch/wqNeZ6ZzhClJQHmDHHuCSSMAhoHo8Ywci0XXorVRdLSQyUB2U7rjsPO/MEZyCkkliNzw+7WGM1+X0Ob59p/P7C0wyeaBEWCaER40MK31mgohe1uIlo7hZ8Wxgh4I6xNVsrRIxWfXwGkWUO5dweL7Hw2EPTkRd6DcJlOgiTuDNC4zQFUGXVbC6TzwrzblNM7loPi5jY26+sMbkK/Gfd7oikZe+k78eyqbSzw18aww9CNt6/Pg6HYEb/QrfBCqsru5q6Q8XbpN7WbR1a1LrtGgN1aY5fgCEyxdjawEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaiz.org
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 30 Aug 2022 21:56:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
|
|
| limurol.com/ssp/req/1892942/?pb=4f484f0f21e117ac2f0e5be5c9c5c6941661903805&psp=qwV9Bv2pbXIBqMBLPzQExn7K_-rlBfakmJjRcJCSC_mvY2iEIXOplHmGnFprqny_0DMDvRs2r3Xb2BQ4YeTVNWwAH34yruX5D4N2ttbXsbR50h2H9D_1sNSP7-UnJwv8E3FPCseRVNvQKxgxY8CGGYSF_scau2CzhYVhXzZt0Wr5MTggjgYzzKew32zqEcyjqUTu0qTEEZomiBxmwiNVdViEfrubOG83N58q5YOez7ZvjPuT4WH6eydwIVGGontnPns6l2TIAFQWDuMBGBiR5qzGEBlcm8nWOhfyTRmsCrzfOsPcpUjWwI9X1xvBptfimU3S6tNmAcz5r8lP7Vclky4zKdsuwXeJZgr8VE7weXBqjqK5wjDBWDeREHgUn0Va3NWCOFrptSnPvCiH-PY4k-SwUS8BZkQFV0AlFk4Q-DZDSexNguLCqtvbEwAjb4dFvH7vP1mvNznO5B-t_Wf5UAE=&cb=_clkp0pflpp8v2b0kplvovn&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 | 62.122.171.6 | 200 OK | 7 B |
URL HTTP/2limurol.com/ssp/req/1892942/?pb=4f484f0f21e117ac2f0e5be5c9c5c6941661903805&psp=qwV9Bv2pbXIBqMBLPzQExn7K_-rlBfakmJjRcJCSC_mvY2iEIXOplHmGnFprqny_0DMDvRs2r3Xb2BQ4YeTVNWwAH34yruX5D4N2ttbXsbR50h2H9D_1sNSP7-UnJwv8E3FPCseRVNvQKxgxY8CGGYSF_scau2CzhYVhXzZt0Wr5MTggjgYzzKew32zqEcyjqUTu0qTEEZomiBxmwiNVdViEfrubOG83N58q5YOez7ZvjPuT4WH6eydwIVGGontnPns6l2TIAFQWDuMBGBiR5qzGEBlcm8nWOhfyTRmsCrzfOsPcpUjWwI9X1xvBptfimU3S6tNmAcz5r8lP7Vclky4zKdsuwXeJZgr8VE7weXBqjqK5wjDBWDeREHgUn0Va3NWCOFrptSnPvCiH-PY4k-SwUS8BZkQFV0AlFk4Q-DZDSexNguLCqtvbEwAjb4dFvH7vP1mvNznO5B-t_Wf5UAE=&cb=_clkp0pflpp8v2b0kplvovn&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP62.122.171.6:0
File typeASCII text, with no line terminators Hasha97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /ssp/req/1892942/?pb=4f484f0f21e117ac2f0e5be5c9c5c6941661903805&psp=qwV9Bv2pbXIBqMBLPzQExn7K_-rlBfakmJjRcJCSC_mvY2iEIXOplHmGnFprqny_0DMDvRs2r3Xb2BQ4YeTVNWwAH34yruX5D4N2ttbXsbR50h2H9D_1sNSP7-UnJwv8E3FPCseRVNvQKxgxY8CGGYSF_scau2CzhYVhXzZt0Wr5MTggjgYzzKew32zqEcyjqUTu0qTEEZomiBxmwiNVdViEfrubOG83N58q5YOez7ZvjPuT4WH6eydwIVGGontnPns6l2TIAFQWDuMBGBiR5qzGEBlcm8nWOhfyTRmsCrzfOsPcpUjWwI9X1xvBptfimU3S6tNmAcz5r8lP7Vclky4zKdsuwXeJZgr8VE7weXBqjqK5wjDBWDeREHgUn0Va3NWCOFrptSnPvCiH-PY4k-SwUS8BZkQFV0AlFk4Q-DZDSexNguLCqtvbEwAjb4dFvH7vP1mvNznO5B-t_Wf5UAE=&cb=_clkp0pflpp8v2b0kplvovn&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 21:56:45 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=220830165603d363767c5a43498caf963fde; Path=/; Expires=Wed, 30 Aug 2023 21:56:45 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| limurol.com/ssp/req/1892942/?pb=4f484f0f21e117ac2f0e5be5c9c5c6941661903805&psp=qwV9Bv2pbXIBqMBLPzQExn7K_-rlBfakmJjRcJCSC_mvY2iEIXOplHmGnFprqny_0DMDvRs2r3Xb2BQ4YeTVNWwAH34yruX5D4N2ttbXsbR50h2H9D_1sNSP7-UnJwv8E3FPCseRVNvQKxgxY8CGGYSF_scau2CzhYVhXzZt0Wr5MTggjgYzzKew32zqEcyjqUTu0qTEEZomiBxmwiNVdViEfrubOG83N58q5YOez7ZvjPuT4WH6eydwIVGGontnPns6l2TIAFQWDuMBGBiR5qzGEBlcm8nWOhfyTRmsCrzfOsPcpUjWwI9X1xvBptfimU3S6tNmAcz5r8lP7Vclky4zKdsuwXeJZgr8VE7weXBqjqK5wjDBWDeREHgUn0Va3NWCOFrptSnPvCiH-PY4k-SwUS8BZkQFV0AlFk4Q-DZDSexNguLCqtvbEwAjb4dFvH7vP1mvNznO5B-t_Wf5UAE=&cb=_clkp0pflpp8v2b0kplvovn&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 | 62.122.171.6 | 200 OK | 7 B |
