nhentai.com/en/comic/akatukiya-akatuki-myuuto-isekai-harem-paradise-bangai-hen-kinyoku-no-sister-no-kuni-an-other-world-harem-paradise-extra-edition-country-of-the-abstinent-sisters-english-doujinscom-digital
104.26.11.233301 Moved Permanently 0 B URL HTTP/1.1 nhentai.com/en/comic/akatukiya-akatuki-myuuto-isekai-harem-paradise-bangai-hen-kinyoku-no-sister-no-kuni-an-other-world-harem-paradise-extra-edition-country-of-the-abstinent-sisters-english-doujinscom-digital
IP 104.26.11.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en/comic/akatukiya-akatuki-myuuto-isekai-harem-paradise-bangai-hen-kinyoku-no-sister-no-kuni-an-other-world-harem-paradise-extra-edition-country-of-the-abstinent-sisters-english-doujinscom-digital HTTP/1.1
Host: nhentai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 27 Mar 2023 23:35:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 28 Mar 2023 00:35:08 GMT
Location: https://nhentai.com/en/comic/akatukiya-akatuki-myuuto-isekai-harem-paradise-bangai-hen-kinyoku-no-sister-no-kuni-an-other-world-harem-paradise-extra-edition-country-of-the-abstinent-sisters-english-doujinscom-digital
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DE2DZcu4E0QPUCnCUWF5eylbZis81g2bEcOD4rhoBI0BIJTHPZ%2BCK13URYXekOUfqSofb3HR5GXQgoNeLiOaPdoR%2Fp6h%2F6srZ7xMdPI9wzmdpzmTfiay73sp67MB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aeb72b89ba20b45-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13163
Expires: Tue, 28 Mar 2023 03:14:32 GMT
Date: Mon, 27 Mar 2023 23:35:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 911d74784325663a0d95b463b0e9ae9b
21e999229be584d8e42696bce71236ad5bcb9a25
f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8214
Expires: Tue, 28 Mar 2023 01:52:03 GMT
Date: Mon, 27 Mar 2023 23:35:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 27 Mar 2023 23:15:46 GMT
content-type: application/json
age: 1163
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2691
Expires: Tue, 28 Mar 2023 00:20:00 GMT
Date: Mon, 27 Mar 2023 23:35:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UDnJl8qGmfltob8ffKG7ADbJmhHCktKLwqvFCufbTDOBGaJ0jbchMIxfkY1oc5s623yhAre6N4I=
x-amz-request-id: 0QCHVFKFJBBGATGV
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 27 Mar 2023 23:01:49 GMT
age: 2000
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:09 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Nunito:400,600,700,800&display=swap
172.217.21.170200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Nunito:400,600,700,800&display=swap
IP 172.217.21.170:0
Hash d676e185f593456b678c087cf9ead0b0
0c06c596d25cc4331186ded24340c1726d8e4d08
04df280363c6ba78beb14c1f3ba0e55a798752572a737e63161620e5f54255b8
GET /css?family=Nunito:400,600,700,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 27 Mar 2023 23:35:09 GMT
date: Mon, 27 Mar 2023 23:35:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash c4887c4d9071dce047bae5d4874223ac
bf03c4be6c6f4dabce769b8d973f1d7a61b8d2d3
053ff126df1661c020ccba873175a8bd30edebb2919019daa2f3a5259c694ce8
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: e594aa4a-8aeb-46c9-84f3-2aeb1793c4d5
Content-Length: 1701
Date: Mon, 27 Mar 2023 23:35:09 GMT
Connection: keep-alive
godpvqnszo.com/solid.gif?z=1955368&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 godpvqnszo.com/solid.gif?z=1955368&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1955368&abvar=0 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nhentai.com
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:09 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 27 Mar 2023 23:14:35 GMT
age: 1234
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9052
Expires: Tue, 28 Mar 2023 02:06:02 GMT
Date: Mon, 27 Mar 2023 23:35:10 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:0
Hash a1e90811ebbe5dc4a207eb39259441e2
13b45d4ba541d622665031c64a6335f7530d4757
a408a3f8598d6ff748f1340e10fdf411474ecb5201a56fee94d3147b8cb193de
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nhentai.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:27:11 GMT
expires: Sat, 23 Mar 2024 10:27:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
age: 306479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 7cb0b362387d1a4cdef9f2aa27978ae1
2e74b80e600715f8729ea2c9626e016ed22ac77b
d84c17795395ccaf24a8c8b00d232f1b406ce0407f418404c449cdc627ae516e
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 640a5b37-e952-4765-9e66-1eb1fd7f667b
Content-Length: 1701
Date: Mon, 27 Mar 2023 23:35:10 GMT
Connection: keep-alive
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash f6668367dacac55f905410e00a46b0e0
2d7e60fc50beb48f5356960e00c27957c48f0cbb
1c05665224f81284fcb0a7ab089aa4c736079b18e767a8bef591861fbef790f2
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: f2b887be-75e5-499b-a12e-1d15d21d0093
Content-Length: 1701
Date: Mon, 27 Mar 2023 23:35:10 GMT
Connection: keep-alive
limurol.com/ssp/req/1955368/?pb=f4aa83498ef246b9e58d51bebaae5fae1679967309&psp=NgxmR-pOsEH-U06P06a3WfnKqFBAhWxfLPl5BT4KLDj7P-LIo7YYcQ54u2LaLzOsQF_UaUB42DdnzAE7dZaHcMhBhtYqkBQoTQfdYHBSFbMsfWwS444JOl3fyPWte_QAm6su-r87F99P8-F-HL3lRAIwiOH5W2i14tsvooxNok9KWhTVgn34eaCVFHtkiQKyiLCyUstshOdF7alZQhEFCSkDBpTo_HfucABvIYM6xF_gvTQDlEiRNIKrZpHI35AjghbafvR_lrOgBQsvH5WDUGWV5Lh9ShQFWwxm2zWYjbqVqmcVBKeW-CnUI1fxa39vy9JSoxt9RktdU3sLWQrDxRi7YTm8ElRbaxtFQ-8CpGsb1wryc7Il1v2ERAX_pGMGZaVzUyX5vuLsj7p3FiEy5MonSFgqnvaq6sgfYAtTFduJO82FqfvLiwtLmXFhtX1IEbBTz7jWt7FzH6gsC7YWsBIgxBtULXbPydrQoR_NVFbS1yl6JbybMA8YJi7VCnWZXUO2PahDWLMxhYpFyqsBXzV5NjOwVWGvyaBrxFPP1hWnYKjhwRPzx-2UDYgQ2GP40cRk6QfFsQIP48U-nr8ViM_FbNWdC5O7-sSoGXy_UDhqfdmI2ZTNaYZm8kZ5KuEFBQA-4Jm4PvDf5UtZO30LMmLcw3XUk1HGeTeNiTyX-cfgCAFe0wlGVzz9Xy6C7wH831ntaksER2lXwggr97RqXoVhTq6g2IgGoWJ9i_ZHdKtD0bc295v6AIrg37ISeRqEarWUG0sMu7xGo_HzKQAz3nJOFWccvHsIB9PkFsa_2_VztARasKh9O30Y-7TJVlPdS1rL4csXZp5KWIBNdK9kF8wlRaZ2ZCNRbQpbij3YdHlQfRLZ7w==&cb=_clxbmpw6s363kdirzyj39m&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955368/?pb=f4aa83498ef246b9e58d51bebaae5fae1679967309&psp=NgxmR-pOsEH-U06P06a3WfnKqFBAhWxfLPl5BT4KLDj7P-LIo7YYcQ54u2LaLzOsQF_UaUB42DdnzAE7dZaHcMhBhtYqkBQoTQfdYHBSFbMsfWwS444JOl3fyPWte_QAm6su-r87F99P8-F-HL3lRAIwiOH5W2i14tsvooxNok9KWhTVgn34eaCVFHtkiQKyiLCyUstshOdF7alZQhEFCSkDBpTo_HfucABvIYM6xF_gvTQDlEiRNIKrZpHI35AjghbafvR_lrOgBQsvH5WDUGWV5Lh9ShQFWwxm2zWYjbqVqmcVBKeW-CnUI1fxa39vy9JSoxt9RktdU3sLWQrDxRi7YTm8ElRbaxtFQ-8CpGsb1wryc7Il1v2ERAX_pGMGZaVzUyX5vuLsj7p3FiEy5MonSFgqnvaq6sgfYAtTFduJO82FqfvLiwtLmXFhtX1IEbBTz7jWt7FzH6gsC7YWsBIgxBtULXbPydrQoR_NVFbS1yl6JbybMA8YJi7VCnWZXUO2PahDWLMxhYpFyqsBXzV5NjOwVWGvyaBrxFPP1hWnYKjhwRPzx-2UDYgQ2GP40cRk6QfFsQIP48U-nr8ViM_FbNWdC5O7-sSoGXy_UDhqfdmI2ZTNaYZm8kZ5KuEFBQA-4Jm4PvDf5UtZO30LMmLcw3XUk1HGeTeNiTyX-cfgCAFe0wlGVzz9Xy6C7wH831ntaksER2lXwggr97RqXoVhTq6g2IgGoWJ9i_ZHdKtD0bc295v6AIrg37ISeRqEarWUG0sMu7xGo_HzKQAz3nJOFWccvHsIB9PkFsa_2_VztARasKh9O30Y-7TJVlPdS1rL4csXZp5KWIBNdK9kF8wlRaZ2ZCNRbQpbij3YdHlQfRLZ7w==&cb=_clxbmpw6s363kdirzyj39m&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1955368/?pb=f4aa83498ef246b9e58d51bebaae5fae1679967309&psp=NgxmR-pOsEH-U06P06a3WfnKqFBAhWxfLPl5BT4KLDj7P-LIo7YYcQ54u2LaLzOsQF_UaUB42DdnzAE7dZaHcMhBhtYqkBQoTQfdYHBSFbMsfWwS444JOl3fyPWte_QAm6su-r87F99P8-F-HL3lRAIwiOH5W2i14tsvooxNok9KWhTVgn34eaCVFHtkiQKyiLCyUstshOdF7alZQhEFCSkDBpTo_HfucABvIYM6xF_gvTQDlEiRNIKrZpHI35AjghbafvR_lrOgBQsvH5WDUGWV5Lh9ShQFWwxm2zWYjbqVqmcVBKeW-CnUI1fxa39vy9JSoxt9RktdU3sLWQrDxRi7YTm8ElRbaxtFQ-8CpGsb1wryc7Il1v2ERAX_pGMGZaVzUyX5vuLsj7p3FiEy5MonSFgqnvaq6sgfYAtTFduJO82FqfvLiwtLmXFhtX1IEbBTz7jWt7FzH6gsC7YWsBIgxBtULXbPydrQoR_NVFbS1yl6JbybMA8YJi7VCnWZXUO2PahDWLMxhYpFyqsBXzV5NjOwVWGvyaBrxFPP1hWnYKjhwRPzx-2UDYgQ2GP40cRk6QfFsQIP48U-nr8ViM_FbNWdC5O7-sSoGXy_UDhqfdmI2ZTNaYZm8kZ5KuEFBQA-4Jm4PvDf5UtZO30LMmLcw3XUk1HGeTeNiTyX-cfgCAFe0wlGVzz9Xy6C7wH831ntaksER2lXwggr97RqXoVhTq6g2IgGoWJ9i_ZHdKtD0bc295v6AIrg37ISeRqEarWUG0sMu7xGo_HzKQAz3nJOFWccvHsIB9PkFsa_2_VztARasKh9O30Y-7TJVlPdS1rL4csXZp5KWIBNdK9kF8wlRaZ2ZCNRbQpbij3YdHlQfRLZ7w==&cb=_clxbmpw6s363kdirzyj39m&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:10 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2303271835af7e10b378b24e0da217a920ab; Path=/; Expires=Tue, 26 Mar 2024 23:35:10 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn5.hentaihaven.fun/api/click/9897571679414988095?c=90
135.181.208.216200 OK 0 B URL HTTP/2 cdn5.hentaihaven.fun/api/click/9897571679414988095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/9897571679414988095?c=90 HTTP/1.1
Host: cdn5.hentaihaven.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn5.hentaihaven.fun/api/spots/223429?p=1&s1=%subid1%&kw=
Cookie: nauid=d8IWnF2Yhrtej07zNr1D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:10 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
