Report - www3.hentaila.com/miweb

Report Overview

Submitted URL
www3.hentaila.com/miweb
IP
104.21.234.166
ASN
#13335 CLOUDFLARENET
Submitted
2023-03-27 22:58:47
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
go.xlivrdr.com	unknown	2021-07-02T12:51:24Z	2023-03-29T05:50:08Z	1.7 kB	1.7 kB	104.18.59.150
cdn.stripcash.com	unknown	2020-02-14T14:28:14Z	2023-03-29T12:47:11Z	906 B	61 kB	8.248.224.22
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	56 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.33.119.27
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-29T06:27:16Z	405 B	12 kB	151.101.1.229
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-29T06:01:47Z	374 B	21 kB	216.58.207.206
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	416 B	630 B	172.217.21.170
a.realsrv.com	10080	2019-07-03T18:12:14Z	2023-03-29T16:41:22Z	746 B	1.0 kB	185.76.9.17
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	1.6 kB	93 kB	216.58.207.227
syndication.realsrv.com	9112	2019-07-03T23:39:52Z	2023-03-29T12:37:38Z	436 B	3.6 kB	95.211.229.245
www3.hentaila.com	unknown	2022-07-05T04:48:50Z	2023-03-29T19:28:56Z	806 B	1.5 kB	104.21.234.167
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-29T05:16:53Z	402 B	29 kB	104.17.24.14
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-29T05:44:04Z	387 B	46 kB	142.250.74.40
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	35.164.181.193
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-29T08:59:28Z	340 B	963 B	172.64.155.188
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	2.7 kB	5.6 kB	142.250.74.131
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-29T05:11:35Z	368 B	1.9 kB	104.18.21.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-27 22:58:55	low	Client IP	Internal IP	ET INFO DNS Query for Suspicious .ml Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=UA-155097471-1	115 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtag/js?id=UA-155097471-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:26:58 Last Seen2023-03-29 23:26:58 Times Seen1 Hash e8c333175dab9eea660c71671bdc4dc4 55546ae43c76d4835ad84955e3434e10d78b6de8 303694ae4b854c0144fdcfbcff242ffcf97a435c97b5bad99dfc83966958e35e Loading...

	www3.hentaila.com/miweb	208 B	2023-03-07	2023-04-01
Pretty URL www3.hentaila.com/miweb IP 104.21.234.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:03 Last Seen2023-04-01 10:24:35 Times Seen5 Hash 61bedd063cdc8fbab48e7a8e92c13cba 425f247b194ae27c5817f9e6623b403b4a18aca1 02bec437bddaeabe763b851c81149749294b22e9a6aa60c782725f19de92e417 Loading...

	cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js?v=1.2.4	43 kB	2023-03-07	2024-04-26
Pretty URL cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js?v=1.2.4 IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:34 Last Seen2024-04-26 12:16:39 Times Seen34453 Hash d5a61c749e44e47159af8a6579dda121 3b41b3bc956685015a347a2238e71db29dfa0dbb 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Loading...

	a.realsrv.com/video-slider.js	51 kB	2023-03-13	2023-04-11
Pretty URL a.realsrv.com/video-slider.js IP 185.76.9.17 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:03:35 Last Seen2023-04-11 12:54:12 Times Seen118 Hash 42953584d1762d18662b750b99ad03fc d47440cec8a01b26fa25d1d4c5149338be365dac 7bb0f587f7e6d665843e7174fb241141052c9dcc66b7d6d7c8ada0de2e733839 Loading...

	www3.hentaila.com/miweb	10 kB	2023-03-09	2023-04-01
Pretty URL www3.hentaila.com/miweb IP 104.21.234.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:46:49 Last Seen2023-04-01 10:24:35 Times Seen3 Hash c0147ea1fde20e354101f9918c5a317f 9821f7dbdc8f98be2e35d2baead8f2f1b990e72a 14658cfcf912b8abe89863014923714a5e1a3ca1eea2e68fdd48d4d4605c8670 Loading...

	www3.hentaila.com/miweb	235 B	2023-03-07	2024-01-24
Pretty URL www3.hentaila.com/miweb IP 104.21.234.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:03 Last Seen2024-01-24 05:24:23 Times Seen48 Hash ff043a74763c963de7ce0b49125f625d 31dc4e0f667afe2b3d13c65ee475c81c8a911743 607e3af74c996f6d4927c7805d4d80fbe5d1a3e9f3f91d48b6df3ef9cb8148d5 Loading...