URL HTTP/2limurol.com/ssp/req/1892942/?pb=4f484f0f21e117ac2f0e5be5c9c5c6941661903805&psp=qwV9Bv2pbXIBqMBLPzQExn7K_-rlBfakmJjRcJCSC_mvY2iEIXOplHmGnFprqny_0DMDvRs2r3Xb2BQ4YeTVNWwAH34yruX5D4N2ttbXsbR50h2H9D_1sNSP7-UnJwv8E3FPCseRVNvQKxgxY8CGGYSF_scau2CzhYVhXzZt0Wr5MTggjgYzzKew32zqEcyjqUTu0qTEEZomiBxmwiNVdViEfrubOG83N58q5YOez7ZvjPuT4WH6eydwIVGGontnPns6l2TIAFQWDuMBGBiR5qzGEBlcm8nWOhfyTRmsCrzfOsPcpUjWwI9X1xvBptfimU3S6tNmAcz5r8lP7Vclky4zKdsuwXeJZgr8VE7weXBqjqK5wjDBWDeREHgUn0Va3NWCOFrptSnPvCiH-PY4k-SwUS8BZkQFV0AlFk4Q-DZDSexNguLCqtvbEwAjb4dFvH7vP1mvNznO5B-t_Wf5UAE=&cb=_clkp0pflpp8v2b0kplvovn&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP62.122.171.6:0
File typeASCII text, with no line terminators Hasha97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /ssp/req/1892942/?pb=4f484f0f21e117ac2f0e5be5c9c5c6941661903805&psp=qwV9Bv2pbXIBqMBLPzQExn7K_-rlBfakmJjRcJCSC_mvY2iEIXOplHmGnFprqny_0DMDvRs2r3Xb2BQ4YeTVNWwAH34yruX5D4N2ttbXsbR50h2H9D_1sNSP7-UnJwv8E3FPCseRVNvQKxgxY8CGGYSF_scau2CzhYVhXzZt0Wr5MTggjgYzzKew32zqEcyjqUTu0qTEEZomiBxmwiNVdViEfrubOG83N58q5YOez7ZvjPuT4WH6eydwIVGGontnPns6l2TIAFQWDuMBGBiR5qzGEBlcm8nWOhfyTRmsCrzfOsPcpUjWwI9X1xvBptfimU3S6tNmAcz5r8lP7Vclky4zKdsuwXeJZgr8VE7weXBqjqK5wjDBWDeREHgUn0Va3NWCOFrptSnPvCiH-PY4k-SwUS8BZkQFV0AlFk4Q-DZDSexNguLCqtvbEwAjb4dFvH7vP1mvNznO5B-t_Wf5UAE=&cb=_clkp0pflpp8v2b0kplvovn&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 21:56:45 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22083016566211bcc689f1437dbde8184c16; Path=/; Expires=Wed, 30 Aug 2023 21:56:45 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| limurol.com/ssp/req/1892942/?pb=4f484f0f21e117ac2f0e5be5c9c5c6941661903805&psp=qwV9Bv2pbXIBqMBLPzQExn7K_-rlBfakmJjRcJCSC_mvY2iEIXOplHmGnFprqny_0DMDvRs2r3Xb2BQ4YeTVNWwAH34yruX5D4N2ttbXsbR50h2H9D_1sNSP7-UnJwv8E3FPCseRVNvQKxgxY8CGGYSF_scau2CzhYVhXzZt0Wr5MTggjgYzzKew32zqEcyjqUTu0qTEEZomiBxmwiNVdViEfrubOG83N58q5YOez7ZvjPuT4WH6eydwIVGGontnPns6l2TIAFQWDuMBGBiR5qzGEBlcm8nWOhfyTRmsCrzfOsPcpUjWwI9X1xvBptfimU3S6tNmAcz5r8lP7Vclky4zKdsuwXeJZgr8VE7weXBqjqK5wjDBWDeREHgUn0Va3NWCOFrptSnPvCiH-PY4k-SwUS8BZkQFV0AlFk4Q-DZDSexNguLCqtvbEwAjb4dFvH7vP1mvNznO5B-t_Wf5UAE=&cb=_clkp0pflpp8v2b0kplvovn&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 | 62.122.171.6 | 200 OK | 7 B |
URL HTTP/2limurol.com/ssp/req/1892942/?pb=4f484f0f21e117ac2f0e5be5c9c5c6941661903805&psp=qwV9Bv2pbXIBqMBLPzQExn7K_-rlBfakmJjRcJCSC_mvY2iEIXOplHmGnFprqny_0DMDvRs2r3Xb2BQ4YeTVNWwAH34yruX5D4N2ttbXsbR50h2H9D_1sNSP7-UnJwv8E3FPCseRVNvQKxgxY8CGGYSF_scau2CzhYVhXzZt0Wr5MTggjgYzzKew32zqEcyjqUTu0qTEEZomiBxmwiNVdViEfrubOG83N58q5YOez7ZvjPuT4WH6eydwIVGGontnPns6l2TIAFQWDuMBGBiR5qzGEBlcm8nWOhfyTRmsCrzfOsPcpUjWwI9X1xvBptfimU3S6tNmAcz5r8lP7Vclky4zKdsuwXeJZgr8VE7weXBqjqK5wjDBWDeREHgUn0Va3NWCOFrptSnPvCiH-PY4k-SwUS8BZkQFV0AlFk4Q-DZDSexNguLCqtvbEwAjb4dFvH7vP1mvNznO5B-t_Wf5UAE=&cb=_clkp0pflpp8v2b0kplvovn&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP62.122.171.6:0