limurol.com/ssp/req/1955368/?pb=f4aa83498ef246b9e58d51bebaae5fae1679967309&psp=NgxmR-pOsEH-U06P06a3WfnKqFBAhWxfLPl5BT4KLDj7P-LIo7YYcQ54u2LaLzOsQF_UaUB42DdnzAE7dZaHcMhBhtYqkBQoTQfdYHBSFbMsfWwS444JOl3fyPWte_QAm6su-r87F99P8-F-HL3lRAIwiOH5W2i14tsvooxNok9KWhTVgn34eaCVFHtkiQKyiLCyUstshOdF7alZQhEFCSkDBpTo_HfucABvIYM6xF_gvTQDlEiRNIKrZpHI35AjghbafvR_lrOgBQsvH5WDUGWV5Lh9ShQFWwxm2zWYjbqVqmcVBKeW-CnUI1fxa39vy9JSoxt9RktdU3sLWQrDxRi7YTm8ElRbaxtFQ-8CpGsb1wryc7Il1v2ERAX_pGMGZaVzUyX5vuLsj7p3FiEy5MonSFgqnvaq6sgfYAtTFduJO82FqfvLiwtLmXFhtX1IEbBTz7jWt7FzH6gsC7YWsBIgxBtULXbPydrQoR_NVFbS1yl6JbybMA8YJi7VCnWZXUO2PahDWLMxhYpFyqsBXzV5NjOwVWGvyaBrxFPP1hWnYKjhwRPzx-2UDYgQ2GP40cRk6QfFsQIP48U-nr8ViM_FbNWdC5O7-sSoGXy_UDhqfdmI2ZTNaYZm8kZ5KuEFBQA-4Jm4PvDf5UtZO30LMmLcw3XUk1HGeTeNiTyX-cfgCAFe0wlGVzz9Xy6C7wH831ntaksER2lXwggr97RqXoVhTq6g2IgGoWJ9i_ZHdKtD0bc295v6AIrg37ISeRqEarWUG0sMu7xGo_HzKQAz3nJOFWccvHsIB9PkFsa_2_VztARasKh9O30Y-7TJVlPdS1rL4csXZp5KWIBNdK9kF8wlRaZ2ZCNRbQpbij3YdHlQfRLZ7w==&cb=_clxbmpw6s363kdirzyj39m&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955368/?pb=f4aa83498ef246b9e58d51bebaae5fae1679967309&psp=NgxmR-pOsEH-U06P06a3WfnKqFBAhWxfLPl5BT4KLDj7P-LIo7YYcQ54u2LaLzOsQF_UaUB42DdnzAE7dZaHcMhBhtYqkBQoTQfdYHBSFbMsfWwS444JOl3fyPWte_QAm6su-r87F99P8-F-HL3lRAIwiOH5W2i14tsvooxNok9KWhTVgn34eaCVFHtkiQKyiLCyUstshOdF7alZQhEFCSkDBpTo_HfucABvIYM6xF_gvTQDlEiRNIKrZpHI35AjghbafvR_lrOgBQsvH5WDUGWV5Lh9ShQFWwxm2zWYjbqVqmcVBKeW-CnUI1fxa39vy9JSoxt9RktdU3sLWQrDxRi7YTm8ElRbaxtFQ-8CpGsb1wryc7Il1v2ERAX_pGMGZaVzUyX5vuLsj7p3FiEy5MonSFgqnvaq6sgfYAtTFduJO82FqfvLiwtLmXFhtX1IEbBTz7jWt7FzH6gsC7YWsBIgxBtULXbPydrQoR_NVFbS1yl6JbybMA8YJi7VCnWZXUO2PahDWLMxhYpFyqsBXzV5NjOwVWGvyaBrxFPP1hWnYKjhwRPzx-2UDYgQ2GP40cRk6QfFsQIP48U-nr8ViM_FbNWdC5O7-sSoGXy_UDhqfdmI2ZTNaYZm8kZ5KuEFBQA-4Jm4PvDf5UtZO30LMmLcw3XUk1HGeTeNiTyX-cfgCAFe0wlGVzz9Xy6C7wH831ntaksER2lXwggr97RqXoVhTq6g2IgGoWJ9i_ZHdKtD0bc295v6AIrg37ISeRqEarWUG0sMu7xGo_HzKQAz3nJOFWccvHsIB9PkFsa_2_VztARasKh9O30Y-7TJVlPdS1rL4csXZp5KWIBNdK9kF8wlRaZ2ZCNRbQpbij3YdHlQfRLZ7w==&cb=_clxbmpw6s363kdirzyj39m&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1955368/?pb=f4aa83498ef246b9e58d51bebaae5fae1679967309&psp=NgxmR-pOsEH-U06P06a3WfnKqFBAhWxfLPl5BT4KLDj7P-LIo7YYcQ54u2LaLzOsQF_UaUB42DdnzAE7dZaHcMhBhtYqkBQoTQfdYHBSFbMsfWwS444JOl3fyPWte_QAm6su-r87F99P8-F-HL3lRAIwiOH5W2i14tsvooxNok9KWhTVgn34eaCVFHtkiQKyiLCyUstshOdF7alZQhEFCSkDBpTo_HfucABvIYM6xF_gvTQDlEiRNIKrZpHI35AjghbafvR_lrOgBQsvH5WDUGWV5Lh9ShQFWwxm2zWYjbqVqmcVBKeW-CnUI1fxa39vy9JSoxt9RktdU3sLWQrDxRi7YTm8ElRbaxtFQ-8CpGsb1wryc7Il1v2ERAX_pGMGZaVzUyX5vuLsj7p3FiEy5MonSFgqnvaq6sgfYAtTFduJO82FqfvLiwtLmXFhtX1IEbBTz7jWt7FzH6gsC7YWsBIgxBtULXbPydrQoR_NVFbS1yl6JbybMA8YJi7VCnWZXUO2PahDWLMxhYpFyqsBXzV5NjOwVWGvyaBrxFPP1hWnYKjhwRPzx-2UDYgQ2GP40cRk6QfFsQIP48U-nr8ViM_FbNWdC5O7-sSoGXy_UDhqfdmI2ZTNaYZm8kZ5KuEFBQA-4Jm4PvDf5UtZO30LMmLcw3XUk1HGeTeNiTyX-cfgCAFe0wlGVzz9Xy6C7wH831ntaksER2lXwggr97RqXoVhTq6g2IgGoWJ9i_ZHdKtD0bc295v6AIrg37ISeRqEarWUG0sMu7xGo_HzKQAz3nJOFWccvHsIB9PkFsa_2_VztARasKh9O30Y-7TJVlPdS1rL4csXZp5KWIBNdK9kF8wlRaZ2ZCNRbQpbij3YdHlQfRLZ7w==&cb=_clxbmpw6s363kdirzyj39m&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:10 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2303271835d9ec5506596243a2b73a4955e1; Path=/; Expires=Tue, 26 Mar 2024 23:35:10 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1955368/?pb=f4aa83498ef246b9e58d51bebaae5fae1679967309&psp=NgxmR-pOsEH-U06P06a3WfnKqFBAhWxfLPl5BT4KLDj7P-LIo7YYcQ54u2LaLzOsQF_UaUB42DdnzAE7dZaHcMhBhtYqkBQoTQfdYHBSFbMsfWwS444JOl3fyPWte_QAm6su-r87F99P8-F-HL3lRAIwiOH5W2i14tsvooxNok9KWhTVgn34eaCVFHtkiQKyiLCyUstshOdF7alZQhEFCSkDBpTo_HfucABvIYM6xF_gvTQDlEiRNIKrZpHI35AjghbafvR_lrOgBQsvH5WDUGWV5Lh9ShQFWwxm2zWYjbqVqmcVBKeW-CnUI1fxa39vy9JSoxt9RktdU3sLWQrDxRi7YTm8ElRbaxtFQ-8CpGsb1wryc7Il1v2ERAX_pGMGZaVzUyX5vuLsj7p3FiEy5MonSFgqnvaq6sgfYAtTFduJO82FqfvLiwtLmXFhtX1IEbBTz7jWt7FzH6gsC7YWsBIgxBtULXbPydrQoR_NVFbS1yl6JbybMA8YJi7VCnWZXUO2PahDWLMxhYpFyqsBXzV5NjOwVWGvyaBrxFPP1hWnYKjhwRPzx-2UDYgQ2GP40cRk6QfFsQIP48U-nr8ViM_FbNWdC5O7-sSoGXy_UDhqfdmI2ZTNaYZm8kZ5KuEFBQA-4Jm4PvDf5UtZO30LMmLcw3XUk1HGeTeNiTyX-cfgCAFe0wlGVzz9Xy6C7wH831ntaksER2lXwggr97RqXoVhTq6g2IgGoWJ9i_ZHdKtD0bc295v6AIrg37ISeRqEarWUG0sMu7xGo_HzKQAz3nJOFWccvHsIB9PkFsa_2_VztARasKh9O30Y-7TJVlPdS1rL4csXZp5KWIBNdK9kF8wlRaZ2ZCNRbQpbij3YdHlQfRLZ7w==&cb=_clxbmpw6s363kdirzyj39m&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955368/?pb=f4aa83498ef246b9e58d51bebaae5fae1679967309&psp=NgxmR-pOsEH-U06P06a3WfnKqFBAhWxfLPl5BT4KLDj7P-LIo7YYcQ54u2LaLzOsQF_UaUB42DdnzAE7dZaHcMhBhtYqkBQoTQfdYHBSFbMsfWwS444JOl3fyPWte_QAm6su-r87F99P8-F-HL3lRAIwiOH5W2i14tsvooxNok9KWhTVgn34eaCVFHtkiQKyiLCyUstshOdF7alZQhEFCSkDBpTo_HfucABvIYM6xF_gvTQDlEiRNIKrZpHI35AjghbafvR_lrOgBQsvH5WDUGWV5Lh9ShQFWwxm2zWYjbqVqmcVBKeW-CnUI1fxa39vy9JSoxt9RktdU3sLWQrDxRi7YTm8ElRbaxtFQ-8CpGsb1wryc7Il1v2ERAX_pGMGZaVzUyX5vuLsj7p3FiEy5MonSFgqnvaq6sgfYAtTFduJO82FqfvLiwtLmXFhtX1IEbBTz7jWt7FzH6gsC7YWsBIgxBtULXbPydrQoR_NVFbS1yl6JbybMA8YJi7VCnWZXUO2PahDWLMxhYpFyqsBXzV5NjOwVWGvyaBrxFPP1hWnYKjhwRPzx-2UDYgQ2GP40cRk6QfFsQIP48U-nr8ViM_FbNWdC5O7-sSoGXy_UDhqfdmI2ZTNaYZm8kZ5KuEFBQA-4Jm4PvDf5UtZO30LMmLcw3XUk1HGeTeNiTyX-cfgCAFe0wlGVzz9Xy6C7wH831ntaksER2lXwggr97RqXoVhTq6g2IgGoWJ9i_ZHdKtD0bc295v6AIrg37ISeRqEarWUG0sMu7xGo_HzKQAz3nJOFWccvHsIB9PkFsa_2_VztARasKh9O30Y-7TJVlPdS1rL4csXZp5KWIBNdK9kF8wlRaZ2ZCNRbQpbij3YdHlQfRLZ7w==&cb=_clxbmpw6s363kdirzyj39m&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1955368/?pb=f4aa83498ef246b9e58d51bebaae5fae1679967309&psp=NgxmR-pOsEH-U06P06a3WfnKqFBAhWxfLPl5BT4KLDj7P-LIo7YYcQ54u2LaLzOsQF_UaUB42DdnzAE7dZaHcMhBhtYqkBQoTQfdYHBSFbMsfWwS444JOl3fyPWte_QAm6su-r87F99P8-F-HL3lRAIwiOH5W2i14tsvooxNok9KWhTVgn34eaCVFHtkiQKyiLCyUstshOdF7alZQhEFCSkDBpTo_HfucABvIYM6xF_gvTQDlEiRNIKrZpHI35AjghbafvR_lrOgBQsvH5WDUGWV5Lh9ShQFWwxm2zWYjbqVqmcVBKeW-CnUI1fxa39vy9JSoxt9RktdU3sLWQrDxRi7YTm8ElRbaxtFQ-8CpGsb1wryc7Il1v2ERAX_pGMGZaVzUyX5vuLsj7p3FiEy5MonSFgqnvaq6sgfYAtTFduJO82FqfvLiwtLmXFhtX1IEbBTz7jWt7FzH6gsC7YWsBIgxBtULXbPydrQoR_NVFbS1yl6JbybMA8YJi7VCnWZXUO2PahDWLMxhYpFyqsBXzV5NjOwVWGvyaBrxFPP1hWnYKjhwRPzx-2UDYgQ2GP40cRk6QfFsQIP48U-nr8ViM_FbNWdC5O7-sSoGXy_UDhqfdmI2ZTNaYZm8kZ5KuEFBQA-4Jm4PvDf5UtZO30LMmLcw3XUk1HGeTeNiTyX-cfgCAFe0wlGVzz9Xy6C7wH831ntaksER2lXwggr97RqXoVhTq6g2IgGoWJ9i_ZHdKtD0bc295v6AIrg37ISeRqEarWUG0sMu7xGo_HzKQAz3nJOFWccvHsIB9PkFsa_2_VztARasKh9O30Y-7TJVlPdS1rL4csXZp5KWIBNdK9kF8wlRaZ2ZCNRbQpbij3YdHlQfRLZ7w==&cb=_clxbmpw6s363kdirzyj39m&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Cookie: UID=2303271835af7e10b378b24e0da217a920ab
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:10 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
142.250.74.170200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn5.hentaihaven.fun/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Mar 2023 09:37:24 GMT
expires: Sun, 24 Mar 2024 09:37:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 223066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.40.151.151101 Switching Protocols 3.9 kB URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.151.151:0
File type gzip compressed data, from Unix\012- data
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Kqtxgwnmv9cgeUxEwJuNVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AKXrh7N2kSzmqJYf2SvrzS1M4xE=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3fae388741dd939aeff30bd26db4896b
550e0265bd95d12df265aa49d241e15e6c6ca523
55ae9719d2136166db8d3050a5955747b21ae2ac565cd8a74b8b2efcdbbb9269
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55AE9719D2136166DB8D3050A5955747B21AE2AC565CD8A74B8B2EFCDBBB9269"
Last-Modified: Mon, 27 Mar 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14842
Expires: Tue, 28 Mar 2023 03:42:32 GMT
Date: Mon, 27 Mar 2023 23:35:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 797132a163101bc1ac58572a995f58a8
aff07bae4af6d3706555bbefa58d5640fc9ba1a7
09af0dc952d37aa9dcdf284718e15e4b4ecdd08afde3b0dfa6a753399ea28c2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09AF0DC952D37AA9DCDF284718E15E4B4ECDD08AFDE3B0DFA6A753399EA28C2B"
Last-Modified: Sat, 25 Mar 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2152
Expires: Tue, 28 Mar 2023 00:11:02 GMT
Date: Mon, 27 Mar 2023 23:35:10 GMT
Connection: keep-alive
cdn5.hentaihaven.fun/api/settings/209336
135.181.208.216200 OK 27 kB URL HTTP/2 cdn5.hentaihaven.fun/api/settings/209336
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash b0f0e5fa4597b624eca81d97ab49313c
e9aadee712c06a10d44e22b1156fb1af8a4cae0c
2d7b1daf5ed2c6b5bc9ea98fc60d761d3ebb940b1b66a29fde7a6a5a56fe0b09
GET /api/settings/209336 HTTP/1.1
Host: cdn5.hentaihaven.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nhentai.com/
Origin: https://nhentai.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:10 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
fellowshippink.com/71/88/7b/71887b540f46f78b344779ef56c11068.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 fellowshippink.com/71/88/7b/71887b540f46f78b344779ef56c11068.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37154), with no line terminators
Hash 6f8aa0a6729f56a133346d50e41d40ba
072c90a3ec62aabb1b8fcbb497004a10e7156681
032f3d90bb4115c981eca3da29e2bf8bfd2eefb35ce23955202767a660b297d1
GET /71/88/7b/71887b540f46f78b344779ef56c11068.js HTTP/1.1
Host: fellowshippink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Mar 2023 23:35:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 78d8449e7c01981dd27a2e1945dcc054
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fellowshippink.com/99/89/e0/9989e0ab74318b7e807159ebfc51bae0.js
173.233.139.164200 OK 21 kB URL HTTP/1.1 fellowshippink.com/99/89/e0/9989e0ab74318b7e807159ebfc51bae0.js
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (60183)
Hash 5de0b1e19c3534379d6a5efb5631dbef
daa759ccbb3799bc8bd758f7bc02d28436d24d22
b0f621bbfa7aa50e919327f9263e62f1701e54343baf54e1caa84919a3143d62
GET /99/89/e0/9989e0ab74318b7e807159ebfc51bae0.js HTTP/1.1
Host: fellowshippink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Mar 2023 23:35:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_ebt1099=0; expires=Thu, 30 Mar 2023 23:35:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 096818084a0933fcd400d000a67c6b46
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7e2d8156baac12231cc9cbfdefedacf1
62384d8842fb5b560ac39636bb519953e22dc664
ee4dbd79fc1569ab6ae0ea7b90b4b7d8dbb846296cf7fc68b24be78b7b95993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.142200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 27 Mar 2023 22:05:11 GMT
expires: Tue, 28 Mar 2023 00:05:11 GMT
cache-control: public, max-age=7200
age: 5399
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7e2d8156baac12231cc9cbfdefedacf1
62384d8842fb5b560ac39636bb519953e22dc664
ee4dbd79fc1569ab6ae0ea7b90b4b7d8dbb846296cf7fc68b24be78b7b95993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 52b905613808514bc1ae4964c9e210f2
9dfea110de1883718ce87987f33281d98fbf37a5
30fe4a661c4b5b58108e16f1345b399021c3c2261e567f1cddeda9ebe308f718
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 27 Mar 2023 23:35:10 GMT
Last-Modified: Mon, 27 Mar 2023 21:55:11 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mim6vQPgQD0RPov5AjHKL6QRpOvDsUDJWH3_vxAa3TIyKzyoqHu4kQ==