	a.realsrv.com/popunder1000.js	97 kB	2023-03-08	2023-04-20
Pretty URL a.realsrv.com/popunder1000.js IP 185.76.9.17 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:38:24 Last Seen2023-04-20 16:39:47 Times Seen86 Hash 3fdd00be0348aa4e66c74a5359320f0f d866557387aa14b697929065b923c8279e1881a2 a89c589912ab09301e019837a2b8124f849f9be3f6cb781f2c51558935c56cec Loading...

	www3.hentaila.com/assets/js/typewatch.js?v=1.2.4	1.2 kB	2023-03-07	2024-04-24
Pretty URL www3.hentaila.com/assets/js/typewatch.js?v=1.2.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:02 Last Seen2024-04-24 05:51:53 Times Seen124 Hash 7f1ab411fb6fd9bd856c21667fc052c9 248cf48a492cae3fcc78ab116eb99f6c3611369c 8d34d0b4ae52499fee382f4a1e1e1c91c4475db83642552d5fe3568fa5b36c16 Loading...

	www3.hentaila.com/assets/hentaila/js/functions.js?v=7.9.60	7.2 kB	2023-03-07	2023-03-29
Pretty URL www3.hentaila.com/assets/hentaila/js/functions.js?v=7.9.60 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:02 Last Seen2023-03-29 23:26:58 Times Seen3 Hash 2eee8cba9547fa98604da850d73c04d7 0c126d25ac13717f028d0d473378ef59d233fb71 2a83996b055252e9d704dbb9af7ada4a8f5d95db6e0cf7497cb29641d791cd8a Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www3.hentaila.com/files/funciones01.js	16 kB	2023-03-07	2024-02-22
Pretty URL www3.hentaila.com/files/funciones01.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:03 Last Seen2024-02-22 17:33:48 Times Seen116 Hash 878f248a3fa575cae01947935f15637a 58381cf16850d16d23a9d8adc2b028f5ccb2afad 5ca4816efdddeae63da62249150b30aebee01581f7d7cb35c343731d1b4034e2 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js?v=1.2.4	88 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js?v=1.2.4 IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-26 10:59:49 Times Seen95587 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

HTTP Transactions (46)

	URL	IP	Response	Size
	www3.hentaila.com/miweb	104.21.234.167	301 Moved Permanently	0 B
URL HTTP/1.1 www3.hentaila.com/miweb IP 104.21.234.167:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /miweb HTTP/1.1 Host: www3.hentaila.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 301 Moved Permanently Date: Mon, 27 Mar 2023 22:58:35 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Mon, 27 Mar 2023 23:58:35 GMT Location: https://www3.hentaila.com/miweb Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12e0jeGMJJp%2Bre2fMpmpJ4pIU0w6879pol5IzK6qJiDAgGq9Yn9471oSh%2BEc1yO9JxHJNzO%2FZ6Z4xRanacjRgatMQi6Fvrtg85GQtC%2F5sR24fYwrbERKPLsMoADCWi1rS%2BaQDQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7aeb3d2ebe9f7539-LHR alt-svc: h2=":443"; ma=60