File typeASCII text, with no line terminators Hasha97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /ssp/req/1892942/?pb=4f484f0f21e117ac2f0e5be5c9c5c6941661903805&psp=qwV9Bv2pbXIBqMBLPzQExn7K_-rlBfakmJjRcJCSC_mvY2iEIXOplHmGnFprqny_0DMDvRs2r3Xb2BQ4YeTVNWwAH34yruX5D4N2ttbXsbR50h2H9D_1sNSP7-UnJwv8E3FPCseRVNvQKxgxY8CGGYSF_scau2CzhYVhXzZt0Wr5MTggjgYzzKew32zqEcyjqUTu0qTEEZomiBxmwiNVdViEfrubOG83N58q5YOez7ZvjPuT4WH6eydwIVGGontnPns6l2TIAFQWDuMBGBiR5qzGEBlcm8nWOhfyTRmsCrzfOsPcpUjWwI9X1xvBptfimU3S6tNmAcz5r8lP7Vclky4zKdsuwXeJZgr8VE7weXBqjqK5wjDBWDeREHgUn0Va3NWCOFrptSnPvCiH-PY4k-SwUS8BZkQFV0AlFk4Q-DZDSexNguLCqtvbEwAjb4dFvH7vP1mvNznO5B-t_Wf5UAE=&cb=_clkp0pflpp8v2b0kplvovn&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 21:56:46 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2208301656e418764ae434462aa336227616; Path=/; Expires=Wed, 30 Aug 2023 21:56:45 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-NPVPT881WG>m=2oe8t0&_p=976709473&cid=1392580794.1661896606&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1661896605&sct=1&seg=0&dl=https%3A%2F%2Fhentaiz.org%2Fxfsearch%2F2022%2520%25D0%25B3%25D0%25BE%25D0%25B4%2F&dt=2022%20%D0%B3%D0%BE%D0%B4%20%C2%BB%20HentaiZ.org%20-%20C%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D1%85%D0%B5%D0%BD%D1%82%D0%B0%D0%B9%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-NPVPT881WG>m=2oe8t0&_p=976709473&cid=1392580794.1661896606&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1661896605&sct=1&seg=0&dl=https%3A%2F%2Fhentaiz.org%2Fxfsearch%2F2022%2520%25D0%25B3%25D0%25BE%25D0%25B4%2F&dt=2022%20%D0%B3%D0%BE%D0%B4%20%C2%BB%20HentaiZ.org%20-%20C%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D1%85%D0%B5%D0%BD%D1%82%D0%B0%D0%B9%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NPVPT881WG>m=2oe8t0&_p=976709473&cid=1392580794.1661896606&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1661896605&sct=1&seg=0&dl=https%3A%2F%2Fhentaiz.org%2Fxfsearch%2F2022%2520%25D0%25B3%25D0%25BE%25D0%25B4%2F&dt=2022%20%D0%B3%D0%BE%D0%B4%20%C2%BB%20HentaiZ.org%20-%20C%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D1%85%D0%B5%D0%BD%D1%82%D0%B0%D0%B9%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaiz.org
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://hentaiz.org
date: Tue, 30 Aug 2022 21:56:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8483eb99dbd130593ed0072e2fbaccf9 fcb83f0b4a448f0b94b0bf9db431cc802413dacd 5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9498
Expires: Wed, 31 Aug 2022 00:35:04 GMT
Date: Tue, 30 Aug 2022 21:56:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8483eb99dbd130593ed0072e2fbaccf9 fcb83f0b4a448f0b94b0bf9db431cc802413dacd 5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9498
Expires: Wed, 31 Aug 2022 00:35:04 GMT
Date: Tue, 30 Aug 2022 21:56:46 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash82bc1c69018845280d29653d6b2d6f8d 0c122f15422cab7ee3461e8fa657183ae54adcc5 e221638eff281c27ef4656f76e64963718186285c57e50a8958bd3065e662674
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9980
x-amzn-requestid: b9f6b930-9c47-41b9-879d-ce239e39f033
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTMGHlNoAMFuoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d324d-72ea52c010dff34438bbca28;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:40:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fHSa3fGJD-E4daWDZyyKGaErPw9YBbAwJ2uQ2dxbxl2UJCXXDRykag==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:45:04 GMT
age: 702