Age: 6000
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 52b905613808514bc1ae4964c9e210f2
9dfea110de1883718ce87987f33281d98fbf37a5
30fe4a661c4b5b58108e16f1345b399021c3c2261e567f1cddeda9ebe308f718
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 27 Mar 2023 23:35:10 GMT
Last-Modified: Mon, 27 Mar 2023 21:51:53 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: csmVudR1HNceIZm5gPrk9pBf6s7vVlxkGcl-BEa4naadu3_P8GpzhA==
Age: 6197
simplewebanalysis.com/stats
3.123.95.62200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.123.95.62:0
File type ASCII text, with no line terminators
Hash e5aed8467da3b284954f72a002d99d62
72b7e3cc0d701d5aa694a6c70bf4ad86aca313fb
6e56c6f8434c761502cb61cacc975ea793b198307392b5d3c1b06f757aacbdc9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nhentai.com
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:11 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nhentai.com
access-control-allow-credentials: true
set-cookie: uid_id2=8d1df0ac-38bc-459d-9f97-02b1f0738a7e:1:1; expires=Thu, 24 Mar 2033 23:35:11 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.123.95.62200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.123.95.62:0
File type ASCII text, with no line terminators
Hash c2fc76868e806459d8147e5cf6f8ecfc
12de096743f80fa88777fecfa34027ed553006eb
aeba98b45f0ce327840e98defcedb7f9d76222b0c55e9a3183d22195a484ae8d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nhentai.com
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:11 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nhentai.com
access-control-allow-credentials: true
set-cookie: uid_id2=220c3569-2dc7-4707-b223-31e678f688d3:1:1; expires=Thu, 24 Mar 2033 23:35:11 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
twinrdsrv.com/banner.engine?id=877be77e-6ff0-421d-a429-79ea9b757059&z=39750&cid=b9c&rand=30336&ver=async&time=0&referrerurl=https%3A%2F%2Fnhentai.com%2F&abr=false&curl=https%3A%2F%2Fnhentai.com%2F
172.66.43.59200 OK 2.2 kB URL HTTP/2 twinrdsrv.com/banner.engine?id=877be77e-6ff0-421d-a429-79ea9b757059&z=39750&cid=b9c&rand=30336&ver=async&time=0&referrerurl=https%3A%2F%2Fnhentai.com%2F&abr=false&curl=https%3A%2F%2Fnhentai.com%2F
IP 172.66.43.59:0
Hash a5ca78f5a7e332b970d34b8d36262079
8e67cb076af09ffe929759a45bac48238f581ee4
88bd18b9800987c47f2df693a8fe9abb4f303a6643ba294504ac09df513efe84
GET /banner.engine?id=877be77e-6ff0-421d-a429-79ea9b757059&z=39750&cid=b9c&rand=30336&ver=async&time=0&referrerurl=https%3A%2F%2Fnhentai.com%2F&abr=false&curl=https%3A%2F%2Fnhentai.com%2F HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn5.hentaihaven.fun/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=7c9afb23-e619-4f9e-8915-4ca8c2654d71; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure
ISSH=6A3583; path=/; SameSite=None; secure
VMI=; path=/; SameSite=None; secure
IPLH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Tue, 28-Mar-2023 03:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGFkrBE2qiswelQV7BsEOA9Ty4u3TY047DjUtGyXjpJbctNmq1%2BQqpEK6jN0E7gvCmf21q66EO0xzow8Mv9nEBrmFc5rHnYr0qv6eRd0ouWIGSpjQqXXGjgjj0a0J7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aeb72c2ff30069b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn5.hentaihaven.fun/api/spots/209336?host=nhentai.com&ev=205&wh=939&ww=1280&uuid=&s1=%25subid1%25
135.181.208.216200 OK 841 B URL HTTP/2 cdn5.hentaihaven.fun/api/spots/209336?host=nhentai.com&ev=205&wh=939&ww=1280&uuid=&s1=%25subid1%25
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 1c1f9f414ce7afed85ec1080b875c786
1c6b829961236c7861b22a9be1e64735f0826855
e6a8935437c0ede82c32123888768abac68b2b7e06362a14d6bc00cbb722db03
GET /api/spots/209336?host=nhentai.com&ev=205&wh=939&ww=1280&uuid=&s1=%25subid1%25 HTTP/1.1
Host: cdn5.hentaihaven.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Cookie: nauid=d8IWnF2Yhrtej07zNr1D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:10 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-153166130-1&cid=50358046.1679960130&jid=667270195&gjid=1473918243&_gid=1204986024.1679960130&_u=aEBAAEAAEAAAACAAI~&z=1451667723
173.194.221.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-153166130-1&cid=50358046.1679960130&jid=667270195&gjid=1473918243&_gid=1204986024.1679960130&_u=aEBAAEAAEAAAACAAI~&z=1451667723
IP 173.194.221.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-153166130-1&cid=50358046.1679960130&jid=667270195&gjid=1473918243&_gid=1204986024.1679960130&_u=aEBAAEAAEAAAACAAI~&z=1451667723 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://nhentai.com
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://nhentai.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 27 Mar 2023 23:35:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b76c41e7fa6c84786fbcab7d2cb465f4
8847dc11d36d0b4bb3bc84cf978ba5fd492a3123
851b090355da469b1e3c4ea302c7ad7941f2a6b4eb79447791927b792be73ac7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba50d379b2776214995c207b42c083a4
0f1b48c6d01ace326c49acf5bcac222f772e9f6a
6692886530b311f94ac3855df31c774feed6d5135dad4ac24921b6030fcbb8d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7ba0b9730b8fb55610287ac3588f8aa1
b2e1c8b30219467965ebcc541bb2a33d5fe7bf59
764aff4d087b3a8e798a0eda5080a1d6026ca912568b7b9d44681c44daf207e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-153166130-1&cid=50358046.1679960130&jid=667270195&_u=aEBAAEAAEAAAACAAI~&z=1074586259
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-153166130-1&cid=50358046.1679960130&jid=667270195&_u=aEBAAEAAEAAAACAAI~&z=1074586259
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-153166130-1&cid=50358046.1679960130&jid=667270195&_u=aEBAAEAAEAAAACAAI~&z=1074586259 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 23:35:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
go.xlirdr.com/smartpop/60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=97439be1-f463-4073-acd5-556f8a91b4ed&sourceId=6222&p1=61095&p2=83029&no_bb=1
104.18.59.150302 Found 0 B URL HTTP/2 go.xlirdr.com/smartpop/60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=97439be1-f463-4073-acd5-556f8a91b4ed&sourceId=6222&p1=61095&p2=83029&no_bb=1
IP 104.18.59.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=97439be1-f463-4073-acd5-556f8a91b4ed&sourceId=6222&p1=61095&p2=83029&no_bb=1 HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://twinrdsrv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 27 Mar 2023 23:35:11 GMT
content-length: 0
location: https://creative.cambaddies.com/widgets/v4/Universal?actionButtonPlacement=bottom&applyGeobans=0&autoplay=onHover&autoplayForce=1&broadcastHD=0&broadcastMobile=0&broadcastVR=0&buttonColor=%23DC0C2C&campaignId=60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54&campaignType=smartpop&creativeId=c1f85954f77878e0e35ab9f0604da8d286ec0e7b899f760f0c9f6d7d8eb93c90&goalEnabled=0&hideButton=0&hideButtonOnSmallSpots=1&hideLiveBadge=0&hideModelName=0&hideModelNameOnSmallSpots=1&hideTitle=1&hideTitleOnSmallSpots=1&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isMlCountry=0&isNew=0&isPerson=0&iterationId=272074&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&memberId=97439be1-f463-4073-acd5-556f8a91b4ed&no_bb=1&p1=61095&p2=83029&playButton=0&responsive=1&ruleId=0&smartpopId=7649&sourceId=6222&strict=0&thumbFit=cover&thumbSizeKey=big&thumbType=avatar&thumbsMargin=2&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=29583
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=67670872.29583; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCfFUFWhPdBMmYaZ8deqkXWsBmrct; SameSite=None; Secure; path=/; expires=Tue, 28-Mar-23 22:35:11 GMT; HttpOnly
server: cloudflare
cf-ray: 7aeb72c7be6bb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-153166130-1&cid=50358046.1679960130&jid=667270195&_u=aEBAAEAAEAAAACAAI~&z=1074586259
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-153166130-1&cid=50358046.1679960130&jid=667270195&_u=aEBAAEAAEAAAACAAI~&z=1074586259
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-153166130-1&cid=50358046.1679960130&jid=667270195&_u=aEBAAEAAEAAAACAAI~&z=1074586259 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 23:35:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash eb2978f78249fa2030ff84708ab627b5
0003a93bc57234fba10c90bd0bd80c00d5a90884
b76d3066ba863b1aaf4f5f4fced0a48768bc34de818dc3494e89c045f41f5acf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7ba0b9730b8fb55610287ac3588f8aa1
b2e1c8b30219467965ebcc541bb2a33d5fe7bf59
764aff4d087b3a8e798a0eda5080a1d6026ca912568b7b9d44681c44daf207e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 23:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14427
Expires: Tue, 28 Mar 2023 03:35:38 GMT
Date: Mon, 27 Mar 2023 23:35:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14427
Expires: Tue, 28 Mar 2023 03:35:38 GMT
Date: Mon, 27 Mar 2023 23:35:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14427
Expires: Tue, 28 Mar 2023 03:35:38 GMT
Date: Mon, 27 Mar 2023 23:35:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14427
Expires: Tue, 28 Mar 2023 03:35:38 GMT
Date: Mon, 27 Mar 2023 23:35:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14427
Expires: Tue, 28 Mar 2023 03:35:38 GMT
Date: Mon, 27 Mar 2023 23:35:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b185c2d-7167-4369-8cd8-7c5017834382.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b185c2d-7167-4369-8cd8-7c5017834382.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 088ee9246dd360ff8df1cfd861295d39
6e224650d4c0315d8218e2522fc9a0f1ca81799f
48ae55b65f6bb6f15580d28adc558b96086fb293fef375e7ab57944bf4301ae1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b185c2d-7167-4369-8cd8-7c5017834382.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7466