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c83d39f350161ed2f5d20dcd68e47c92 2695a888e652cb314f8094cc6073c3364336d272 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC" Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10723 Expires: Tue, 28 Mar 2023 01:57:19 GMT Date: Mon, 27 Mar 2023 22:58:36 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 93f633ce30c038eb581544323c5a971e 2f60526cb750c6babccc207f75fb5a8ae6f7598b 0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8" Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7846 Expires: Tue, 28 Mar 2023 01:09:22 GMT Date: Mon, 27 Mar 2023 22:58:36 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 27 Mar 2023 22:15:46 GMT content-type: application/json age: 2570 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5ad3eec59bebbf969f175627757507c1 b176af3a70db378c9e1f219bab24d9d446070d6f 704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9919 Expires: Tue, 28 Mar 2023 01:43:55 GMT Date: Mon, 27 Mar 2023 22:58:36 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: QlArr5PUhzxmDpt9T0rWRNPZNAQvLn/IMByT8CK/9hqs/ysJo8SUbVNeeJT6uQid6KJcy6KmCl4= x-amz-request-id: 97AFGQH6962GH04S x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 27 Mar 2023 22:01:48 GMT age: 3408 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 22:58:36 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js?v=1.2.4	104.17.24.14	200 OK	28 kB
URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js?v=1.2.4 IP 104.17.24.14:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65451) Size 28 kB (27748 bytes) Hash 638a4990025383a0f83ebf29bdb84a68 153e8818dc42f598e47fde8cf398f1447649a4d0 878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6 HTTP Headers `GET /ajax/libs/jquery/3.4.1/jquery.min.js?v=1.2.4 HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www3.hentaila.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 27 Mar 2023 22:58:36 GMT content-type: application/javascript; charset=utf-8 content-length: 27748 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03ec4-15851" last-modified: Mon, 04 May 2020 16:11:48 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 434253 expires: Sat, 16 Mar 2024 22:58:36 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4P%2FYIx6qEhae3Vs7YWFMNlanSgosfHj9eDpq5Aq7FF936A07s%2FbKBnrJTMXCPtV9sGSQa9rdjVUXedNAfYz4uG%2FLcDPRItwQ6uaX%2FrlSbjcRd7ePHydYi03Oqbh5TP%2BHGtlVgEp"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 7aeb3d330856b52d-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d2d4415f4eeb34e663d209eeddd8d25d 5d239718d7235d1f62e10d7d381c5a063e94c73a cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 22:58:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js?v=1.2.4	151.101.1.229	200 OK	11 kB
URL HTTP/2 cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js?v=1.2.4 IP 151.101.1.229:0 ASN #54113 FASTLY File type ASCII text, with very long lines (42862) Size 11 kB (11325 bytes) Hash 59236621783c1ee43985d8708c457f6a 20baa4134945bbb8f664bd701a5ac43d592ecfa7 7e4d205745a32d965bafa6a0654a60d15510ebe89ea8c1ca4345391ac1bd01bc HTTP Headers `GET /npm/slick-carousel@1.8.1/slick/slick.min.js?v=1.2.4 HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www3.hentaila.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=31536000, s-maxage=31536000, immutable cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload content-type: application/javascript; charset=utf-8 x-jsd-version: 1.8.1 x-jsd-version-type: version etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs" content-encoding: br accept-ranges: bytes date: Mon, 27 Mar 2023 22:58:36 GMT age: 445451 x-served-by: cache-fra-eddf8230096-FRA, cache-bma1674-BMA x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 11325 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 7e2d8156baac12231cc9cbfdefedacf1 62384d8842fb5b560ac39636bb519953e22dc664 ee4dbd79fc1569ab6ae0ea7b90b4b7d8dbb846296cf7fc68b24be78b7b95993b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 22:58:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4	104.18.21.226	200 OK	1.5 kB
URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1462 bytes) Hash 7da201b81e99ad4a5021a84229a8c9ce 8d40f3630bd73c8bb7027a9ac850b69bcd628a41 8caa3df1ab1cba52920575f4537e780eacf9e6cef8c4bc82e71a5e77acd7cbb6 HTTP Headers `POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 22:58:36 GMT Content-Type: application/ocsp-response Transfer-Encoding: chunked Connection: keep-alive Etag: "34C77A1C0F16660BDA4680C1C66A5C7F2378B1D9" Expires: Tue, 28 Mar 2023 10:00:00 GMT Last-Modified: Mon, 27 Mar 2023 22:00:00 UTC Cache-Control: s-maxage=3600, public, no-transform, must-revalidate CF-Cache-Status: HIT Age: 1665 Vary: Accept-Encoding Server: cloudflare CF-RAY: 7aeb3d338df7b50f-OSL`

	www.googletagmanager.com/gtag/js?id=UA-155097471-1	142.250.74.40	200 OK	45 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-155097471-1 IP 142.250.74.40:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2206) Size 45 kB (44823 bytes) Hash 12d896378613f88d4a470409447fe7c1 70a3f2b963d474223cbc77a5280f73ace5524b45 a319479d3e6816706452049638acc8f069fad2cad608149d08648cedd121a2d1 HTTP Headers `GET /gtag/js?id=UA-155097471-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www3.hentaila.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 27 Mar 2023 22:58:36 GMT expires: Mon, 27 Mar 2023 22:58:36 GMT cache-control: private, max-age=900 last-modified: Mon, 27 Mar 2023 22:21:42 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 44823 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 7e2d8156baac12231cc9cbfdefedacf1 62384d8842fb5b560ac39636bb519953e22dc664 ee4dbd79fc1569ab6ae0ea7b90b4b7d8dbb846296cf7fc68b24be78b7b95993b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 22:58:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d2d4415f4eeb34e663d209eeddd8d25d 5d239718d7235d1f62e10d7d381c5a063e94c73a cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 22:58:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 27 Mar 2023 22:14:35 GMT age: 2642 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash da5340ee69a1000f751686df9e716663 a5da880a61ed119790a7990bbdcc0c97eecf04f2 d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15518 Expires: Tue, 28 Mar 2023 03:17:15 GMT Date: Mon, 27 Mar 2023 22:58:37 GMT Connection: keep-alive`

