Report - xh07o.bemobtrcks.com/go/140321fc-da93-49f1-b72a-5b352fa8d9f5

Report Overview

Submitted URL
xh07o.bemobtrcks.com/go/140321fc-da93-49f1-b72a-5b352fa8d9f5
IP
3.70.16.242
ASN
#16509 AMAZON-02
Submitted
2022-12-04 14:26:04
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
xh07o.bemobtrcks.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	1.2 kB	3.70.16.242
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.131
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	3.2 kB	142.250.74.106
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	967 B	35 kB	216.58.207.227
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
www.highperformancecpmgate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	3.8 kB	173.233.137.52
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.210.150.237
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.33.119.27
www.gaming-adult.com	315167	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	641 B	1.9 kB	18.194.134.212
mediasama.com	166244	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.8 kB	44 kB	144.217.67.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	highperformancecpmgate.com	Sinkholed
2022-12-04	medium	highperformancecpmgate.com	Sinkholed

JavaScript (2)

	URL	Size	First Seen	Last Seen
	www.highperformancecpmgate.com/b68jweik?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=17928087	2.1 kB	2023-03-07	2023-04-05
Pretty URL www.highperformancecpmgate.com/b68jweik?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=17928087 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	www.highperformancecpmgate.com/b68jweik?key=9ded9ef28f00bd387ca121db315af454	357 B	2023-03-08	2023-03-08
Pretty URL www.highperformancecpmgate.com/b68jweik?key=9ded9ef28f00bd387ca121db315af454 IP 173.233.137.52 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:04:31 Last Seen2023-03-08 16:04:31 Times Seen1 Hash 0dc21ca9b8e3504f7e0fb32123ac246e da38d9d8425e2b10b38eafb75b09eaac1adb5add 95a766953eec9d67a16301347035e79c84feab5de564c40e035e9371833c23a2 Loading...

HTTP Transactions (41)

URL IP Response Size

xh07o.bemobtrcks.com/go/140321fc-da93-49f1-b72a-5b352fa8d9f5

3.70.16.242

200 OK

196 B

URL HTTP/1.1
xh07o.bemobtrcks.com/go/140321fc-da93-49f1-b72a-5b352fa8d9f5
IP
3.70.16.242:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
196 B (196 bytes)
Hash
acb01181ce17aee559759a509acf9f8a
7e2f1df36e9f667ddd10f8c14b597c5db3204278
a839de7a43dafcdfc14a8ba24de98ad6483fe809582f8f9ae527728143a53430

HTTP Headers

GET /go/140321fc-da93-49f1-b72a-5b352fa8d9f5 HTTP/1.1
Host: xh07o.bemobtrcks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 04 Dec 2022 14:25:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
Access-Control-Allow-Origin: *
ETag: W/"d5-hpHmwSruRsFIXoAvZhFgIeeMNN0"
Set-Cookie: bemob-uniq-visit:140321fc-da93-49f1-b72a-5b352fa8d9f5=1; Domain=xh07o.bemobtrcks.com; Path=/; Expires=Mon, 05 Dec 2022 14:25:53 GMT; HttpOnly
bemob-rotation:140321fc-da93-49f1-b72a-5b352fa8d9f5:random:7563662a5aeb400ab8d3a4940d542dd8=0-0-0; Domain=xh07o.bemobtrcks.com; Path=/; Expires=Mon, 05 Dec 2022 14:25:53 GMT; HttpOnly
bemob-click-id=JiBFaiTvWbWyLgop3GQuSD; Domain=xh07o.bemobtrcks.com; Path=/; Expires=Mon, 05 Dec 2022 14:25:53 GMT; HttpOnly
X-Response-Time: 11.700ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18558
Expires: Sun, 04 Dec 2022 19:35:12 GMT
Date: Sun, 04 Dec 2022 14:25:54 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5625
Cache-Control: max-age=164348
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:25:54 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 12:05:02 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19590
Expires: Sun, 04 Dec 2022 19:52:24 GMT
Date: Sun, 04 Dec 2022 14:25:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 14:20:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 347
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: BvXeh6lOQLrIWBevc/RpyMagNcVE1CvjxzuvTOFaqddZMxx6w1Htfi5v9IgMjzO1IFeDNVg4T20=
x-amz-request-id: XTV8XAP8ZFY709EY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 13:47:00 GMT
age: 2334
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:25:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ea9b6b94ec4246f881cb1c742294c0f9
36cd3e7fd45c60d35a85371845f43913e677f2ec
0a77f69ec7f0062a734228f232388597b8a48a027c412280fa4e1a91bb2af5c7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A77F69EC7F0062A734228F232388597B8A48A027C412280FA4E1A91BB2AF5C7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 04 Dec 2022 20:25:54 GMT
Date: Sun, 04 Dec 2022 14:25:54 GMT
Connection: keep-alive