x-amzn-requestid: 229ed535-832e-4328-bafd-0cf2dec18fbe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbqLF8-IAMFzcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220ca7-61d293a52a1a02130d0ffa53;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:43 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: twfOE2opqTbozB5ds5beCG8JofUv_g4J71kTXPS0I8isCkpw-sB3Vg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:05:18 GMT
age: 5393
etag: "6e224650d4c0315d8218e2522fc9a0f1ca81799f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b013cb6-ed0b-4590-b333-a69ce6ed3986.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b013cb6-ed0b-4590-b333-a69ce6ed3986.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 478c720a6e45547c00de24695f491b36
27ac933b8ec68e34144691ecc9c90307b332c5b6
eecb9e57f5a92621ca79221094825ae7452616d1cd2e33e8ae96568c3467de3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b013cb6-ed0b-4590-b333-a69ce6ed3986.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6136
x-amzn-requestid: d89bc258-6bc7-4d51-bd2d-24d01880c217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbumHOPoAMFx2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cc3-4ff63f954bcd06c255903329;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:38:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: BaklHS9PEyxfeh6EiN6o-taRIdXJDl5kOa7YYyGJOAZGbrv9fZUzJw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:58:02 GMT
age: 5829
etag: "27ac933b8ec68e34144691ecc9c90307b332c5b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15e37de1dba62187e1e5f012145813f3
cfe8cd953330252e15594f403e2f38ec56acdfd7
89bf7dbcf5a7fca006545f001b47de0ab6f94014de4bd4c519f6050e6daa5aa0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6542
x-amzn-requestid: 1106a670-cf68-4e3d-b5af-3013407acc5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbsjGAaoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cb6-726c7ba02ddb31182834d82d;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:58 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: hWI0gKHs2830OtWE9Or5YEsE4aQSNLzf85--OGAQEqPEN-6bgWBbFw==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:05:26 GMT
age: 5385
etag: "cfe8cd953330252e15594f403e2f38ec56acdfd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: wlc65ytdELa_faMSddEDHZNsbtF1_CgMOho3W3BvkaOSrFyAkKUagg==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:43:57 GMT
age: 6674
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5d955ec5d3a9f655e4ca0523acfd039
e8b2cd28a02a2cee1b4e57c57570f2598721ff57
e7753ef91d6f04dce00f83cb1ba3ea4f1abb52140993fbee375e506597cee529
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6970
x-amzn-requestid: 9f7a82d7-dbba-4c67-a330-6a7f2b68177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdn3zGn7oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64222031-1d97c16f7a9c163c02fe72ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 23:01:05 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tFYFwzjyNtfiOJ3pLPC126YgOclndkmPYWrFTdLcWP9LgP9xjj_snQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 23:10:22 GMT
age: 1489
etag: "e8b2cd28a02a2cee1b4e57c57570f2598721ff57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f3d09299a52fe1ccfc29ba3f7f3fd8ba
45b8a4f114335995c9a9028d8ce62fb23cddc5e7
3abe313628decbc8d12ebf79cdcd5b282f2df453a32b745a469c05e8a2910c9e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3ABE313628DECBC8D12EBF79CDCD5B282F2DF453A32B745A469C05E8A2910C9E"
Last-Modified: Sun, 26 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8917
Expires: Tue, 28 Mar 2023 02:03:48 GMT
Date: Mon, 27 Mar 2023 23:35:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e7f11a7b2bcf82694495805df139feed
45e59e98fb4aeb3ca44c15e3e3bb77466cffe5e6
96ba810197f578fb975bd853acbe948c8e984a7b94d172305d411d4381cf80ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 7e76212a-4621-45ca-9212-da6957f4861f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdb5bGSiIAMFtoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220d08-507bf48c3eeba38b719de318;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:39:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: Zy7ItZQS-88zGHgnpCOzsRh6BL36AzV2MM-zUB5nCcLnaqgbJh8NxA==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:25:54 GMT
age: 4157
etag: "45e59e98fb4aeb3ca44c15e3e3bb77466cffe5e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 493733f4c855c39700a5c89ee8302c40
f2121b5c3351045974f286d498997738c63ea02e
c2e6e7271baf47b0b279116c1560981c035fcee615d4c648e51b71826e38876f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2E6E7271BAF47B0B279116C1560981C035FCEE615D4C648E51B71826E38876F"
Last-Modified: Mon, 27 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13861
Expires: Tue, 28 Mar 2023 03:26:12 GMT
Date: Mon, 27 Mar 2023 23:35:11 GMT
Connection: keep-alive
creative.cambaddies.com/widgets/v4/Universal?actionButtonPlacement=bottom&applyGeobans=0&autoplay=onHover&autoplayForce=1&broadcastHD=0&broadcastMobile=0&broadcastVR=0&buttonColor=%23DC0C2C&campaignId=60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54&campaignType=smartpop&creativeId=c1f85954f77878e0e35ab9f0604da8d286ec0e7b899f760f0c9f6d7d8eb93c90&goalEnabled=0&hideButton=0&hideButtonOnSmallSpots=1&hideLiveBadge=0&hideModelName=0&hideModelNameOnSmallSpots=1&hideTitle=1&hideTitleOnSmallSpots=1&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isMlCountry=0&isNew=0&isPerson=0&iterationId=272074&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&memberId=97439be1-f463-4073-acd5-556f8a91b4ed&no_bb=1&p1=61095&p2=83029&playButton=0&responsive=1&ruleId=0&smartpopId=7649&sourceId=6222&strict=0&thumbFit=cover&thumbSizeKey=big&thumbType=avatar&thumbsMargin=2&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=29583
88.208.29.90200 OK 852 B URL HTTP/2 creative.cambaddies.com/widgets/v4/Universal?actionButtonPlacement=bottom&applyGeobans=0&autoplay=onHover&autoplayForce=1&broadcastHD=0&broadcastMobile=0&broadcastVR=0&buttonColor=%23DC0C2C&campaignId=60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54&campaignType=smartpop&creativeId=c1f85954f77878e0e35ab9f0604da8d286ec0e7b899f760f0c9f6d7d8eb93c90&goalEnabled=0&hideButton=0&hideButtonOnSmallSpots=1&hideLiveBadge=0&hideModelName=0&hideModelNameOnSmallSpots=1&hideTitle=1&hideTitleOnSmallSpots=1&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isMlCountry=0&isNew=0&isPerson=0&iterationId=272074&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&memberId=97439be1-f463-4073-acd5-556f8a91b4ed&no_bb=1&p1=61095&p2=83029&playButton=0&responsive=1&ruleId=0&smartpopId=7649&sourceId=6222&strict=0&thumbFit=cover&thumbSizeKey=big&thumbType=avatar&thumbsMargin=2&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=29583
IP 88.208.29.90:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e8a8878b724c758a523c6a8deb556f69
c73090af711af6e34b75033e80d88c9a58862684
b419d82f5dfac36de707270604194268ec7f8ea920bb8704d57887d1b34d6907
GET /widgets/v4/Universal?actionButtonPlacement=bottom&applyGeobans=0&autoplay=onHover&autoplayForce=1&broadcastHD=0&broadcastMobile=0&broadcastVR=0&buttonColor=%23DC0C2C&campaignId=60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54&campaignType=smartpop&creativeId=c1f85954f77878e0e35ab9f0604da8d286ec0e7b899f760f0c9f6d7d8eb93c90&goalEnabled=0&hideButton=0&hideButtonOnSmallSpots=1&hideLiveBadge=0&hideModelName=0&hideModelNameOnSmallSpots=1&hideTitle=1&hideTitleOnSmallSpots=1&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isMlCountry=0&isNew=0&isPerson=0&iterationId=272074&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&memberId=97439be1-f463-4073-acd5-556f8a91b4ed&no_bb=1&p1=61095&p2=83029&playButton=0&responsive=1&ruleId=0&smartpopId=7649&sourceId=6222&strict=0&thumbFit=cover&thumbSizeKey=big&thumbType=avatar&thumbsMargin=2&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=29583 HTTP/1.1
Host: creative.cambaddies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://twinrdsrv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:11 GMT
content-type: text/html; charset=utf-8
content-length: 852
last-modified: Mon, 27 Mar 2023 08:47:47 GMT
etag: "64215833-354"
expires: Mon, 27 Mar 2023 23:35:21 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
accept-ranges: bytes
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }, { "url": "https://go.cambaddies.com/report", "max_age": 1048576 }
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d6d9d5a73de4ab8c5eee8aee3f2a3ed
db00c8ccc8cefd959cae4a093b8a8cda8e1cf2d8
e22da7aac2e0ba5ef9e15c054daba8aaa4cb6bd1c4c44589cad5dbf95804579c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E22DA7AAC2E0BA5EF9E15C054DABA8AAA4CB6BD1C4C44589CAD5DBF95804579C"
Last-Modified: Sun, 26 Mar 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8165
Expires: Tue, 28 Mar 2023 01:51:16 GMT
Date: Mon, 27 Mar 2023 23:35:11 GMT
Connection: keep-alive
cdn.goasrv.com/data/creatives/1164/35702.mp4
69.16.175.10206 Partial Content 868 kB URL HTTP/2 cdn.goasrv.com/data/creatives/1164/35702.mp4
IP 69.16.175.10:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 868 kB (867940 bytes)
Hash 7dee90b7e2e83be1aa95ce3b80b152b3
8f7a74a3dc36d0d483b22caf79da3fd47c3f4377
0d53a8e373bd007f11adeeb20dda51beb77b5847805c756101e79f17f5e5d826
GET /data/creatives/1164/35702.mp4 HTTP/1.1
Host: cdn.goasrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.goaserv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Mon, 27 Mar 2023 23:35:11 GMT
etag: "1662628261"
cache-control: max-age=86400
content-length: 867940
content-range: bytes 0-867939/867940
content-type: video/mp4
last-modified: Thu, 08 Sep 2022 09:11:01 GMT
accept-ranges: bytes
x-hw: 1679960111.dop208.sk1.t,1679960111.cds238.sk1.hn,1679960111.cds213.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
creative.cambaddies.com/widgets/v4/Universal/main.8022bc0e4f9df2b20c34.js
88.208.29.90200 OK 80 kB URL HTTP/2 creative.cambaddies.com/widgets/v4/Universal/main.8022bc0e4f9df2b20c34.js
IP 88.208.29.90:0
ASN #39572 DataWeb Global Group B.V.