	push.services.mozilla.com/	35.164.181.193	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.164.181.193:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: bn4urBwHFOIu9UoY4230Mw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: rgAYFB4MaA/4hGz1LWsLdOhgns8=`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7927fa1bac0e5bcc27ed32b6b5107bd3 68da43f59df9c524940efc35f40e3599b9a1995b f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 22:58:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7927fa1bac0e5bcc27ed32b6b5107bd3 68da43f59df9c524940efc35f40e3599b9a1995b f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 22:58:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/notosanshk/v21/nKKQ-GM_FYFRJvXzVXaAPe9hMRhvEPeWV8Ydw9dTvaja5emiwCL1Dv89rTx5gtGuOA.119.woff2	216.58.207.227	200 OK	24 kB
URL HTTP/2 fonts.gstatic.com/s/notosanshk/v21/nKKQ-GM_FYFRJvXzVXaAPe9hMRhvEPeWV8Ydw9dTvaja5emiwCL1Dv89rTx5gtGuOA.119.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), CFF, length 23644, version 1.0\012- data Size 24 kB (23644 bytes) Hash c67a8905f40eaff94efe4d7fa60a685d 6361db66ba0e954738e51c82936241509e0170bb cdd0ac6e717da35ba439a8410bb8c356fc57b332acb78033817436c790d88b90 HTTP Headers GET /s/notosanshk/v21/nKKQ-GM_FYFRJvXzVXaAPe9hMRhvEPeWV8Ydw9dTvaja5emiwCL1Dv89rTx5gtGuOA.119.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www3.hentaila.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23644 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:36:08 GMT expires: Sat, 23 Mar 2024 10:36:08 GMT cache-control: public, max-age=31536000 last-modified: Mon, 09 May 2022 19:50:40 GMT content-type: font/woff2 age: 303749 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/notosanshk/v21/nKKP-GM_FYFRJvXzVXaAPe9ZiF9TH63iMrASx9ZaserX6q2vzTj-NOg9lDlpiMTLVMI0Og.119.woff2	216.58.207.227	200 OK	24 kB
URL HTTP/2 fonts.gstatic.com/s/notosanshk/v21/nKKP-GM_FYFRJvXzVXaAPe9ZiF9TH63iMrASx9ZaserX6q2vzTj-NOg9lDlpiMTLVMI0Og.119.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), CFF, length 23932, version 1.0\012- data Size 24 kB (23932 bytes) Hash 07c4a47b4f98f68ed559116b2eb1629f 0e41f59ca181d1c3b223e37593bb1b9a5fc51172 21caac6a07fadc30574ae152c090f477b74ce7a7e43721036a61675053eb02eb HTTP Headers GET /s/notosanshk/v21/nKKP-GM_FYFRJvXzVXaAPe9ZiF9TH63iMrASx9ZaserX6q2vzTj-NOg9lDlpiMTLVMI0Og.119.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www3.hentaila.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23932 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:45:31 GMT expires: Sat, 23 Mar 2024 10:45:31 GMT cache-control: public, max-age=31536000 last-modified: Mon, 09 May 2022 19:37:44 GMT content-type: font/woff2 age: 303186 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7927fa1bac0e5bcc27ed32b6b5107bd3 68da43f59df9c524940efc35f40e3599b9a1995b f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 22:58:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/notosanshk/v21/nKKQ-GM_FYFRJvXzVXaAPe9hMRhvEPeWV8Ydw9dTvaja5emiwCL1Dv89rTx5gtGuOA.118.woff2	216.58.207.227	200 OK	43 kB
URL HTTP/2 fonts.gstatic.com/s/notosanshk/v21/nKKQ-GM_FYFRJvXzVXaAPe9hMRhvEPeWV8Ydw9dTvaja5emiwCL1Dv89rTx5gtGuOA.118.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), CFF, length 42700, version 1.0\012- data Size 43 kB (42700 bytes) Hash e6c86ca948ecf611c6de16b7d9514c34 9085aba114cd78fe199840bf0f8870e7c272dc49 d8db970657f09630f3b8b9d68abbfeb040198b72721449e51e0afb6a36a568d5 HTTP Headers GET /s/notosanshk/v21/nKKQ-GM_FYFRJvXzVXaAPe9hMRhvEPeWV8Ydw9dTvaja5emiwCL1Dv89rTx5gtGuOA.118.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www3.hentaila.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 42700 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 11:10:39 GMT expires: Sat, 23 Mar 2024 11:10:39 GMT cache-control: public, max-age=31536000 last-modified: Mon, 09 May 2022 19:44:57 GMT content-type: font/woff2 age: 301678 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7927fa1bac0e5bcc27ed32b6b5107bd3 68da43f59df9c524940efc35f40e3599b9a1995b f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 22:58:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	syndication.realsrv.com/splash.php?idzone=3683343&cookieconsent=true	95.211.229.245	200 OK	2.7 kB
URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=3683343&cookieconsent=true IP 95.211.229.245:0 ASN #60781 LeaseWeb Netherlands B.V. File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1538) Size 2.7 kB (2663 bytes) Hash f6faac377dc7ec6442937f7c005af20e a46de5b973b5268a56503b873951e3d55a842931 e180082a7bea78e4ef694cce65fc68d35e15e1e3031038b7827043f1f5c7c3a6 HTTP Headers `GET /splash.php?idzone=3683343&cookieconsent=true HTTP/1.1 Host: syndication.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www3.hentaila.com Connection: keep-alive Referer: https://www3.hentaila.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Server: nginx Date: Mon, 27 Mar 2023 22:58:37 GMT Content-Type: text/xml;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2264221f9dcc3b43.144385152109743211%22%3B%7D; expires=Wed, 26 Mar 2025 22:58:37 GMT; path=; domain=.realsrv.com; Secure; SameSite=none c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C3683343%7C59493762%7C0%7C%7C110%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cwww3.hentaila.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 28 Mar 2023 22:58:37 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none Cache-Control: no-store P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: https://www3.hentaila.com Access-Control-Allow-Credentials: true X-Robots-Tag: noindex, follow Content-Encoding: gzip