www.highperformancecpmgate.com/b68jweik?key=9ded9ef28f00bd387ca121db315af454

173.233.137.52

200 OK

1.2 kB

URL HTTP/1.1
www.highperformancecpmgate.com/b68jweik?key=9ded9ef28f00bd387ca121db315af454
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.2 kB (1232 bytes)
Hash
b75abbaaba0329150b3e0aba1d9bc757
6469a69b2df03e5f61de1a3966f0b8c344cc2fd1
60cac74b5e90566ecee58e4729fedec2720e81725952115e9ea1bdedf7da984b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /b68jweik?key=9ded9ef28f00bd387ca121db315af454 HTTP/1.1
Host: www.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 14:25:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17928087; expires=Mon, 05 Dec 2022 14:25:54 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkyODA4NywiayI6IjlkZWQ5ZWYyOGYwMGJkMzg3Y2ExMjFkYjMxNWFmNDU0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODk4MDg1LCJwaWQiOjQ3NjgwOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoiYjY4andlaWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiJ9fQ.A-oXxKMXVpmib5qBm9rOZgJ-nEeVH5tMz6Qyze5ge1M; expires=Sun, 04 Dec 2022 14:26:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a5f1203e55558fc4174537445a39111
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 14:08:58 GMT
cache-control: public,max-age=3600
age: 1016
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5624
Cache-Control: max-age=159280
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:25:55 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:40:35 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.210.150.237

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.150.237:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J7SqHcSBRMxozsYL3KEE5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AIY33rKothydOCIhCZwcuOYRpto=

www.highperformancecpmgate.com/b68jweik?shu=2a941215d2548609ee6c593f657ceb3cb06dd762dd58ab3f19af2dba777b9ccaee7dd00d4d247ab7047e9d4e97045e3ab45d78ee5368094673088875beac912202c1c1caa09d65151a55fa93bffc2a675503fffe2cc5b776708b2568825c873d8e88b243&pst=1670164014&rmtc=t&uuid=&pii=&in=false&key=9ded9ef28f00bd387ca121db315af454

173.233.137.52

302 Found

0 B

URL HTTP/1.1
www.highperformancecpmgate.com/b68jweik?shu=2a941215d2548609ee6c593f657ceb3cb06dd762dd58ab3f19af2dba777b9ccaee7dd00d4d247ab7047e9d4e97045e3ab45d78ee5368094673088875beac912202c1c1caa09d65151a55fa93bffc2a675503fffe2cc5b776708b2568825c873d8e88b243&pst=1670164014&rmtc=t&uuid=&pii=&in=false&key=9ded9ef28f00bd387ca121db315af454
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /b68jweik?shu=2a941215d2548609ee6c593f657ceb3cb06dd762dd58ab3f19af2dba777b9ccaee7dd00d4d247ab7047e9d4e97045e3ab45d78ee5368094673088875beac912202c1c1caa09d65151a55fa93bffc2a675503fffe2cc5b776708b2568825c873d8e88b243&pst=1670164014&rmtc=t&uuid=&pii=&in=false&key=9ded9ef28f00bd387ca121db315af454 HTTP/1.1
Host: www.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.highperformancecpmgate.com/b68jweik?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=17928087
Cookie: u_pl=17928087; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkyODA4NywiayI6IjlkZWQ5ZWYyOGYwMGJkMzg3Y2ExMjFkYjMxNWFmNDU0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODk4MDg1LCJwaWQiOjQ3NjgwOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoiYjY4andlaWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiJ9fQ.A-oXxKMXVpmib5qBm9rOZgJ-nEeVH5tMz6Qyze5ge1M; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 14:25:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c
Set-Cookie: pdhtkv=true; expires=Mon, 05 Dec 2022 14:25:55 GMT
uncs=1; expires=Mon, 05 Dec 2022 14:25:55 GMT
pdhtkv28=true; expires=Mon, 05 Dec 2022 14:25:55 GMT
uncs28=1; expires=Mon, 05 Dec 2022 14:25:55 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 48e720815c01a7a4bd93a1c956908a9d
Strict-Transport-Security: max-age=0; includeSubdomains