Hash 49341a9f2ff17ea726e60006808a44ff
153663848b635558045acbb7e58b11cc21f2e698
6abf4f4a11059a0b77a3c0120e73e98f41708449422099c95a8782c79dbe3c29
GET /widgets/v4/Universal/main.8022bc0e4f9df2b20c34.js HTTP/1.1
Host: creative.cambaddies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.cambaddies.com/widgets/v4/Universal?actionButtonPlacement=bottom&applyGeobans=0&autoplay=onHover&autoplayForce=1&broadcastHD=0&broadcastMobile=0&broadcastVR=0&buttonColor=%23DC0C2C&campaignId=60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54&campaignType=smartpop&creativeId=c1f85954f77878e0e35ab9f0604da8d286ec0e7b899f760f0c9f6d7d8eb93c90&goalEnabled=0&hideButton=0&hideButtonOnSmallSpots=1&hideLiveBadge=0&hideModelName=0&hideModelNameOnSmallSpots=1&hideTitle=1&hideTitleOnSmallSpots=1&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isMlCountry=0&isNew=0&isPerson=0&iterationId=272074&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&memberId=97439be1-f463-4073-acd5-556f8a91b4ed&no_bb=1&p1=61095&p2=83029&playButton=0&responsive=1&ruleId=0&smartpopId=7649&sourceId=6222&strict=0&thumbFit=cover&thumbSizeKey=big&thumbType=avatar&thumbsMargin=2&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=29583
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:11 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 27 Mar 2023 08:48:45 GMT
etag: W/"6421586d-4319a"
expires: Mon, 27 Mar 2023 23:35:21 GMT
cache-control: max-age=10
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.cambaddies.com/report", "max_age": 1048576 }
content-encoding: gzip
X-Firefox-Spdy: h2
video.ktkjmp.com/adsbygoogle.js
104.18.48.21200 OK 16 B URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP 104.18.48.21:0
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.cambaddies.com/
Origin: https://creative.cambaddies.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:11 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: ITCcrq+ybIscvYd7Cvcyrp3VHkQeiMYLMsfIysOjMYpKC+ekktYAKnlvIo22jbs8izyd06qXbrs=
x-amz-request-id: 6F24Q9KGJJ1MARMX
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.cambaddies.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 54
expires: Tue, 28 Mar 2023 03:35:11 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aeb72caaec6b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.goaserv.com/banner.go?spaceid=1195888&sid2=e175e701-bbe4-4352-a252-b355e857040d&keywords=
217.22.19.196200 OK 6.3 kB URL HTTP/2 go.goaserv.com/banner.go?spaceid=1195888&sid2=e175e701-bbe4-4352-a252-b355e857040d&keywords=
IP 217.22.19.196:0
Hash e19ccb4cf431191033b15145a453aa8d
051129b510e2f6a3602d7029eab5a53a091eeb50
89c5a0038d54fcf6554de010fad0771c6ecaa18534ae0d891326db185435667f
GET /banner.go?spaceid=1195888&sid2=e175e701-bbe4-4352-a252-b355e857040d&keywords= HTTP/1.1
Host: go.goaserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://twinrdsrv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:11 GMT
content-type: text/html; charset=utf-8
expires: Mon, 03 Jul 2001 06:00:00 GMT
last-modified: Mon, 27 03 2023 23:35:11 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-backend-server: nl2-go-web-240
content-encoding: gzip
X-Firefox-Spdy: h2
witchcraftbarterexploded.com/sbar.json?key=71887b540f46f78b344779ef56c11068&uuid=8d1df0ac-38bc-459d-9f97-02b1f0738a7e%3A1%3A1
173.233.139.164200 OK 4.4 kB URL HTTP/1.1 witchcraftbarterexploded.com/sbar.json?key=71887b540f46f78b344779ef56c11068&uuid=8d1df0ac-38bc-459d-9f97-02b1f0738a7e%3A1%3A1
IP 173.233.139.164:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6222), with no line terminators
Hash e6121b7de8d6a728b779add4e3f4c251
4afcf51e1cadcbbb19da01a968a4308ec4059c4e
754f0748d55e88df421d246ae87011449d750c9e1611d75d2f350fe0494cb7d6
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=71887b540f46f78b344779ef56c11068&uuid=8d1df0ac-38bc-459d-9f97-02b1f0738a7e%3A1%3A1 HTTP/1.1
Host: witchcraftbarterexploded.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nhentai.com
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Mar 2023 23:35:11 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nhentai.com
Access-Control-Allow-Origin: https://nhentai.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17250696; expires=Tue, 28 Mar 2023 23:35:11 GMT; secure; SameSite=None
uid_id2=8d1df0ac-38bc-459d-9f97-02b1f0738a7e:1:1; expires=Mon, 03 Apr 2023 23:35:11 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 28 Mar 2023 23:35:11 GMT; secure; SameSite=None
uncs=1; expires=Tue, 28 Mar 2023 23:35:11 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 28 Mar 2023 23:35:11 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 28 Mar 2023 23:35:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bb42e4886f899eda74c3730d1e023550
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
go.cambaddies.com/abc.gif?actionButtonPlacement=bottom&buttonColor=%23DC0C2C&campaignId=60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54&campaignType=smartpop&creativeId=c1f85954f77878e0e35ab9f0604da8d286ec0e7b899f760f0c9f6d7d8eb93c90&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=272074&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&p1=61095&p2=83029&ruleId=0&smartpopId=7649&sourceId=6222&thumbFit=cover&thumbSizeKey=big&thumbType=avatar&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=29583&modelsLimit=2&quality=original&stripcashR=0&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=2&segment=canvas-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Ftwinrdsrv.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A489%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A302%2C%22duration%22%3A116%2C%22transferSize%22%3A80620%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A302%2C%22duration%22%3A58%2C%22transferSize%22%3A4575%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A634%2C%22duration%22%3A35%2C%22transferSize%22%3A3223%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A638%2C%22duration%22%3A0%7D%5D&mh=1835953940
88.208.29.90200 OK 103 B URL HTTP/2 go.cambaddies.com/abc.gif?actionButtonPlacement=bottom&buttonColor=%23DC0C2C&campaignId=60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54&campaignType=smartpop&creativeId=c1f85954f77878e0e35ab9f0604da8d286ec0e7b899f760f0c9f6d7d8eb93c90&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=272074&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&p1=61095&p2=83029&ruleId=0&smartpopId=7649&sourceId=6222&thumbFit=cover&thumbSizeKey=big&thumbType=avatar&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=29583&modelsLimit=2&quality=original&stripcashR=0&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=2&segment=canvas-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Ftwinrdsrv.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A489%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A302%2C%22duration%22%3A116%2C%22transferSize%22%3A80620%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A302%2C%22duration%22%3A58%2C%22transferSize%22%3A4575%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A634%2C%22duration%22%3A35%2C%22transferSize%22%3A3223%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A638%2C%22duration%22%3A0%7D%5D&mh=1835953940
IP 88.208.29.90:0
ASN #39572 DataWeb Global Group B.V.
Hash 8c99886486b9a004383cb4df29011c43
d79ca4754481fc59598bc08fcdf354900918bffe
bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c
GET /abc.gif?actionButtonPlacement=bottom&buttonColor=%23DC0C2C&campaignId=60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54&campaignType=smartpop&creativeId=c1f85954f77878e0e35ab9f0604da8d286ec0e7b899f760f0c9f6d7d8eb93c90&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=272074&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&p1=61095&p2=83029&ruleId=0&smartpopId=7649&sourceId=6222&thumbFit=cover&thumbSizeKey=big&thumbType=avatar&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=29583&modelsLimit=2&quality=original&stripcashR=0&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=2&segment=canvas-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Ftwinrdsrv.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A489%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A302%2C%22duration%22%3A116%2C%22transferSize%22%3A80620%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A302%2C%22duration%22%3A58%2C%22transferSize%22%3A4575%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A634%2C%22duration%22%3A35%2C%22transferSize%22%3A3223%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A638%2C%22duration%22%3A0%7D%5D&mh=1835953940 HTTP/1.1
Host: go.cambaddies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:11 GMT
content-type: image/gif
content-length: 103
strict-transport-security: max-age=15768000
access-control-allow-credentials: true
X-Firefox-Spdy: h2
go.cambaddies.com/api/models?applyGeobans=0&broadcastHD=0&broadcastMobile=0&broadcastVR=0&goalEnabled=0&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isNew=0&isPerson=0&language=en&strict=0&forceClient=1&stripcashR=0&limit=2
88.208.29.90200 OK 6.9 kB URL HTTP/2 go.cambaddies.com/api/models?applyGeobans=0&broadcastHD=0&broadcastMobile=0&broadcastVR=0&goalEnabled=0&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isNew=0&isPerson=0&language=en&strict=0&forceClient=1&stripcashR=0&limit=2
IP 88.208.29.90:0
ASN #39572 DataWeb Global Group B.V.