etag: "0c122f15422cab7ee3461e8fa657183ae54adcc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4955929-0b9f-4215-9599-dffe8c74c90c.jpeg | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4955929-0b9f-4215-9599-dffe8c74c90c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfeb433a0823cccb81dc4c5fa13ba4ed2 143f7bb98f57f8e6189e73e75a9fc93d29548962 09a5ddc32918b441b6d3ce3eed211d674d3844db6770e06bb3fecb86cc85771a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4955929-0b9f-4215-9599-dffe8c74c90c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8909
x-amzn-requestid: 2c4357d3-5c22-465a-a65a-e281d87c5305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxZGYEIAMFeZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-36b5010a793ab9c87182a895;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Y3cwsCGFKFQYWkxG96XsjTJMrCMccbdhjRvbB04PCNF2YupDcEcng==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 07:33:49 GMT
age: 51777
etag: "143f7bb98f57f8e6189e73e75a9fc93d29548962"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash91310bc1fb5ae0efa502a9bafe046399 ec2a4baf0a21c1738a541d89756cccd6f3bef5fd 5fe0511116c6bd2d6e668c69764905c3a5c93fa23a4dc207b0f4b1604783ceb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5925
x-amzn-requestid: 15e5a8fd-8a14-486d-9e83-7da3dafd1713
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpSfZEEooAMFbeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d312f-05652d4e06746e8b4f4be29b;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:35:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bYTWcGb1-aWdEhGox1If7F0NpZ0JDobDMZK6l0J7a2tb9_ejGKDiDQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:45:09 GMT
age: 697
etag: "ec2a4baf0a21c1738a541d89756cccd6f3bef5fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19e4053-4c42-4436-ba83-5e76fd16f5a4.webp | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19e4053-4c42-4436-ba83-5e76fd16f5a4.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0502c5060f29d82fd10f9f79459e2ce0 110f2eecf72c6b89f250ebefeff5ef664dc2f3f6 f722656c432bbec2baa63b6edc4116c1996850462864456105d9fea9c3bc7ff4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19e4053-4c42-4436-ba83-5e76fd16f5a4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10056
x-amzn-requestid: 2eb7bbf2-47ad-4f80-98e8-ecb45e98961b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xguh2H_woAMFXnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309c472-7dda060b4e7c81262aef3421;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1cunCq4Z1J-oQSmTlcAtgfXO0A4_XpHKl2UHpRCbf75--3eHEIgZGQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 11:39:46 GMT
age: 37020
etag: "110f2eecf72c6b89f250ebefeff5ef664dc2f3f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash87425d52d274ccbc12298aa7a47395f2 b2866f84f93b73d97e9aecfa2293ff47131b6d67 2284c74b04493c7a67907b2477bac252832f3550c6a7e57c221abefc45a12549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8478
x-amzn-requestid: 8ae5ce3f-0d58-412b-84f1-579c5cf21fd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTWIH5JoAMFh9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d328d-7bb707102a3acb0320585b52;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:33 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: G0y5MCu_U2IUMTrWxPmyUefwSkF5tcEWpPh7sZ-Bn_1lXZv12tlpgQ==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:58:58 GMT
age: 86268
etag: "b2866f84f93b73d97e9aecfa2293ff47131b6d67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9f9132960db725a095b0db1773dc6f69 bf1d4347e1641da5aebe6ae438c0431232ae6242 0e0b84df674d48517a04819604deb555c904518f093784691de4914b6ddb9e9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10672