www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c

18.194.134.212

302 Found

0 B

URL HTTP/2
www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c
IP
18.194.134.212:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c HTTP/1.1
Host: www.gaming-adult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancecpmgate.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 14:25:55 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mediasama.com/hentaiheroes/23/n/?cep=F7J2tgjnKRk14ZqokNlK9Wvj8nCotzHHSy8b1JPyR0GkUVJVoWyiaLvhcokP0VBnuFzalQypvimmEpmWBdzKGhfn58ptchosJjaSC42rIuHb-DrgMkQoV4HwzjbqgVnQrCfiWN8z4eJIBf78eTGNrO3GlnAT3IPiIg7Pzz_2emnBlDTQShZxSMx0W_Hbss6bEcbCfcfSqNaWaRJ64-i1SyY2_iphJR03eeVC5SfUTkkTu8sbP3EVaPDsz-IOY6dzbox2RFO-pZCrrpUypUpw4WeDtn_mY4LXQDyDt8D7mYdAt2oulzpqzsq77GLkk9NaqxruPOZqUACpn70p1wz3xSShxYV1SY-to9Sj4bst3W_B_7OPvROBS64FXa9PfoA-fDmul5nXtr80SfjLq5QnR_mU-gS4csEobWQUEVeSKI4N7fmyM8Sn_KXQKxsv7V3hGyPQtjzySILwiJh2uMEvO-37tihCOFZocfR5YBU3zLhfYovQs425ocSs-JcQCcXBoI0MTkIZmHL5RIxqWS3GLg&lptoken=165a70a416e8577e55bc&campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c
pragma: no-cache
set-cookie: 7204697f-4e8d-41d7-be50-8876231cc9f1-v4=qCFHK6hApy5N_f_phpEw9dfXTMWQ6gT5k9nZrtNSBmE; Max-Age=86400; Expires=Mon, 05-Dec-2022 14:25:55 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=H6jysXcESHTSNVrfqWvzJT3T7lchJnvPKlBRbH9p8ZG_a8NMUZNak-L_1bY7pHDFFAHwaeFwRjUQtLpzp4uOUCbh_vdvCdb0afjSzqpGeY-W9myWe8ZdahUGIpnQmItlZrnQHrR_6hS0VistiDAKpdXkTint5FV816uxCeIHLUk5iO96yZY5KLeJNYcImT4Jattx0exydUpWmVl93oQDGqRiWM2_bDVZNGUEoIwF2rogjFBp3gOLKhqNSThsHZiICkw2Nvcvy6oigLvGJXASbSz5AgOc9-1fEZpI1T3bI3eXVS4V4FN_TKlve7DgxaaXbRK_oFuUNDalrhDAkGIx1ZRE-aAiE-M8Oc5Dd0zKiICaEi7xWFcYmBKFUtjTd8g0v6SC0CDqM1RAS51as2gWRimquhC1SiGvYBBMK4o-uvMqNMwvEQaT5S5GoJXDrC5gNS6zAHszy_3BJ1ElZnD0EH1_i-V2hfK1moKoUyMTIxI1L8XxE2FaZWK5hl2JcyriBgpgR8cinVfqTPjcLdbSBg; Max-Age=86400; Expires=Mon, 05-Dec-2022 14:25:55 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fecb871129b44b5b51552262338885d9
f1f53a2af0193fbe611fc7ae29734aaf6752223b
373254e5edf95649e51b1d8adfb7ca76001ad2b8ba0e2a8eedcd025298063450