Hash 6f390f50147d3eb99a198cb2419a230f
d34bb18b0d2b860363e08e635c7d37c8881daa80
4d18150fc981f366ac758dd0e13182a10a8687834613301b72304f26ca7237bc
GET /api/models?applyGeobans=0&broadcastHD=0&broadcastMobile=0&broadcastVR=0&goalEnabled=0&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isNew=0&isPerson=0&language=en&strict=0&forceClient=1&stripcashR=0&limit=2 HTTP/1.1
Host: go.cambaddies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.cambaddies.com/
Origin: https://creative.cambaddies.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:11 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=15768000
access-control-allow-origin: https://creative.cambaddies.com
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
static-cdn.strpst.com/avatars/6/d/4/6d426b3f27d1665395e3b2b05946e5f8-full
104.18.63.124200 OK 9.9 kB URL HTTP/2 static-cdn.strpst.com/avatars/6/d/4/6d426b3f27d1665395e3b2b05946e5f8-full
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 200x200, components 3\012- data
Hash 597bf36d8cb657f06aae29988e3e328f
0c55df1981468178222f2957c64d8cea91891081
d5a0ecd374e6dc0747935ef9e77b21ec1de99761cc4916e8a60713a897332d58
GET /avatars/6/d/4/6d426b3f27d1665395e3b2b05946e5f8-full HTTP/1.1
Host: static-cdn.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:12 GMT
content-type: image/jpeg
content-length: 9943
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-bgj: imgq:100,h2pri
cf-polished: origSize=10087, status=webp_bigger
etag: "63ea2bf0-2767"
last-modified: Mon, 13 Feb 2023 12:24:16 GMT
x-cache-status: MISS
cf-cache-status: HIT
age: 1460
expires: Thu, 27 Apr 2023 23:35:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aeb72cc3c9fb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
witchcraftbarterexploded.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIecvFHLiLCKB4iuLPVMz3b0wYMxpgQjEnID3KuX71bbnVXU9U9vZlTSEBy8DDBi8febzZZNCGYP0CQWS8aEDIisgcX8jcIAW8yswOjD6ree%2FW9w%2Fu%2Br77arg4IRcX2r3xhh9oYttpr09bJmzqXtvatS9dbIW3TU62bOl%2BLTrW2ZpcbfBTSXpt%2B0DqvxKZd7dCQ0pCGrXPaqdRurc5R6OJxErYT2o467bAXYcv9v%2FdVAM8CyMEBeQNaTl%2FZ%2BOUptJggz344q%2FxmaYsPP8sqw0rrMJC7N%2FLN3NY5smWZugBpvruYhvVTQr49ApvvLhjADnZmDMD1lAR%2FhuD57mJN8MGDw025gcrB5XHUgwmUmUCzCYS9Cy2fE0BIXLqMPHt4ybqa3TpE2QydkmMv%2F4aup%2BTYXyeQZ0%2FOGL3VumZNVWqbe2ylDfTWBHp9gqLaQzk8Al3vQZR3oOVvZPXlReTZzmVvLLTcf78vQ5lSJla6fS5Wol4iV5I0iVdoh4cpjbt9Fqu5RFpPoNMJjBqB%2BQDV7OgAVRqgKgJkcr%2FFeklKaZzytNvtR0KIbleIXn9N9mQ36qcUlZhxGKEsRhBmBOFuo3C3sanvP1cUrvoJfqOBlwF8STCQDWpFUHuCmhHUmqAuCepB80Aa3%2FHNQ2l8xcNF7ixytxnbcn2bPbDlusrJdnFAXp9pF7ya3MOm2m%2FFYb8f815E02gtjfu8G0VxnKi0tybCkK714XUD7Y%2FMmQ71lLx5I0AxM9TfAWd78GYPQr8GVr0DVo%2FjDgXbGEd9imH%2BKN9Qecl0W9gM0jYoymMobwXb5oC8Nbfw42tvQ4lnp399cf7JieELCNegcA2%2B1D8TrJt746u2JjtXbe3J08tFqTM9ZDN7r5WsVEe%2F%2F1zdqq2TF8760XefiBkwKx9fV768yHKp83VPHp3RUip3zjqhyI8X%2FE3Fr1R%2B40zl8qq4eOXTcxeywinvtc0nYPq5%2FxpCT8lx%2B8%2F84777xzfQbgJXNciqZ2QR0HYCUdyGL5bbe0vgzHKGFwHqqhm7Dl8%2BGk1g1LJnvIH%2FT8%2BX9ba%2Fh3UXgJV3kWcNBq7BwDRgZgRfHR2XhXt2%2BvfuPMBNMObGBTvcOHP%2FUFqv91uql9JU0Y7iacLTmFGZpFHCWRKqmPdYiNJP5XsnV%2F8FAAD%2F%2FwEAAP%2F%2FrMQ3HJAEAAA%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 witchcraftbarterexploded.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIecvFHLiLCKB4iuLPVMz3b0wYMxpgQjEnID3KuX71bbnVXU9U9vZlTSEBy8DDBi8febzZZNCGYP0CQWS8aEDIisgcX8jcIAW8yswOjD6ree%2FW9w%2Fu%2Br77arg4IRcX2r3xhh9oYttpr09bJmzqXtvatS9dbIW3TU62bOl%2BLTrW2ZpcbfBTSXpt%2B0DqvxKZd7dCQ0pCGrXPaqdRurc5R6OJxErYT2o467bAXYcv9v%2FdVAM8CyMEBeQNaTl%2FZ%2BOUptJggz344q%2FxmaYsPP8sqw0rrMJC7N%2FLN3NY5smWZugBpvruYhvVTQr49ApvvLhjADnZmDMD1lAR%2FhuD57mJN8MGDw025gcrB5XHUgwmUmUCzCYS9Cy2fE0BIXLqMPHt4ybqa3TpE2QydkmMv%2F4aup%2BTYXyeQZ0%2FOGL3VumZNVWqbe2ylDfTWBHp9gqLaQzk8Al3vQZR3oOVvZPXlReTZzmVvLLTcf78vQ5lSJla6fS5Wol4iV5I0iVdoh4cpjbt9Fqu5RFpPoNMJjBqB%2BQDV7OgAVRqgKgJkcr%2FFeklKaZzytNvtR0KIbleIXn9N9mQ36qcUlZhxGKEsRhBmBOFuo3C3sanvP1cUrvoJfqOBlwF8STCQDWpFUHuCmhHUmqAuCepB80Aa3%2FHNQ2l8xcNF7ixytxnbcn2bPbDlusrJdnFAXp9pF7ya3MOm2m%2FFYb8f815E02gtjfu8G0VxnKi0tybCkK714XUD7Y%2FMmQ71lLx5I0AxM9TfAWd78GYPQr8GVr0DVo%2FjDgXbGEd9imH%2BKN9Qecl0W9gM0jYoymMobwXb5oC8Nbfw42tvQ4lnp399cf7JieELCNegcA2%2B1D8TrJt746u2JjtXbe3J08tFqTM9ZDN7r5WsVEe%2F%2F1zdqq2TF8760XefiBkwKx9fV768yHKp83VPHp3RUip3zjqhyI8X%2FE3Fr1R%2B40zl8qq4eOXTcxeywinvtc0nYPq5%2FxpCT8lx%2B8%2F84777xzfQbgJXNciqZ2QR0HYCUdyGL5bbe0vgzHKGFwHqqhm7Dl8%2BGk1g1LJnvIH%2FT8%2BX9ba%2Fh3UXgJV3kWcNBq7BwDRgZgRfHR2XhXt2%2BvfuPMBNMObGBTvcOHP%2FUFqv91uql9JU0Y7iacLTmFGZpFHCWRKqmPdYiNJP5XsnV%2F8FAAD%2F%2FwEAAP%2F%2FrMQ3HJAEAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIecvFHLiLCKB4iuLPVMz3b0wYMxpgQjEnID3KuX71bbnVXU9U9vZlTSEBy8DDBi8febzZZNCGYP0CQWS8aEDIisgcX8jcIAW8yswOjD6ree%2FW9w%2Fu%2Br77arg4IRcX2r3xhh9oYttpr09bJmzqXtvatS9dbIW3TU62bOl%2BLTrW2ZpcbfBTSXpt%2B0DqvxKZd7dCQ0pCGrXPaqdRurc5R6OJxErYT2o467bAXYcv9v%2FdVAM8CyMEBeQNaTl%2FZ%2BOUptJggz344q%2FxmaYsPP8sqw0rrMJC7N%2FLN3NY5smWZugBpvruYhvVTQr49ApvvLhjADnZmDMD1lAR%2FhuD57mJN8MGDw025gcrB5XHUgwmUmUCzCYS9Cy2fE0BIXLqMPHt4ybqa3TpE2QydkmMv%2F4aup%2BTYXyeQZ0%2FOGL3VumZNVWqbe2ylDfTWBHp9gqLaQzk8Al3vQZR3oOVvZPXlReTZzmVvLLTcf78vQ5lSJla6fS5Wol4iV5I0iVdoh4cpjbt9Fqu5RFpPoNMJjBqB%2BQDV7OgAVRqgKgJkcr%2FFeklKaZzytNvtR0KIbleIXn9N9mQ36qcUlZhxGKEsRhBmBOFuo3C3sanvP1cUrvoJfqOBlwF8STCQDWpFUHuCmhHUmqAuCepB80Aa3%2FHNQ2l8xcNF7ixytxnbcn2bPbDlusrJdnFAXp9pF7ya3MOm2m%2FFYb8f815E02gtjfu8G0VxnKi0tybCkK714XUD7Y%2FMmQ71lLx5I0AxM9TfAWd78GYPQr8GVr0DVo%2FjDgXbGEd9imH%2BKN9Qecl0W9gM0jYoymMobwXb5oC8Nbfw42tvQ4lnp399cf7JieELCNegcA2%2B1D8TrJt746u2JjtXbe3J08tFqTM9ZDN7r5WsVEe%2F%2F1zdqq2TF8760XefiBkwKx9fV768yHKp83VPHp3RUip3zjqhyI8X%2FE3Fr1R%2B40zl8qq4eOXTcxeywinvtc0nYPq5%2FxpCT8lx%2B8%2F84777xzfQbgJXNciqZ2QR0HYCUdyGL5bbe0vgzHKGFwHqqhm7Dl8%2BGk1g1LJnvIH%2FT8%2BX9ba%2Fh3UXgJV3kWcNBq7BwDRgZgRfHR2XhXt2%2BvfuPMBNMObGBTvcOHP%2FUFqv91uql9JU0Y7iacLTmFGZpFHCWRKqmPdYiNJP5XsnV%2F8FAAD%2F%2FwEAAP%2F%2FrMQ3HJAEAAA%3D HTTP/1.1
Host: witchcraftbarterexploded.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Cookie: u_pl=17250696; uid_id2=8d1df0ac-38bc-459d-9f97-02b1f0738a7e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Mar 2023 23:35:12 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 70813ffe211ce9bdcc18a1d971f017ab
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 52bf6eaa2bd61ccd8438e011919d34b2
b663944d7839ee42cf3e07e63cef4c62174e9638
64aef31ed05210a366d721707f43fa0aef45cc92909bd9c0b8fc155320ddf051
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64AEF31ED05210A366D721707F43FA0AEF45CC92909BD9C0B8FC155320DDF051"
Last-Modified: Sun, 26 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7224
Expires: Tue, 28 Mar 2023 01:35:36 GMT
Date: Mon, 27 Mar 2023 23:35:12 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
172.64.166.9200 OK 591 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
IP 172.64.166.9:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fd5bcb6103d86e317bd1eb019bcbe71
6b5a52ea669dcb74946f2bed4bdd7ec985026113
0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/big1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:12 GMT
content-type: image/png
content-length: 591
last-modified: Mon, 21 Feb 2022 10:06:44 GMT
etag: "62136434-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 11439782
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dg7jcg%2B7nxjAqayngWOkvN5IPxP2rChBKs1NUE6F5J%2BNXt9ULnUd%2BNYt%2BzK32Vv5I%2FIwbs1BbUHaUODAL4YKm9yRuZuqxRLkpBg7In7VgF0Ylkesy09S5EtsPs8ukiCSD5%2BkNcd9YBJd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aeb72ce5c3a7562-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js
172.64.166.9200 OK 1.5 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js
IP 172.64.166.9:0
Hash 26250915d3deaacf46471cdfced2f8df
05dbc74f84626ad773e9ba268784532b6391d333
ad742a726c0649cd673bc8d5681d1832ff8e510281f6201c4488339ed34c8f2f
GET /sb/ssp/vpn/classic-push/big1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nhentai.com
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:12 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 10:06:46 GMT
etag: W/"62136436-3be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 353530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Zo041tG0XUsCPygKoJNsm%2F3OTGhQNE%2FYOy%2B0miNNOROd7AqJ%2BmvZK%2Fb6sgmtq0altZ2mvBncXv5xG8ZN9v2ElWG3cWLC9ias3L7YwdvVQl%2FskooQbPoeSynuwzkxB%2Fq9pvpwpXvxsyU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aeb72ce6d9f76c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html
45.133.44.4200 OK 5.8 kB URL HTTP/2 cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash f69febb1aee8617e9738189271bf7fab
38d27b83f4f5d221cd219ac1c23a74a5b9e0dbad
3124c5f7e6d2608c27383aa88ea96495875dc11a08a7694f27ed21866a910aff
GET /sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nhentai.com
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:12 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Tue, 29 Mar 2022 08:27:10 GMT