	www.google-analytics.com/analytics.js	216.58.207.206	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 216.58.207.206:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1490) Size 20 kB (20085 bytes) Hash ca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www3.hentaila.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Mon, 27 Mar 2023 22:05:11 GMT expires: Tue, 28 Mar 2023 00:05:11 GMT cache-control: public, max-age=7200 age: 3206 last-modified: Tue, 10 Jan 2023 21:29:14 GMT content-type: text/javascript vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	go.xlivrdr.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOortoopodVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOc6VyUpoj63AbPv7OPUP7nOldK6V0rpXSuldK6VwfY&sourceId=3683343&p1=4581534&ax=0&skipOffset=00:00:05	104.18.59.150	302 Found	0 B
URL HTTP/2 go.xlivrdr.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOortoopodVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOc6VyUpoj63AbPv7OPUP7nOldK6V0rpXSuldK6VwfY&sourceId=3683343&p1=4581534&ax=0&skipOffset=00:00:05 IP 104.18.59.150:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOortoopodVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOc6VyUpoj63AbPv7OPUP7nOldK6V0rpXSuldK6VwfY&sourceId=3683343&p1=4581534&ax=0&skipOffset=00:00:05 HTTP/1.1 Host: go.xlivrdr.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www3.hentaila.com Connection: keep-alive Referer: https://www3.hentaila.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 302 Found date: Mon, 27 Mar 2023 22:58:38 GMT content-length: 0 location: https://go.xlivrdr.com/api/models/vast?ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=4ecbf483db62b985de7f6ba77c0c167dcdbbd27e797a4c82eb223a1393acd989&iterationId=414796&masterSmartpopId=2683&memberId=ooc4ASOortoopodVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOc6VyUpoj63AbPv7OPUP7nOldK6V0rpXSuldK6VwfY&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=3683343&tag=girls&usePreroll=true&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30386 access-control-allow-origin: https://www3.hentaila.com access-control-allow-credentials: true access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with cf-cache-status: DYNAMIC set-cookie: _var=7868025.30386; Path=/; HttpOnly; SameSite=Strict __cflb=02DiuDfsBaY2bRYJiCfFHYpfgnRfzoh6KMHTfB5GbFX5v; SameSite=None; Secure; path=/; expires=Tue, 28-Mar-23 21:58:38 GMT; HttpOnly server: cloudflare cf-ray: 7aeb3d3b7dc2b500-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.sectigo.com/	172.64.155.188	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash a27b9e830e67c4f3114c4dfc56f36d28 4d190139abad723d31dc179839da0ba54fcc25a9 f2b4ae7634a05e1a52dc5a1417929f91a52fdb8d9983f9e4534a4e6e12108a7a HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 22:58:38 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Mon, 27 Mar 2023 09:49:13 GMT Expires: Mon, 03 Apr 2023 09:49:12 GMT Etag: "4d190139abad723d31dc179839da0ba54fcc25a9" Cache-Control: max-age=556833,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7aeb3d3dcfa3b4f9-OSL`