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373254E5EDF95649E51B1D8ADFB7CA76001AD2B8BA0E2A8EEDCD025298063450"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21524
Expires: Sun, 04 Dec 2022 20:24:40 GMT
Date: Sun, 04 Dec 2022 14:25:56 GMT
Connection: keep-alive

mediasama.com/hentaiheroes/23/n/?cep=F7J2tgjnKRk14ZqokNlK9Wvj8nCotzHHSy8b1JPyR0GkUVJVoWyiaLvhcokP0VBnuFzalQypvimmEpmWBdzKGhfn58ptchosJjaSC42rIuHb-DrgMkQoV4HwzjbqgVnQrCfiWN8z4eJIBf78eTGNrO3GlnAT3IPiIg7Pzz_2emnBlDTQShZxSMx0W_Hbss6bEcbCfcfSqNaWaRJ64-i1SyY2_iphJR03eeVC5SfUTkkTu8sbP3EVaPDsz-IOY6dzbox2RFO-pZCrrpUypUpw4WeDtn_mY4LXQDyDt8D7mYdAt2oulzpqzsq77GLkk9NaqxruPOZqUACpn70p1wz3xSShxYV1SY-to9Sj4bst3W_B_7OPvROBS64FXa9PfoA-fDmul5nXtr80SfjLq5QnR_mU-gS4csEobWQUEVeSKI4N7fmyM8Sn_KXQKxsv7V3hGyPQtjzySILwiJh2uMEvO-37tihCOFZocfR5YBU3zLhfYovQs425ocSs-JcQCcXBoI0MTkIZmHL5RIxqWS3GLg&lptoken=165a70a416e8577e55bc&campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c

144.217.67.42

200 OK

742 B

URL HTTP/1.1
mediasama.com/hentaiheroes/23/n/?cep=F7J2tgjnKRk14ZqokNlK9Wvj8nCotzHHSy8b1JPyR0GkUVJVoWyiaLvhcokP0VBnuFzalQypvimmEpmWBdzKGhfn58ptchosJjaSC42rIuHb-DrgMkQoV4HwzjbqgVnQrCfiWN8z4eJIBf78eTGNrO3GlnAT3IPiIg7Pzz_2emnBlDTQShZxSMx0W_Hbss6bEcbCfcfSqNaWaRJ64-i1SyY2_iphJR03eeVC5SfUTkkTu8sbP3EVaPDsz-IOY6dzbox2RFO-pZCrrpUypUpw4WeDtn_mY4LXQDyDt8D7mYdAt2oulzpqzsq77GLkk9NaqxruPOZqUACpn70p1wz3xSShxYV1SY-to9Sj4bst3W_B_7OPvROBS64FXa9PfoA-fDmul5nXtr80SfjLq5QnR_mU-gS4csEobWQUEVeSKI4N7fmyM8Sn_KXQKxsv7V3hGyPQtjzySILwiJh2uMEvO-37tihCOFZocfR5YBU3zLhfYovQs425ocSs-JcQCcXBoI0MTkIZmHL5RIxqWS3GLg&lptoken=165a70a416e8577e55bc&campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
742 B (742 bytes)
Hash
8a047aa3e8501599920d0e16e1c00ea0
892835a17aa7ae7e0efac088071e79aa6e62e397
581a607566845779e2cb0492907926cf278e64ff4bef61edefac8adab464a24b

HTTP Headers

GET /hentaiheroes/23/n/?cep=F7J2tgjnKRk14ZqokNlK9Wvj8nCotzHHSy8b1JPyR0GkUVJVoWyiaLvhcokP0VBnuFzalQypvimmEpmWBdzKGhfn58ptchosJjaSC42rIuHb-DrgMkQoV4HwzjbqgVnQrCfiWN8z4eJIBf78eTGNrO3GlnAT3IPiIg7Pzz_2emnBlDTQShZxSMx0W_Hbss6bEcbCfcfSqNaWaRJ64-i1SyY2_iphJR03eeVC5SfUTkkTu8sbP3EVaPDsz-IOY6dzbox2RFO-pZCrrpUypUpw4WeDtn_mY4LXQDyDt8D7mYdAt2oulzpqzsq77GLkk9NaqxruPOZqUACpn70p1wz3xSShxYV1SY-to9Sj4bst3W_B_7OPvROBS64FXa9PfoA-fDmul5nXtr80SfjLq5QnR_mU-gS4csEobWQUEVeSKI4N7fmyM8Sn_KXQKxsv7V3hGyPQtjzySILwiJh2uMEvO-37tihCOFZocfR5YBU3zLhfYovQs425ocSs-JcQCcXBoI0MTkIZmHL5RIxqWS3GLg&lptoken=165a70a416e8577e55bc&campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancecpmgate.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 14:25:56 GMT
Server: Apache
Last-Modified: Tue, 12 Oct 2021 14:25:22 GMT
ETag: "a74-5ce289dace001-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 742
Content-Type: text/html

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:25:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:25:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mediasama.com/hentaiheroes/23/assets/styles.css

144.217.67.42

200 OK

1.5 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/23/assets/styles.css
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
1.5 kB (1548 bytes)
Hash
0849f576b1496ba8fa5e3f32ffe7a65f
3041d65e516bc66b68955f05e9b0d949ee65403e
498ecea380d4b1fc44ed2dee08514f9e163b5dfc7fb793a041726e255c482e8d

HTTP Headers

GET /hentaiheroes/23/assets/styles.css HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/23/n/?cep=F7J2tgjnKRk14ZqokNlK9Wvj8nCotzHHSy8b1JPyR0GkUVJVoWyiaLvhcokP0VBnuFzalQypvimmEpmWBdzKGhfn58ptchosJjaSC42rIuHb-DrgMkQoV4HwzjbqgVnQrCfiWN8z4eJIBf78eTGNrO3GlnAT3IPiIg7Pzz_2emnBlDTQShZxSMx0W_Hbss6bEcbCfcfSqNaWaRJ64-i1SyY2_iphJR03eeVC5SfUTkkTu8sbP3EVaPDsz-IOY6dzbox2RFO-pZCrrpUypUpw4WeDtn_mY4LXQDyDt8D7mYdAt2oulzpqzsq77GLkk9NaqxruPOZqUACpn70p1wz3xSShxYV1SY-to9Sj4bst3W_B_7OPvROBS64FXa9PfoA-fDmul5nXtr80SfjLq5QnR_mU-gS4csEobWQUEVeSKI4N7fmyM8Sn_KXQKxsv7V3hGyPQtjzySILwiJh2uMEvO-37tihCOFZocfR5YBU3zLhfYovQs425ocSs-JcQCcXBoI0MTkIZmHL5RIxqWS3GLg&lptoken=165a70a416e8577e55bc&campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 14:25:56 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 00:43:30 GMT
ETag: "13af-5ccef62ce17d0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1548
Content-Type: text/css

fonts.googleapis.com/css2?family=Luckiest+Guy&display=swap

142.250.74.106

200 OK

760 B

URL HTTP/2
fonts.googleapis.com/css2?family=Luckiest+Guy&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
760 B (760 bytes)
Hash
3d994cb1ee00cf39df6a48bb8b82bb3b
cb4a1a8cd82499df1a2ebb8904d547ba50d7394d
cbd9d627563b3f51ccd33d6a0432110e550f3f6e2e811d17a060d59b602bb13d

HTTP Headers

GET /css2?family=Luckiest+Guy&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 14:25:56 GMT
date: Sun, 04 Dec 2022 14:25:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:25:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2

216.58.207.227

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17360, version 1.0\012- data
Size
17 kB (17360 bytes)
Hash
70322c317b1f4e2e17dbc6b672f95f5f
f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a

HTTP Headers

GET /s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediasama.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:31:39 GMT
expires: Fri, 01 Dec 2023 12:31:39 GMT
cache-control: public, max-age=31536000
age: 266057
last-modified: Tue, 19 Apr 2022 18:58:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:25:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediasama.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 327122
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:25:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto&display=swap

142.250.74.106

200 OK

971 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
971 B (971 bytes)
Hash
abbaff21104458a3a5a8fb1f842aa1db
a6f8c0b8374f0e6b362a7e05803b57b7d9e8a246
da07ffa33167ea04b652e021c5b7859183210b26d111cd4ff44bd39255fc8e99

HTTP Headers

GET /css2?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 14:25:56 GMT
date: Sun, 04 Dec 2022 14:25:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mediasama.com/hentaiheroes/23/assets/img/logo.png

144.217.67.42

200 OK

8.6 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/23/assets/img/logo.png
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 381 x 73, 8-bit/color RGBA, non-interlaced\012- data
Size
8.6 kB (8642 bytes)
Hash
e41d990778ed03dcc30e189ac819a513
ebfa80eb3559ec57c897ccd36f95b8f008a2896c
84ce8b03bab03aea70c16274561aa2b873498fab120ab14e409a4eb889586a61