etag: W/"6242c2de-602"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 28 Mar 2023 00:35:12 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/cb/1e/c8/cb1ec8a4a2648d5c6c711d1d58cd4fa8/1668080095.png
45.133.44.9200 OK 11 kB URL HTTP/2 cdn.cloudimagesb.com/si/cb/1e/c8/cb1ec8a4a2648d5c6c711d1d58cd4fa8/1668080095.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash bf15bcfdc71c0e9f42a4007ae882fbe7
b8204ff61ac5daa72f02f3651f7cceb89b6dd3ef
f4ab664d3cb6bd1e6814a064918a0493d3c680869692c12bc461acf9fb2946f0
GET /si/cb/1e/c8/cb1ec8a4a2648d5c6c711d1d58cd4fa8/1668080095.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:12 GMT
content-type: image/png
content-length: 11404
server: nginx/1.17.6
last-modified: Thu, 10 Nov 2022 11:35:03 GMT
etag: "636ce1e7-2c8c"
expires: Wed, 29 Mar 2023 23:35:12 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/9f/71/ed/9f71ed72e377bfdd5dfcb2d749dbdca1/1678693895.png
45.133.44.9200 OK 107 kB URL HTTP/2 cdn.cloudimagesb.com/si/9f/71/ed/9f71ed72e377bfdd5dfcb2d749dbdca1/1678693895.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size 107 kB (107240 bytes)
Hash 2b10eb86bb077d0ba6e26704b52b0d2d
ddc6906af994f35846d44527166d713e92516fde
8be8aabb5804cf08994b36ab227ec3f8b191dacb33a7575438bd8db4c170b595
GET /si/9f/71/ed/9f71ed72e377bfdd5dfcb2d749dbdca1/1678693895.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:12 GMT
content-type: image/png
content-length: 107240
server: nginx/1.17.6
last-modified: Mon, 13 Mar 2023 07:51:44 GMT
etag: "640ed610-1a2e8"
expires: Wed, 29 Mar 2023 23:35:12 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
witchcraftbarterexploded.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIecvFHLiLCKB4iuLPV0z3bPQYMxpgQjEnID3KurqqeLbe6q6nqnp7MKSQgOXiY4MVj7zebLJoQzB8gyKwXDQgZEdmDC%2FkbhIA3mdmB0QdV77363uF931dfbVcHhKJi%2B1e%2BMCOlNVvvtmnr5E2VC1O71qXrLZ%2B26anWTZVvhKdaw%2FllBx%2F5tNumH7TOS75l1jvUp9SnfuucsjI1w%2FUFClU87vntHm2HnbbfDTG0%2F%2B9d5cExD2JwQN6AErNXNn95CsWnyLMfzkq3VZriw8%2BySrPSWAzE7o18Kzd1jmxVptZDmu8up2HcjJBvj8Dku0sGMIOdOQMkaka8P30k%2Be5yTSSDB4ebJhoyRyKOox5MIfUUik3BzV0o8ZwAXODSZeTZw0vG1uzWIcrm6Iwce%2Fk3VD0jx%2F46gTx7ckarYeua0VWpTO4wTBuo4RSqP0VR7aEcHYGq98DLO1DiN7L%2B8iLybOey0wZK7L8fC1%2BklPG1IE74WtjtibVe2ovWaCfxUxoFMYvkQiKlplDpFFqOwZyHan6Uhyr1UBUeMrHfYt1eSmmUJmkQxCHnPAg478YboiuCME4pKj7nMEZZjMH1GNzeRmFvY0vdfy4pbPUT3GYDJzy4kmAgGtSSoHYENSOoFUFdEtSD5oHQruOah0K7KvGXubPMQTMxZX%2BbPTBlX%2BZkuzggr8%2B1817t3cOW3G9FfhxHSTekabiRRnEShGEU9WTa3eC%2BTzdiONVAuSMLpiM1I2%2Fe8FDMDXV3kLA9OL0Hrl4Dq94BqydRh4JtTsKYYpQ%2FyjdlXjLV5iaDMA2K8hjKW962PiBvLSz8%2BNrbkPzZ6V9fnH9yYvQC3DYobIMv1c8EfX1vctXUZOeqqR15erkoVaZGbG7vtZKV8uj3n8tbtbHiwlk3%2Fu4TPgfm5ePr0pUXWS5U3nfk0RklhLTnjOWS%2FHjB3ZTJlcptnqlsXhUXr3x67kJWWOmcMvkUTD13X4OrGTlu%2Fll83Hf%2F%2BAbKTmGrBln1jCwDykzBi9twxWp7ZwisXs0khYe6aia2k6wetSLQctWzpIH7T5%2Bs6m13D33rgZV3kWcNBrbBQDdgegxXHZ2UhX12%2BvdgEUi0N0m09XYSbfX9Q2md2m91%2FVDGSRxxIRLJhR91gjigtCNEGPWk30PpZuK9k%2Bv%2FAgAA%2F%2F8BAAD%2F%2F7jMufqQBAAA
173.233.139.164200 OK 7 B URL HTTP/1.1 witchcraftbarterexploded.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIecvFHLiLCKB4iuLPV0z3bPQYMxpgQjEnID3KurqqeLbe6q6nqnp7MKSQgOXiY4MVj7zebLJoQzB8gyKwXDQgZEdmDC%2FkbhIA3mdmB0QdV77363uF931dfbVcHhKJi%2B1e%2BMCOlNVvvtmnr5E2VC1O71qXrLZ%2B26anWTZVvhKdaw%2FllBx%2F5tNumH7TOS75l1jvUp9SnfuucsjI1w%2FUFClU87vntHm2HnbbfDTG0%2F%2B9d5cExD2JwQN6AErNXNn95CsWnyLMfzkq3VZriw8%2BySrPSWAzE7o18Kzd1jmxVptZDmu8up2HcjJBvj8Dku0sGMIOdOQMkaka8P30k%2Be5yTSSDB4ebJhoyRyKOox5MIfUUik3BzV0o8ZwAXODSZeTZw0vG1uzWIcrm6Iwce%2Fk3VD0jx%2F46gTx7ckarYeua0VWpTO4wTBuo4RSqP0VR7aEcHYGq98DLO1DiN7L%2B8iLybOey0wZK7L8fC1%2BklPG1IE74WtjtibVe2ovWaCfxUxoFMYvkQiKlplDpFFqOwZyHan6Uhyr1UBUeMrHfYt1eSmmUJmkQxCHnPAg478YboiuCME4pKj7nMEZZjMH1GNzeRmFvY0vdfy4pbPUT3GYDJzy4kmAgGtSSoHYENSOoFUFdEtSD5oHQruOah0K7KvGXubPMQTMxZX%2BbPTBlX%2BZkuzggr8%2B1817t3cOW3G9FfhxHSTekabiRRnEShGEU9WTa3eC%2BTzdiONVAuSMLpiM1I2%2Fe8FDMDXV3kLA9OL0Hrl4Dq94BqydRh4JtTsKYYpQ%2FyjdlXjLV5iaDMA2K8hjKW962PiBvLSz8%2BNrbkPzZ6V9fnH9yYvQC3DYobIMv1c8EfX1vctXUZOeqqR15erkoVaZGbG7vtZKV8uj3n8tbtbHiwlk3%2Fu4TPgfm5ePr0pUXWS5U3nfk0RklhLTnjOWS%2FHjB3ZTJlcptnqlsXhUXr3x67kJWWOmcMvkUTD13X4OrGTlu%2Fll83Hf%2F%2BAbKTmGrBln1jCwDykzBi9twxWp7ZwisXs0khYe6aia2k6wetSLQctWzpIH7T5%2Bs6m13D33rgZV3kWcNBrbBQDdgegxXHZ2UhX12%2BvdgEUi0N0m09XYSbfX9Q2md2m91%2FVDGSRxxIRLJhR91gjigtCNEGPWk30PpZuK9k%2Bv%2FAgAA%2F%2F8BAAD%2F%2F7jMufqQBAAA
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIecvFHLiLCKB4iuLPV0z3bPQYMxpgQjEnID3KurqqeLbe6q6nqnp7MKSQgOXiY4MVj7zebLJoQzB8gyKwXDQgZEdmDC%2FkbhIA3mdmB0QdV77363uF931dfbVcHhKJi%2B1e%2BMCOlNVvvtmnr5E2VC1O71qXrLZ%2B26anWTZVvhKdaw%2FllBx%2F5tNumH7TOS75l1jvUp9SnfuucsjI1w%2FUFClU87vntHm2HnbbfDTG0%2F%2B9d5cExD2JwQN6AErNXNn95CsWnyLMfzkq3VZriw8%2BySrPSWAzE7o18Kzd1jmxVptZDmu8up2HcjJBvj8Dku0sGMIOdOQMkaka8P30k%2Be5yTSSDB4ebJhoyRyKOox5MIfUUik3BzV0o8ZwAXODSZeTZw0vG1uzWIcrm6Iwce%2Fk3VD0jx%2F46gTx7ckarYeua0VWpTO4wTBuo4RSqP0VR7aEcHYGq98DLO1DiN7L%2B8iLybOey0wZK7L8fC1%2BklPG1IE74WtjtibVe2ovWaCfxUxoFMYvkQiKlplDpFFqOwZyHan6Uhyr1UBUeMrHfYt1eSmmUJmkQxCHnPAg478YboiuCME4pKj7nMEZZjMH1GNzeRmFvY0vdfy4pbPUT3GYDJzy4kmAgGtSSoHYENSOoFUFdEtSD5oHQruOah0K7KvGXubPMQTMxZX%2BbPTBlX%2BZkuzggr8%2B1817t3cOW3G9FfhxHSTekabiRRnEShGEU9WTa3eC%2BTzdiONVAuSMLpiM1I2%2Fe8FDMDXV3kLA9OL0Hrl4Dq94BqydRh4JtTsKYYpQ%2FyjdlXjLV5iaDMA2K8hjKW962PiBvLSz8%2BNrbkPzZ6V9fnH9yYvQC3DYobIMv1c8EfX1vctXUZOeqqR15erkoVaZGbG7vtZKV8uj3n8tbtbHiwlk3%2Fu4TPgfm5ePr0pUXWS5U3nfk0RklhLTnjOWS%2FHjB3ZTJlcptnqlsXhUXr3x67kJWWOmcMvkUTD13X4OrGTlu%2Fll83Hf%2F%2BAbKTmGrBln1jCwDykzBi9twxWp7ZwisXs0khYe6aia2k6wetSLQctWzpIH7T5%2Bs6m13D33rgZV3kWcNBrbBQDdgegxXHZ2UhX12%2BvdgEUi0N0m09XYSbfX9Q2md2m91%2FVDGSRxxIRLJhR91gjigtCNEGPWk30PpZuK9k%2Bv%2FAgAA%2F%2F8BAAD%2F%2F7jMufqQBAAA HTTP/1.1
Host: witchcraftbarterexploded.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Cookie: u_pl=17250696; uid_id2=8d1df0ac-38bc-459d-9f97-02b1f0738a7e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Mar 2023 23:35:12 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b56fb7594840b3642e0864d90643af1
Strict-Transport-Security: max-age=0; includeSubdomains
witchcraftbarterexploded.com/pixel/sbs?c=1
173.233.139.164200 OK 0 B URL HTTP/1.1 witchcraftbarterexploded.com/pixel/sbs?c=1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: witchcraftbarterexploded.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Cookie: u_pl=17250696; uid_id2=8d1df0ac-38bc-459d-9f97-02b1f0738a7e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 27 Mar 2023 23:35:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn5.hentaihaven.fun/api/spots/223429?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 cdn5.hentaihaven.fun/api/spots/223429?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/spots/223429?p=1&s1=%subid1%&kw= HTTP/1.1
Host: cdn5.hentaihaven.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn5.hentaihaven.fun/api/spots/223429?p=1&s1=%subid1%&kw=
Cookie: nauid=d8IWnF2Yhrtej07zNr1D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:16 GMT
content-length: 0
cache-control: private
X-Firefox-Spdy: h2
cdn5.hentaihaven.fun/api/click/6533858108495585095?c=90
135.181.208.216200 OK 0 B URL HTTP/2 cdn5.hentaihaven.fun/api/click/6533858108495585095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/6533858108495585095?c=90 HTTP/1.1
Host: cdn5.hentaihaven.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn5.hentaihaven.fun/api/spots/223429?p=1&s1=%subid1%&kw=
Cookie: nauid=d8IWnF2Yhrtej07zNr1D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:16 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
nhentai.com/en/comic/akatukiya-akatuki-myuuto-isekai-harem-paradise-bangai-hen-kinyoku-no-sister-no-kuni-an-other-world-harem-paradise-extra-edition-country-of-the-abstinent-sisters-english-doujinscom-digital
104.26.10.233200 OK 0 B URL HTTP/2 nhentai.com/en/comic/akatukiya-akatuki-myuuto-isekai-harem-paradise-bangai-hen-kinyoku-no-sister-no-kuni-an-other-world-harem-paradise-extra-edition-country-of-the-abstinent-sisters-english-doujinscom-digital
IP 104.26.10.233:0
GET /en/comic/akatukiya-akatuki-myuuto-isekai-harem-paradise-bangai-hen-kinyoku-no-sister-no-kuni-an-other-world-harem-paradise-extra-edition-country-of-the-abstinent-sisters-english-doujinscom-digital HTTP/1.1
Host: nhentai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:09 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InVIYjdLdnE5bVNWMXo1alRyWXBHbVE9PSIsInZhbHVlIjoiT0lPUk16RktEUVE1VmEzMlg3SU5Fa1h6ME1xT3JyN2dBdng3OVB5cXB1NkRoMnhYZTlUWS9MdWlnSXhvVUhqQlNlbDEvZ0ErS1M5RVlDYnVEcjIyVEtaeHJ3Tzkxd0hxZXIydGRMU2VheTh5ZEF3YU5jQmVhT3VjWi9YbmFodXMiLCJtYWMiOiJhMTNkMzk2MmMxNzRiOWI0Yzg2NjRlNDExYWVkNjU5MzlkMDQ0MDM4ZTM5NDEwZjRhNDRmNjBhZmFmMjhlNWU1In0%3D; expires=Tue, 28-Mar-2023 01:35:09 GMT; Max-Age=7200; path=/