	cdn.stripcash.com/video/2935682.mp4?cb=1679957881	8.248.224.22	206 Partial Content	59 kB
URL HTTP/2 cdn.stripcash.com/video/2935682.mp4?cb=1679957881 IP 8.248.224.22:0 ASN #3356 LEVEL3 File type OpenPGP Public Key\012- data Size 59 kB (58868 bytes) Hash 552f6646b734d40b9a156e4582bd9851 24f0e2dc310bcc54af2acb3d4566940865279294 1e3b00d2aeb41aa9d83962cc6cdcea1fd9edfd11755b99524742b68b77ccb716 HTTP Headers `GET /video/2935682.mp4?cb=1679957881 HTTP/1.1 Host: cdn.stripcash.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=4292608- Connection: keep-alive Referer: https://www3.hentaila.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 206 Partial Content date: Mon, 27 Mar 2023 22:58:38 GMT content-type: binary/octet-stream content-length: 58868 content-security-policy: block-all-mixed-content etag: "2600ad981eb7a17bd8e69bcc6e5c4ec4" last-modified: Mon, 27 Mar 2023 22:58:01 GMT strict-transport-security: max-age=31536000; includeSubDomains vary: Origin, Accept-Encoding x-amz-request-id: 175068CAFBDB481D x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: max-age=28800 cf-cache-status: HIT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSb7yzU48qqtymI6h0hyRpphHFOym9ufO8%2B6anUR7y0IJvAkhlm9LBYiba8rqVETpkTOppgEo19J7BbHKxoBaho3ptrn9SwnIzIy11afai9t%2BVCqsi0mXlKoKj5y1T8ouAjUgBnv"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7aeb3c89ab660bd1-AMS alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 age: 36 content-range: bytes 4292608-4351475/4351476 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16693 Expires: Tue, 28 Mar 2023 03:36:51 GMT Date: Mon, 27 Mar 2023 22:58:38 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16693 Expires: Tue, 28 Mar 2023 03:36:51 GMT Date: Mon, 27 Mar 2023 22:58:38 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16693 Expires: Tue, 28 Mar 2023 03:36:51 GMT Date: Mon, 27 Mar 2023 22:58:38 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16693 Expires: Tue, 28 Mar 2023 03:36:51 GMT Date: Mon, 27 Mar 2023 22:58:38 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8553 bytes) Hash e828b7227de7aa7a7b7c54c96e0cef9a 9a717142ab25dabf9123485ef51ed586662d2a71 0390f8771432de010cc11e11be2e2dfa7c303664858a5b066e66a628a1f3dd66 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8553 x-amzn-requestid: 05cb5115-a27b-485a-89fd-670bdb5bb06f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbofHHPIAMFkQA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220c9c-774bb5d725336b35088e2527;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: OUJZjN0YFRbVlZWNMbOXCvz9Ttj5bYtGwAOuGXR_T-GtUyWkXQAxhQ== via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 21:53:24 GMT etag: "9a717142ab25dabf9123485ef51ed586662d2a71" content-type: image/jpeg age: 3914 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49097af8-e74d-4670-ac44-90496d512c5f.webp	34.120.237.76	200 OK	9.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49097af8-e74d-4670-ac44-90496d512c5f.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.6 kB (9602 bytes) Hash e0c2feef2fb3d173ebedd7e98d641f2b 7026836a4649636db957f1efbe4a86037e87f495 02a3320fdf25623ae30527abceea87b67f3adc806f944e6e3bed8c9a550ca579 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49097af8-e74d-4670-ac44-90496d512c5f.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9602 x-amzn-requestid: e9e0a9d7-db69-4d20-98bf-89e13a727bb7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbogERYIAMFS9A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220c9c-4978bf5809ecc0ac11b5c891;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: x1DJ-BPhf6xHvu4OgwUIcgQy10MK3nHbLXA4bp93vJd8VPgnm2rP6Q== via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 21:53:24 GMT etag: "7026836a4649636db957f1efbe4a86037e87f495" content-type: image/jpeg age: 3914 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg	34.120.237.76	200 OK	9.