HTTP Headers

GET /hentaiheroes/23/assets/img/logo.png HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/23/n/?cep=F7J2tgjnKRk14ZqokNlK9Wvj8nCotzHHSy8b1JPyR0GkUVJVoWyiaLvhcokP0VBnuFzalQypvimmEpmWBdzKGhfn58ptchosJjaSC42rIuHb-DrgMkQoV4HwzjbqgVnQrCfiWN8z4eJIBf78eTGNrO3GlnAT3IPiIg7Pzz_2emnBlDTQShZxSMx0W_Hbss6bEcbCfcfSqNaWaRJ64-i1SyY2_iphJR03eeVC5SfUTkkTu8sbP3EVaPDsz-IOY6dzbox2RFO-pZCrrpUypUpw4WeDtn_mY4LXQDyDt8D7mYdAt2oulzpqzsq77GLkk9NaqxruPOZqUACpn70p1wz3xSShxYV1SY-to9Sj4bst3W_B_7OPvROBS64FXa9PfoA-fDmul5nXtr80SfjLq5QnR_mU-gS4csEobWQUEVeSKI4N7fmyM8Sn_KXQKxsv7V3hGyPQtjzySILwiJh2uMEvO-37tihCOFZocfR5YBU3zLhfYovQs425ocSs-JcQCcXBoI0MTkIZmHL5RIxqWS3GLg&lptoken=165a70a416e8577e55bc&campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 14:25:56 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 00:43:32 GMT
ETag: "21c2-5ccef62ed57cf"
Accept-Ranges: bytes
Content-Length: 8642
Content-Type: image/png

mediasama.com/hentaiheroes/23/assets/vid/a1.mp4

144.217.67.42

206 Partial Content

32 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/23/assets/vid/a1.mp4
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size
32 kB (31747 bytes)
Hash
0a7d69d8ad4a2eef0eee17e25f83c9bf
abad3af01160bb045aed0fcfcff0f98e31274da6
498b66ce635bf078eb13005bc339b1ba73ee993647de2849695dbb39d5eb4fcd

HTTP Headers

GET /hentaiheroes/23/assets/vid/a1.mp4 HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/23/n/?cep=F7J2tgjnKRk14ZqokNlK9Wvj8nCotzHHSy8b1JPyR0GkUVJVoWyiaLvhcokP0VBnuFzalQypvimmEpmWBdzKGhfn58ptchosJjaSC42rIuHb-DrgMkQoV4HwzjbqgVnQrCfiWN8z4eJIBf78eTGNrO3GlnAT3IPiIg7Pzz_2emnBlDTQShZxSMx0W_Hbss6bEcbCfcfSqNaWaRJ64-i1SyY2_iphJR03eeVC5SfUTkkTu8sbP3EVaPDsz-IOY6dzbox2RFO-pZCrrpUypUpw4WeDtn_mY4LXQDyDt8D7mYdAt2oulzpqzsq77GLkk9NaqxruPOZqUACpn70p1wz3xSShxYV1SY-to9Sj4bst3W_B_7OPvROBS64FXa9PfoA-fDmul5nXtr80SfjLq5QnR_mU-gS4csEobWQUEVeSKI4N7fmyM8Sn_KXQKxsv7V3hGyPQtjzySILwiJh2uMEvO-37tihCOFZocfR5YBU3zLhfYovQs425ocSs-JcQCcXBoI0MTkIZmHL5RIxqWS3GLg&lptoken=165a70a416e8577e55bc&campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Date: Sun, 04 Dec 2022 14:25:56 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 00:43:35 GMT
ETag: "99c5d-5ccef631978ae"
Accept-Ranges: bytes
Content-Length: 629853
Content-Range: bytes 0-629852/629853
Content-Type: video/mp4

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7133
Expires: Sun, 04 Dec 2022 16:24:49 GMT
Date: Sun, 04 Dec 2022 14:25:56 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7133
Expires: Sun, 04 Dec 2022 16:24:49 GMT
Date: Sun, 04 Dec 2022 14:25:56 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7133
Expires: Sun, 04 Dec 2022 16:24:49 GMT
Date: Sun, 04 Dec 2022 14:25:56 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7133
Expires: Sun, 04 Dec 2022 16:24:49 GMT
Date: Sun, 04 Dec 2022 14:25:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8315 bytes)
Hash
db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 60197
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 59774
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4666 bytes)
Hash
c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 60115
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7503 bytes)
Hash
c1a6f4805f59db44f9d3520d88701a58
6a0258e8c97ce09f1723382c8a16d9682b7dc50c
ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7503
x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZjCGkVIAMFpsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:23:21 GMT
age: 25355
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8989 bytes)
Hash
a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 59755
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8196
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 14:25:56 GMT
Connection: keep-alive