nhentai_session=eyJpdiI6IllQalFuSGhhek02TEVoM0htd1N0dHc9PSIsInZhbHVlIjoiTzlGRUEwL1BFQWRaLzlKTjZBRWMzZ0RwU3lKOHFCQWMxdk0wR0JxWFNTOFhjdnFJS1FHT3dnVmdVUElETjVJTjZ4eEJXTFVocGdtNGt5N2JkS2dUZTVHcjdkZy9zVTUvTmwrc0wwNG5ORGJ6QXNVNnlWeGxYanlNYjJFd0w4VWsiLCJtYWMiOiJkOGFhYjI5YTRiNzgxMTJjOWU1YmZlZDgzYzA1NWQ0MTEyNjg1OTMzMWRjNGFkM2Q2NWNlMzZmZDk1ZDgyYzY4In0%3D; expires=Tue, 28-Mar-2023 01:35:09 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNy37aKanTRfhJVF1%2BiVF57cI0uNRlDIt04CLOOTbicXcT768fHNwzUX41cFKBiyKQT1ef9oXX2PcfcpNUHVHWTiVNlg1NvvxAH9agBy%2FaG91Ma7dcvbiMwDTjQl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aeb72ba8943fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
godpvqnszo.com/get/1955368?zoneid=1955368&jp=_clnpe8dg0fq6rngc3x01p3&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7991397214862488
62.122.171.6200 OK 0 B URL HTTP/2 godpvqnszo.com/get/1955368?zoneid=1955368&jp=_clnpe8dg0fq6rngc3x01p3&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7991397214862488
IP 62.122.171.6:0
GET /get/1955368?zoneid=1955368&jp=_clnpe8dg0fq6rngc3x01p3&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7991397214862488 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:09 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2303271835ca3a3ba6b8ff458584fb20a79a; Path=/; Expires=Tue, 26 Mar 2024 23:35:09 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn5.hentaihaven.fun/api/spots/223429?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 cdn5.hentaihaven.fun/api/spots/223429?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/223429?p=1&s1=%subid1%&kw= HTTP/1.1
Host: cdn5.hentaihaven.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=Eascv6z7IULtx2ngVOYp; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
go.goaserv.com/banner.go?spaceid=1195888&sid2=e80440db-ba23-47b7-a1fa-5103f8e99ab0&keywords=
217.22.19.196200 OK 0 B URL HTTP/2 go.goaserv.com/banner.go?spaceid=1195888&sid2=e80440db-ba23-47b7-a1fa-5103f8e99ab0&keywords=
IP 217.22.19.196:0
GET /banner.go?spaceid=1195888&sid2=e80440db-ba23-47b7-a1fa-5103f8e99ab0&keywords= HTTP/1.1
Host: go.goaserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://twinrdsrv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:16 GMT
content-type: text/html; charset=utf-8
expires: Mon, 03 Jul 2001 06:00:00 GMT
last-modified: Mon, 27 03 2023 23:35:16 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-backend-server: nl2-go-web-240
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js
IP 172.64.166.9:0
GET /sb/ssp/vpn/classic-push/big1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:12 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 10:06:46 GMT
etag: W/"62136436-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 11439809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uu79J%2FMKE63LvgeDe3NVLs96wwpmI7mVsltnPmA5gsGgA6SuFv6%2FQ7STCWU8riqipZkXeg3M043cLYEch%2FKXR409JXjs9KLq4sNkaGeYoggApodVyyNHtReE3aldMrTthfo3l9QOIVju"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aeb72cded1476c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.93200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.93:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:11 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 871af184acf8855dbba78dfddf83536a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 27 Mar 2023 23:35:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4lL6HFBIB3v3W4yKW%2F4BFHKkgYwuWN8jE2u2Uqad1jybIHiioLP1Af75zI8OkOmixDQ%2Bf4jiKs7Fn0TZSp72Ya64s2QyOClL6gWRX%2BWDLtEay73BdEMNxOFMfIfTbjfz8Tev%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aeb72c55e843856-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
godpvqnszo.com/aas/r45d/vki/1955368/587cbcf6.js
62.122.171.6200 OK 0 B URL HTTP/2 godpvqnszo.com/aas/r45d/vki/1955368/587cbcf6.js
IP 62.122.171.6:0
GET /aas/r45d/vki/1955368/587cbcf6.js HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:09 GMT
content-type: application/javascript
last-modified: Wed, 22 Mar 2023 14:10:15 GMT
vary: Accept-Encoding
etag: W/"641b0c47-123f5"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
cdn5.hentaihaven.fun/4zwk5w3.js
135.181.208.216200 OK 0 B URL HTTP/2 cdn5.hentaihaven.fun/4zwk5w3.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /4zwk5w3.js HTTP/1.1
Host: cdn5.hentaihaven.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:09 GMT
content-type: application/javascript
last-modified: Fri, 10 Mar 2023 13:42:03 GMT
etag: W/"640b33ab-2af50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
vary: Accept-Encoding, Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4b3b9541fe386ba754a368a9d0694d7a.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CTHUi9O0dgdGakXbduAWkp_1oB4UlqZRfZHZ_vOcUCm0BHhSI7c3Kg==
age: 171
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
twinrdsrv.com/banner.engine?id=877be77e-6ff0-421d-a429-79ea9b757059&z=39750&cid=b9c&rand=24151&ver=async&time=0&referrerurl=https%3A%2F%2Fnhentai.com%2F&abr=false&curl=https%3A%2F%2Fnhentai.com%2F
172.66.43.59200 OK 0 B URL HTTP/2 twinrdsrv.com/banner.engine?id=877be77e-6ff0-421d-a429-79ea9b757059&z=39750&cid=b9c&rand=24151&ver=async&time=0&referrerurl=https%3A%2F%2Fnhentai.com%2F&abr=false&curl=https%3A%2F%2Fnhentai.com%2F
IP 172.66.43.59:0
GET /banner.engine?id=877be77e-6ff0-421d-a429-79ea9b757059&z=39750&cid=b9c&rand=24151&ver=async&time=0&referrerurl=https%3A%2F%2Fnhentai.com%2F&abr=false&curl=https%3A%2F%2Fnhentai.com%2F HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn5.hentaihaven.fun/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=8e449a68-68e4-4b69-a55a-ddc0a0e256f0; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure
ISSH=6A3583; path=/; SameSite=None; secure
VMI=; path=/; SameSite=None; secure
IPLH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Tue, 28-Mar-2023 03:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{}; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[]; expires=Sun, 27-Mar-2033 23:35:10 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUTVtAxypRt5b5pMcPX%2FbAJVHaXDLdtNCH55JSSqJfbhC041iM3YGyXvYqXWSpkVVlE2dXhy4pEqN3MuPW8UxpMaOdO%2FIhZm1IFUxEe3o2MB4W48tIME%2F6tFSZOdeRw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aeb72c2ff32069b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css
IP 172.64.166.9:0
GET /sb/ssp/vpn/classic-push/big1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nhentai.com
Connection: keep-alive
Referer: https://nhentai.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 23:35:12 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 10:59:09 GMT
etag: W/"6213707d-1048"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 353531
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9bYrntnrD7N47gjO9naEVKH9aoodL7Giqd0mAEOTe9U0fGaBI6DMBwqIOQPErXWipSpN7TR5UtUspyf3MvsE4NNqe3SCuFASiPBycb0d66K0n2YEyf%2B%2BmPSYwaNcsTJvD9or1R5%2FGGF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aeb72cded1376c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creative.cambaddies.com/widgets/v4/Universal/main.8022bc0e4f9df2b20c34.css
88.208.29.90200 OK 0 B URL HTTP/2 creative.cambaddies.com/widgets/v4/Universal/main.8022bc0e4f9df2b20c34.css
IP 88.208.29.90:0
ASN #39572 DataWeb Global Group B.V.
GET /widgets/v4/Universal/main.8022bc0e4f9df2b20c34.css HTTP/1.1
Host: creative.cambaddies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.cambaddies.com/widgets/v4/Universal?actionButtonPlacement=bottom&applyGeobans=0&autoplay=onHover&autoplayForce=1&broadcastHD=0&broadcastMobile=0&broadcastVR=0&buttonColor=%23DC0C2C&campaignId=60684e88d309fbd3ff61f63ef06b1a247c89a296a8feb122dc3b2f4269c9ae54&campaignType=smartpop&creativeId=c1f85954f77878e0e35ab9f0604da8d286ec0e7b899f760f0c9f6d7d8eb93c90&goalEnabled=0&hideButton=0&hideButtonOnSmallSpots=1&hideLiveBadge=0&hideModelName=0&hideModelNameOnSmallSpots=1&hideTitle=1&hideTitleOnSmallSpots=1&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isMlCountry=0&isNew=0&isPerson=0&iterationId=272074&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&memberId=97439be1-f463-4073-acd5-556f8a91b4ed&no_bb=1&p1=61095&p2=83029&playButton=0&responsive=1&ruleId=0&smartpopId=7649&sourceId=6222&strict=0&thumbFit=cover&thumbSizeKey=big&thumbType=avatar&thumbsMargin=2&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=29583
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:11 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 27 Mar 2023 08:48:45 GMT
etag: W/"6421586d-3454"
expires: Mon, 27 Mar 2023 23:35:21 GMT
cache-control: max-age=10
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.cambaddies.com/report", "max_age": 1048576 }
content-encoding: gzip
X-Firefox-Spdy: h2
cdn5.hentaihaven.fun/api/spots/223429?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 cdn5.hentaihaven.fun/api/spots/223429?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/223429?p=1&s1=%subid1%&kw= HTTP/1.1
Host: cdn5.hentaihaven.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn5.hentaihaven.fun/api/spots/223429?p=1&s1=%subid1%&kw=
Cookie: nauid=d8IWnF2Yhrtej07zNr1D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 23:35:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2