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.0 kB (8961 bytes) Hash 789f11978a1149984408fbbb9a2b3f81 078bd523107096bab5e26d42b18e316c253f1ca7 7974980290443b64126f512686261150cd27331cb7b32a96d1167a97d046e8a3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8961 x-amzn-requestid: 9277e35d-8fe8-482e-b65c-b132dfcbd87e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbqBGl0IAMFy4w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220ca6-7869936b33cbf3633c68e7ac;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:42 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Xz5zjv-po5mgSFz_kkZZ5Hvw9SxY-3d-J2DpvFWxM-iI4jXTsUbiyg== via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 22:20:32 GMT age: 2286 etag: "078bd523107096bab5e26d42b18e316c253f1ca7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5578 bytes) Hash e7f11a7b2bcf82694495805df139feed 45e59e98fb4aeb3ca44c15e3e3bb77466cffe5e6 96ba810197f578fb975bd853acbe948c8e984a7b94d172305d411d4381cf80ea HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5578 x-amzn-requestid: 7e76212a-4621-45ca-9212-da6957f4861f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Cdb5bGSiIAMFtoA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220d08-507bf48c3eeba38b719de318;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:39:20 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: Zy7ItZQS-88zGHgnpCOzsRh6BL36AzV2MM-zUB5nCcLnaqgbJh8NxA== via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 22:25:54 GMT age: 1964 etag: "45e59e98fb4aeb3ca44c15e3e3bb77466cffe5e6" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg	34.120.237.76	200 OK	9.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.9 kB (9859 bytes) Hash da174e6ccc9451c5071ba10eeb97f6f6 c38827a9ac1218768839877263e1f2984fbdc454 76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9859 x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: COQPtHizoAMF7-Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0 x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: wlc65ytdELa_faMSddEDHZNsbtF1_CgMOho3W3BvkaOSrFyAkKUagg== via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 21:43:57 GMT age: 4481 etag: "c38827a9ac1218768839877263e1f2984fbdc454" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg	34.120.237.76	200 OK	7.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.4 kB (7426 bytes) Hash 1da68df9d96e2758e37b9f15daab027b 5ff19ed6dc5752aa4b15fb88da972b736fd55783 ad924425946dbdf309c764e7097e676185516301feb7722b30d95ffd50b4353f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7426 x-amzn-requestid: 85a30298-4613-4a96-bdba-0899fe9f9475 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdcsgGZsoAMFQkw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220e4f-10db431e7632048d7b15e0ec;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:44:47 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: JDa9YUJ9xo5mo8tb7poZC8XJDp6USTidZjWEwTZCrioJxR7vur6uJw== via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 22:00:12 GMT age: 3506 etag: "5ff19ed6dc5752aa4b15fb88da972b736fd55783" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Noto+Sans+HK:400,700&display=swap	172.217.21.170	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans+HK:400,700&display=swap IP 172.217.21.170:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Noto+Sans+HK:400,700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www3.hentaila.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 27 Mar 2023 22:58:36 GMT date: Mon, 27 Mar 2023 22:58:36 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	a.realsrv.com/video-slider.js	185.76.9.17	200 OK	0 B
URL HTTP/2 a.realsrv.com/video-slider.js IP 185.76.9.17:0 ASN #60068 Datacamp Limited File type Size 0 B (0 bytes) Hash HTTP Headers `GET /video-slider.js HTTP/1.1 Host: a.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www3.hentaila.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 27 Mar 2023 22:58:36 GMT content-type: application/javascript vary: Accept-Encoding etag: W/"d47440cec8a01b26fa25d1d4c51" expires: Mon, 27 Mar 2023 18:30:49 GMT cache-control: max-age=10800 access-control-allow-origin: * x-cache-op: HIT server: CDN77-Turbo x-77-nzt: AblMCQ3/pN//ExQAAA x-77-nzt-ray: c0a4cc287a1232ab9c1f226413206f31 x-accel-expires: @1679963577 x-cache: HIT x-age: 5139 x-77-pop: stockholmSE x-77-cache: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	a.realsrv.com/popunder1000.js	185.76.9.17	200 OK	0 B