x-amzn-requestid: 9044b578-ffc7-4890-a16f-bf6d5e242f46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTWcEUnoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c65c2-4397932f1417f6ab2463c4b0;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:07:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uc8twk9uXve3wFxTvsZa_sg-aduiVBxXjTvOdqBc_BZmgw4BldMyHQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 07:15:20 GMT
age: 52886
etag: "bf1d4347e1641da5aebe6ae438c0431232ae6242"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| hentaiz.org/xfsearch/2022%20%D0%B3%D0%BE%D0%B4/ | 172.67.178.148 | 200 OK | 0 B |
URL HTTP/2hentaiz.org/xfsearch/2022%20%D0%B3%D0%BE%D0%B4/ IP172.67.178.148:0
GET /xfsearch/2022%20%D0%B3%D0%BE%D0%B4/ HTTP/1.1
Host: hentaiz.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 30 Aug 2022 21:56:44 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/7.2.24
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=hsfik14o4tafasvb0mc6mbech2; path=/; HttpOnly
strict-transport-security: max-age=31536000; preload
last-modified: Tue, 30 Aug 2022 21:56:44 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7HQsPxi%2FZK453R%2Fhjc7k85NIf4RczAoeB4QTm6g1Nl0LQA7a33S3dznv3Rye8RxUUuVotL9A6xLhAg16x6pkrDe5M8woNYZxPzhnNpJnnNr%2Fpns7N3GUCv6T1TvOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7430c731f968b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:400,700,900&subset=cyrillic | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:400,700,900&subset=cyrillic IP142.250.74.10:0
GET /css?family=Roboto:400,700,900&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 30 Aug 2022 21:56:44 GMT
date: Tue, 30 Aug 2022 21:56:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| agle21xe2anfddirite.com/aas/r45d/vki/1892942/d91a02e0.js | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2agle21xe2anfddirite.com/aas/r45d/vki/1892942/d91a02e0.js IP62.122.171.6:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /aas/r45d/vki/1892942/d91a02e0.js HTTP/1.1
Host: agle21xe2anfddirite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 21:56:44 GMT
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 13:24:30 GMT
vary: Accept-Encoding
etag: W/"630e0f8e-12cf8"
x-js-ab1: var18
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| agle21xe2anfddirite.com/get/1892942?zoneid=1892942&jp=_clwyyqej60bsua5bskfm2w&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&cid=8553163357268662&sp=0 | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2agle21xe2anfddirite.com/get/1892942?zoneid=1892942&jp=_clwyyqej60bsua5bskfm2w&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&cid=8553163357268662&sp=0 IP62.122.171.6:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /get/1892942?zoneid=1892942&jp=_clwyyqej60bsua5bskfm2w&nojs=0&ix=0&abvar=18&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&cid=8553163357268662&sp=0 HTTP/1.1
Host: agle21xe2anfddirite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hentaiz.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 21:56:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=220830165665a4b476ccd0483093d361dc43; Path=/; Expires=Wed, 30 Aug 2023 21:56:45 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|