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16143 bytes)
Hash
14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 30636
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mediasama.com/hentaiheroes/23/assets/vid/a3.mp4

144.217.67.42

206 Partial Content

0 B

URL HTTP/1.1
mediasama.com/hentaiheroes/23/assets/vid/a3.mp4
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /hentaiheroes/23/assets/vid/a3.mp4 HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/23/n/?cep=F7J2tgjnKRk14ZqokNlK9Wvj8nCotzHHSy8b1JPyR0GkUVJVoWyiaLvhcokP0VBnuFzalQypvimmEpmWBdzKGhfn58ptchosJjaSC42rIuHb-DrgMkQoV4HwzjbqgVnQrCfiWN8z4eJIBf78eTGNrO3GlnAT3IPiIg7Pzz_2emnBlDTQShZxSMx0W_Hbss6bEcbCfcfSqNaWaRJ64-i1SyY2_iphJR03eeVC5SfUTkkTu8sbP3EVaPDsz-IOY6dzbox2RFO-pZCrrpUypUpw4WeDtn_mY4LXQDyDt8D7mYdAt2oulzpqzsq77GLkk9NaqxruPOZqUACpn70p1wz3xSShxYV1SY-to9Sj4bst3W_B_7OPvROBS64FXa9PfoA-fDmul5nXtr80SfjLq5QnR_mU-gS4csEobWQUEVeSKI4N7fmyM8Sn_KXQKxsv7V3hGyPQtjzySILwiJh2uMEvO-37tihCOFZocfR5YBU3zLhfYovQs425ocSs-JcQCcXBoI0MTkIZmHL5RIxqWS3GLg&lptoken=165a70a416e8577e55bc&campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Date: Sun, 04 Dec 2022 14:25:56 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 00:43:42 GMT
ETag: "98419-5ccef638438ca"
Accept-Ranges: bytes
Content-Length: 623641
Content-Range: bytes 0-623640/623641
Content-Type: video/mp4

mediasama.com/hentaiheroes/23/assets/vid/a2.mp4

144.217.67.42

206 Partial Content

0 B

URL HTTP/1.1
mediasama.com/hentaiheroes/23/assets/vid/a2.mp4
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /hentaiheroes/23/assets/vid/a2.mp4 HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/23/n/?cep=F7J2tgjnKRk14ZqokNlK9Wvj8nCotzHHSy8b1JPyR0GkUVJVoWyiaLvhcokP0VBnuFzalQypvimmEpmWBdzKGhfn58ptchosJjaSC42rIuHb-DrgMkQoV4HwzjbqgVnQrCfiWN8z4eJIBf78eTGNrO3GlnAT3IPiIg7Pzz_2emnBlDTQShZxSMx0W_Hbss6bEcbCfcfSqNaWaRJ64-i1SyY2_iphJR03eeVC5SfUTkkTu8sbP3EVaPDsz-IOY6dzbox2RFO-pZCrrpUypUpw4WeDtn_mY4LXQDyDt8D7mYdAt2oulzpqzsq77GLkk9NaqxruPOZqUACpn70p1wz3xSShxYV1SY-to9Sj4bst3W_B_7OPvROBS64FXa9PfoA-fDmul5nXtr80SfjLq5QnR_mU-gS4csEobWQUEVeSKI4N7fmyM8Sn_KXQKxsv7V3hGyPQtjzySILwiJh2uMEvO-37tihCOFZocfR5YBU3zLhfYovQs425ocSs-JcQCcXBoI0MTkIZmHL5RIxqWS3GLg&lptoken=165a70a416e8577e55bc&campaign_ID=693838&placement_id=17928087&country_code=NO&cost_cpa=6.000000&externalid=19430ddd74f4cefc838f1baa8fdc226c
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Date: Sun, 04 Dec 2022 14:25:56 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 00:43:39 GMT
ETag: "945aa-5ccef63575c6c"
Accept-Ranges: bytes
Content-Length: 607658
Content-Range: bytes 0-607657/607658
Content-Type: video/mp4

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (41)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size