URL HTTP/2 a.realsrv.com/popunder1000.js IP 185.76.9.17:0 ASN #60068 Datacamp Limited File type Size 0 B (0 bytes) Hash HTTP Headers `GET /popunder1000.js HTTP/1.1 Host: a.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www3.hentaila.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Mon, 27 Mar 2023 22:58:37 GMT content-type: application/javascript vary: Accept-Encoding etag: W/"d866557387aa14b697929065b92" expires: Mon, 27 Mar 2023 18:30:49 GMT cache-control: max-age=10800 access-control-allow-origin: * x-cache-op: HIT server: CDN77-Turbo x-77-nzt: AblMCQ0yJ2j/FBQAAA x-77-nzt-ray: c0a4cc287a1232ab9d1f22646b890924 x-accel-expires: @1679963577 x-cache: HIT x-age: 5140 x-77-pop: stockholmSE x-77-cache: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	go.xlivrdr.com/api/models/vast?ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=4ecbf483db62b985de7f6ba77c0c167dcdbbd27e797a4c82eb223a1393acd989&iterationId=414796&masterSmartpopId=2683&memberId=ooc4ASOortoopodVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOc6VyUpoj63AbPv7OPUP7nOldK6V0rpXSuldK6VwfY&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=3683343&tag=girls&usePreroll=true&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30386	104.18.59.150	200 OK	0 B
URL HTTP/2 go.xlivrdr.com/api/models/vast?ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=4ecbf483db62b985de7f6ba77c0c167dcdbbd27e797a4c82eb223a1393acd989&iterationId=414796&masterSmartpopId=2683&memberId=ooc4ASOortoopodVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOc6VyUpoj63AbPv7OPUP7nOldK6V0rpXSuldK6VwfY&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=3683343&tag=girls&usePreroll=true&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30386 IP 104.18.59.150:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /api/models/vast?ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=4ecbf483db62b985de7f6ba77c0c167dcdbbd27e797a4c82eb223a1393acd989&iterationId=414796&masterSmartpopId=2683&memberId=ooc4ASOortoopodVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOc6VyUpoj63AbPv7OPUP7nOldK6V0rpXSuldK6VwfY&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=3683343&tag=girls&usePreroll=true&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30386 HTTP/1.1 Host: go.xlivrdr.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www3.hentaila.com Referer: https://www3.hentaila.com/ Connection: keep-alive Cookie: __cflb=02DiuDfsBaY2bRYJiCfFHYpfgnRfzoh6KMHTfB5GbFX5v Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK date: Mon, 27 Mar 2023 22:58:38 GMT content-type: text/xml; charset=utf-8 access-control-allow-origin: https://www3.hentaila.com access-control-allow-credentials: true access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7aeb3d3bde22b500-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	cdn.stripcash.com/video/2935682.mp4?cb=1679957881	8.248.224.22	206 Partial Content	0 B
URL HTTP/2 cdn.stripcash.com/video/2935682.mp4?cb=1679957881 IP 8.248.224.22:0 ASN #3356 LEVEL3 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /video/2935682.mp4?cb=1679957881 HTTP/1.1 Host: cdn.stripcash.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://www3.hentaila.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 206 Partial Content date: Mon, 27 Mar 2023 22:58:38 GMT content-type: binary/octet-stream content-length: 4351476 content-security-policy: block-all-mixed-content etag: "2600ad981eb7a17bd8e69bcc6e5c4ec4" last-modified: Mon, 27 Mar 2023 22:58:01 GMT strict-transport-security: max-age=31536000; includeSubDomains vary: Origin, Accept-Encoding x-amz-request-id: 175068CAFBDB481D x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: max-age=28800 cf-cache-status: HIT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSb7yzU48qqtymI6h0hyRpphHFOym9ufO8%2B6anUR7y0IJvAkhlm9LBYiba8rqVETpkTOppgEo19J7BbHKxoBaho3ptrn9SwnIzIy11afai9t%2BVCqsi0mXlKoKj5y1T8ouAjUgBnv"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7aeb3c89ab660bd1-AMS alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-range: bytes 0-4351475/4351476 age: 36 X-Firefox-Spdy: h2

	www3.hentaila.com/miweb	104.21.234.167	200 OK	0 B
URL HTTP/2 www3.hentaila.com/miweb IP 104.21.234.167:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /miweb HTTP/1.1 Host: www3.hentaila.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK date: Mon, 27 Mar 2023 22:58:36 GMT content-type: text/html; charset=UTF-8 x-powered-by: PHP/7.3.33, PleskLin set-cookie: PHPSESSID=asfi71eqadeo1h7fb70drtcnv2; path=/; secure expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-turbo-charged-by: LiteSpeed cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1QWUtc6gwKt2xz0OvOHlRIi7ZWMd0C3AAjmQRkhSJQRNkNpuVbz5NsKfmzl3pBgPayhJQBM3cmNL6e6WWNmOdYPasfJcA8%2FyADJMsxPpeqdLW6JrY%2BuuQdSK8p1uu%2BU9tV76Q%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7aeb3d310d7e770e-LHR content-encoding: br X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML