Report - photo.09p.quest/mp2g6i274

Report Overview

Submitted URL
photo.09p.quest/mp2g6i274
IP
170.10.160.83
ASN
#32748 STEADFAST
Submitted
2022-12-04 22:24:43
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
www.highperformancegate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	3.9 kB	173.233.137.44
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	44 kB	34.120.237.76
images.hh-content.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	3.8 kB	104.152.112.105
use.typekit.net	494	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	1.3 kB	95.101.11.120
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.gaming-adult.com	315167	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	638 B	936 B	18.194.134.212
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	2.1 kB	142.250.74.106
hh2.hh-content.com	490552	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.8 kB	365 kB	104.152.112.105
eggs-content.kinkoid.com	668083	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	1.0 MB	94.75.250.120
photo.09p.quest	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	667 B	1.9 kB	170.10.160.83
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
sanebreq12.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	760 B	156.67.72.48
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.164.186.39
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.131
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	32 kB	142.250.74.74
eggs-ext.kinkoid.com	552669	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	555 B	275 B	94.75.250.120
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	104.18.32.68
www.hentaiheroes.com	373902	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.6 kB	744 kB	94.75.250.120
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	993 B	52 kB	216.58.207.227
p.typekit.net	620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	338 B	95.101.11.112

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	highperformancegate.com	Sinkholed
2022-12-04	medium	highperformancegate.com	Sinkholed

JavaScript (19)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-18 18:50:49 Times Seen259702 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713	372 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen5 Hash 6a064ea2edd05fa1f76073af9c6bb531 a1ed97aa3e5a0eed66917059ef7e7946ab8684e5 fb4c198e5d9f593b38e0355209b01b862147319f2e1c2d9385839005f928d22e Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713	603 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen9 Hash 3557b9760f3d69a5bfadfae6511cc233 8324cc62723d39c36afc3a4fde6186d19cc7a6cb 72fcce08b7302a94277b130b6c0f996e95856edbdbce4471b4b180c995890f46 Loading...

	www.hentaiheroes.com/home.html	635 B	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/home.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:09 Times Seen1 Hash aa17fcec618137be7c38acd1eab3735f 04ce377fcb2bceaba484d9d6d498b5c33382d817 fe0603aa4cda50606aec66e21ef56283cb296ab7bfb7572ac471035418b75345 Loading...

	www.highperformancegate.com/g9cxq0mw?key=03a2b117b8446852a7b3c3715d7b47be	357 B	2023-03-07	2023-03-11
Pretty URL www.highperformancegate.com/g9cxq0mw?key=03a2b117b8446852a7b3c3715d7b47be IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:04:49 Last Seen2023-03-11 14:30:27 Times Seen1 Hash 21fb854ab3b31548ad3d3fa72b667340 773ced9a4b8590f0379c0f33425b924921325207 775128cbd6ec6c2ed8127187eb42ee146d8fed6092cbe46809ce8380cd67fb47 Loading...

	www.highperformancegate.com/g9cxq0mw?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=16694713	2.1 kB	2023-03-07	2023-04-05
Pretty URL www.highperformancegate.com/g9cxq0mw?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=16694713 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	www.hentaiheroes.com/js/screenfull.js?v=66997040	2.9 kB	2023-03-07	2024-02-05
Pretty URL www.hentaiheroes.com/js/screenfull.js?v=66997040 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:20 Last Seen2024-02-05 22:18:33 Times Seen112 Hash 67dbfe9b672c902f618ccb6440d6e8c4 5ee56f41df8abdd06f7fb5a668b95e9cb8076209 6f575774986ea35312c5d750b761fd82298bbfd8664f810d43e499d8c9bdb266 Loading...

	ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js	228 kB	2023-03-07	2024-04-18
Pretty URL ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:06 Last Seen2024-04-18 15:16:50 Times Seen1970 Hash fd255415839568e52a48da5de5af244c abd6f85a04584792d77e4791c441ff49e9e28c0d 9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1 Loading...

	www.hentaiheroes.com/phoenix-tr_labels-en-1412.js	46 kB	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/phoenix-tr_labels-en-1412.js IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:09 Times Seen1 Hash d866bd1c4267da86998ee7ebf2eeff38 c71a8832bcc44534f10cf69d48589874352eb168 b67094600c0a827b4e4d00471d95536d444b1827e40120bc0417e544be1bbfa7 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 20:46:07 Times Seen36946872 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sanebreq12.com/?api=1&lan=vy7sQWrIg0OJCIgYF8OaOksSytL&ht=1	100 B	2023-03-08	2023-03-11
Pretty URL sanebreq12.com/?api=1&lan=vy7sQWrIg0OJCIgYF8OaOksSytL&ht=1 IP 156.67.72.48 ASN #47583 Hostinger International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-03-11 14:30:27 Times Seen1 Hash 17c0ead191ec5f0d5d1c82e1d47ccb73 6f950ba702c85256d951f8fc17432a8bdfd0ff0c b2fd4f379d06cc3c6dcfb7795661da5679806179d79697a91da446c9f1a64d13 Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713	282 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen9 Hash eb8aff3709acb0f74ca084fc25705401 76b21aecb131f668c31b0b85c77573df22564daa db55d66890b6ffa5a5985df1397837bca74f22660470407b15ea5ef5b7db4219 Loading...

	www.hentaiheroes.com/js/chat.js?v=66997040	417 kB	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/js/chat.js?v=66997040 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:08 Times Seen1 Hash 8f73aff380e06800a6b1bfb18fd0ff79 89cb07ebbad970ae373187074a7f99fd10de26fe fa8159f6b107cec1ec5764868efcc2d0472b34e87ff5c6b6cb7f0e5fdbe515fa Loading...

	www.hentaiheroes.com/js/quest.js?v=66997040	31 kB	2023-03-08	2024-02-07
Pretty URL www.hentaiheroes.com/js/quest.js?v=66997040 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:26 Last Seen2024-02-07 05:38:08 Times Seen1 Hash 60a4e1bb597fd34403f3a295d4f0bcc8 3410f3fbb1618ab8424ce7287f6504bb12b9e437 4607f345ef63d7ac755f7644c837c93892f660be6b567cdda477c6f2c31553d1 Loading...

	www.hentaiheroes.com/home.html	4.5 kB	2023-03-08	2023-03-08
Pretty URL www.hentaiheroes.com/home.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:19:30 Last Seen2023-03-08 16:19:30 Times Seen1 Hash 4b76705c4aa3cb6cb9b1d83c72a78ad4 a2e63df8e5a61df6a42b520d813b28443dee25ed 65cb39e5656ffa1545220139a8f58337b715a5d8215b5630c4192392633ad085 Loading...

	eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate	14 kB	2023-03-08	2024-02-07
Pretty URL eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2024-02-07 05:38:08 Times Seen1 Hash 0e2ee7dcd3c08aadd1997cf6b73177e0 7162c2103f222b3973fe4e5b096f30cb5263a340 d8ca24273ef503416d51bedb22f7c6e3171912e082bb079f395fede04d41b337 Loading...

	www.hentaiheroes.com/home.html	191 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/home.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen9 Hash 40815edb83a0c9f9b97bcbe37cd10f34 851a1de353b1fa51ea13362a06efd0fd2bab9674 492149eb4a544a13a0616d36a6a6d5b479407ce6d66649dba5d3e9c79e848963 Loading...

	www.hentaiheroes.com/js/guest.js?v=66997039	1.4 kB	2023-03-07	2023-07-04
Pretty URL www.hentaiheroes.com/js/guest.js?v=66997039 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:20 Last Seen2023-07-04 17:49:38 Times Seen61 Hash e0b082b77c7be4355a7049a6a7c5f353 d915737134d98b3a965cd5fa5cdaca6f65b5057c 9e09472f0d52ddb3a3d195366f5595855fd08ece7a60d3dfb5b38ea02363bfef Loading...

		Size	First Seen	Last Seen
	#1 Write - 120e61e6b4c2f5e8544b8c78d722a904	621 B	2023-03-07	2024-02-05
Pretty Observations First Seen2023-03-07 14:38:20 Last Seen2024-02-05 22:18:33 Times Seen59 Hash 120e61e6b4c2f5e8544b8c78d722a904 574db9117bb739ac8dfe7218b4b0d4aac79d2f16 af36037d076d94f2c9f53b219d848056bcef43f86667ae5e550f57c75bf61caa Loading...

HTTP Transactions (70)

URL IP Response Size

photo.09p.quest/mp2g6i274

170.10.160.83

200 OK

139 B

URL HTTP/1.1
photo.09p.quest/mp2g6i274
IP
170.10.160.83:0
ASN
#32748 STEADFAST

File type
HTML document, ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
dbd8a7e53e5e4ff76666ade80ba8197c
16ba953f6c9af694a22d078dab1a877172f96697
4cc16bf8af1fb3fe50bb3c687ceef122bfb6da52ac87edcb109fa404ec22ecc8

HTTP Headers

GET /mp2g6i274 HTTP/1.1
Host: photo.09p.quest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 139
content-encoding: gzip
vary: Accept-Encoding
date: Sun, 04 Dec 2022 22:24:31 GMT
server: LiteSpeed

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4713
Expires: Sun, 04 Dec 2022 23:43:05 GMT
Date: Sun, 04 Dec 2022 22:24:32 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1372
Cache-Control: max-age=131377
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:32 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:54:09 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 22:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 368
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5232
Expires: Sun, 04 Dec 2022 23:51:44 GMT
Date: Sun, 04 Dec 2022 22:24:32 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: nDGNjqzSP47A3vsOoa84vD2cBsu+bpzFevxx/VAciBfV8ziJcTDmdvQlbLojY56zn5G6eMC4G9w=
x-amz-request-id: KEV89HDX6VG07XD1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 21:47:43 GMT
age: 2209
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:24:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

photo.09p.quest/favicon.ico

170.10.160.83

404 Not Found

1.2 kB

URL HTTP/1.1
photo.09p.quest/favicon.ico
IP
170.10.160.83:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: photo.09p.quest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://photo.09p.quest/mp2g6i274

HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 04 Dec 2022 22:24:32 GMT
server: LiteSpeed

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 22:11:19 GMT
cache-control: public,max-age=3600
age: 793
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

sanebreq12.com/?api=1&lan=vy7sQWrIg0OJCIgYF8OaOksSytL&ht=1

156.67.72.48

200 OK

104 B

URL HTTP/2
sanebreq12.com/?api=1&lan=vy7sQWrIg0OJCIgYF8OaOksSytL&ht=1
IP
156.67.72.48:0
ASN
#47583 Hostinger International Limited

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
954f124dd5267b21f091900a4b80a0ac
00ab0c8d60ad4bddafdd743cc69320e0f70b6ca2
125f3615ce4cd596c913ba91d379656fa6f959a77ba1d7a729e1c51ab936fba8

HTTP Headers

GET /?api=1&lan=vy7sQWrIg0OJCIgYF8OaOksSytL&ht=1 HTTP/1.1
Host: sanebreq12.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://photo.09p.quest/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-powered-by: PHP/7.4.32
set-cookie: PHPSESSID=228900633bdb1259fd7e1b59aeaad293; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 104
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 22:24:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1360
Cache-Control: max-age=126299
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:32 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:29:31 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.164.186.39

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.186.39:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DKjuxEYekz8G4FZ8FV3tgA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pzMc78qNAxFhtl3g3wWMQ0suRxs=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d68286b345e069a9b18366e3d6f8cf5c
016c42a3b98dc82f82a11fc315bd69e2c8b0fd7b
1fb9d189376a20f18dd86f2e67cf137c8d6c92fd85ed9d97bf2224d218fa1ca6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1FB9D189376A20F18DD86F2E67CF137C8D6C92FD85ED9D97BF2224D218FA1CA6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8878
Expires: Mon, 05 Dec 2022 00:52:31 GMT
Date: Sun, 04 Dec 2022 22:24:33 GMT
Connection: keep-alive

www.highperformancegate.com/g9cxq0mw?key=03a2b117b8446852a7b3c3715d7b47be

173.233.137.44

200 OK

1.3 kB

URL HTTP/1.1
www.highperformancegate.com/g9cxq0mw?key=03a2b117b8446852a7b3c3715d7b47be
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.3 kB (1253 bytes)
Hash
8a39898d15c93ae84bd3d3d3b91a319a
216b34a78ef638d8921381fdea08df93f796fae1
ef2b9e385c9bf8a5ee5f65678f7574c7dc824d992b327b2c71c63befa842e557

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /g9cxq0mw?key=03a2b117b8446852a7b3c3715d7b47be HTTP/1.1
Host: www.highperformancegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://photo.09p.quest/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 22:24:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16694713; expires=Mon, 05 Dec 2022 22:24:33 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY5NDcxMywiayI6IjAzYTJiMTE3Yjg0NDY4NTJhN2IzYzM3MTVkN2I0N2JlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjkxMjM2LCJwaWQiOjM4NDIxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoiZzljeHEwbXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9waG90by4wOXAucXVlc3QvIn19.mxMwrcy9hsDr28LPHoY0fG3jF05ybmRMi1XJ7VD8o9w; expires=Sun, 04 Dec 2022 22:25:33 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c43950ba75ac98554bfff424aadc455
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.highperformancegate.com/g9cxq0mw?shu=c201cc324735edc0ccff1bc4e834ef78876fdfd7e6b22d512c879eb97444bd462bb3cbdac76ab254f8b25ce018cf6968827175009e734c144c5e1264a839328f98c0a3773d31844c72aef154419e81eb95ef86696e683d12923231311f02d6f3f0e5&pst=1670192733&rmtc=t&uuid=&pii=&in=false&key=03a2b117b8446852a7b3c3715d7b47be&refer=http%3A%2F%2Fphoto.09p.quest%2F

173.233.137.44

302 Found

0 B

URL HTTP/1.1
www.highperformancegate.com/g9cxq0mw?shu=c201cc324735edc0ccff1bc4e834ef78876fdfd7e6b22d512c879eb97444bd462bb3cbdac76ab254f8b25ce018cf6968827175009e734c144c5e1264a839328f98c0a3773d31844c72aef154419e81eb95ef86696e683d12923231311f02d6f3f0e5&pst=1670192733&rmtc=t&uuid=&pii=&in=false&key=03a2b117b8446852a7b3c3715d7b47be&refer=http%3A%2F%2Fphoto.09p.quest%2F
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /g9cxq0mw?shu=c201cc324735edc0ccff1bc4e834ef78876fdfd7e6b22d512c879eb97444bd462bb3cbdac76ab254f8b25ce018cf6968827175009e734c144c5e1264a839328f98c0a3773d31844c72aef154419e81eb95ef86696e683d12923231311f02d6f3f0e5&pst=1670192733&rmtc=t&uuid=&pii=&in=false&key=03a2b117b8446852a7b3c3715d7b47be&refer=http%3A%2F%2Fphoto.09p.quest%2F HTTP/1.1
Host: www.highperformancegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.highperformancegate.com/g9cxq0mw?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=16694713
Cookie: u_pl=16694713; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY5NDcxMywiayI6IjAzYTJiMTE3Yjg0NDY4NTJhN2IzYzM3MTVkN2I0N2JlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjkxMjM2LCJwaWQiOjM4NDIxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoiZzljeHEwbXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9waG90by4wOXAucXVlc3QvIn19.mxMwrcy9hsDr28LPHoY0fG3jF05ybmRMi1XJ7VD8o9w; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 22:24:34 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=16694713&country_code=NO&cost_cpa=6.000000&externalid=1949f9b4cdff2d0fce74d417f43aeba0
Set-Cookie: pdhtkv=true; expires=Mon, 05 Dec 2022 22:24:33 GMT
uncs=1; expires=Mon, 05 Dec 2022 22:24:33 GMT
pdhtkv28=true; expires=Mon, 05 Dec 2022 22:24:33 GMT
uncs28=1; expires=Mon, 05 Dec 2022 22:24:33 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 03ac6796e62f1121756c329b1f947c54
Strict-Transport-Security: max-age=0; includeSubdomains

www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=16694713&country_code=NO&cost_cpa=6.000000&externalid=1949f9b4cdff2d0fce74d417f43aeba0

18.194.134.212

302 Found

0 B

URL HTTP/2
www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=16694713&country_code=NO&cost_cpa=6.000000&externalid=1949f9b4cdff2d0fce74d417f43aeba0
IP
18.194.134.212:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=16694713&country_code=NO&cost_cpa=6.000000&externalid=1949f9b4cdff2d0fce74d417f43aeba0 HTTP/1.1
Host: www.gaming-adult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 22:24:34 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713
pragma: no-cache
set-cookie: 7204697f-4e8d-41d7-be50-8876231cc9f1-v4=c_49mpi8rc6HHFO3A3f1nyGJCInOFSEFI01W9BsQAHY; Max-Age=86400; Expires=Mon, 05-Dec-2022 22:24:34 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=GB5%2Bs75UZw8S53%2F4i1mBNk1OvdAsIGhekw1%2FWZEWTlZIgHozPVenDNL7HOqMy3cuxKthrQ8jUBy%2FCs1p%2FU1JZA58W1flCftMqCRuz9NoxYMYa9yKq%2BH2Mv0BzHnPWAfET9ulaqdV1ShUX2Qj8W%2Frsw%3D%3D; Max-Age=31536000; Expires=Mon, 04-Dec-2023 22:24:34 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:24:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:24:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:24:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5209 bytes)
Hash
8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pFKMx6_a5Ml_dBK1dafOt4KFMeC5SwUqNlNpc8sO4DVj0Ocb2Yksrw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:45:46 GMT
age: 67128
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8749 bytes)
Hash
dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 2179
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5276 bytes)
Hash
f0402b0c3474a5bd3b1ba804528b64a8
2d47af0fb664d9fec52549bb3bdba1dfd8911bb2
7f87af77663b8bf22211e135554ada8865cdcf6499e9fcf0f3442b10ca3984e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5276
x-amzn-requestid: d337310e-59be-4268-bfd0-8cc4f2c91a11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_soE98IAMF0aA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-230591591f8fd0984c222549;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x7xrn7E3aUdw75Br3B_GcqRhg-i5FcqG2NRMo4Pa5VhqjblbsvcgDg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 2179
etag: "2d47af0fb664d9fec52549bb3bdba1dfd8911bb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8660 bytes)
Hash
fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZbrQ6wWHMvuPGfdujPdgWq3ahDYeTi0wGfwnn27xEBt6TvM8r0kMgQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 2179
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6173 bytes)
Hash
3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZjAfnCIfBIkjjk0E62TZ7bHsCTUhJk9Wm_wIyhnUNvhgXja5ELfC4g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 2179
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.7 kB (3707 bytes)
Hash
d7bde76a4dbab17f37747e7da55ad924
56ee7aa6cf94570b1218ef6e767a7036d0b8900f
bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3707
x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_xhEm-IAMFRNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5XGO_QToLjgti1g7xU6jnUNtcyzzQZtc5pGmHqrtt6zD2dlVAN2BfQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 2179
etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
98a41bbcebf8dbe1787a0edacd0bd2d4
648590f24e0f7dda45c99d24211a328266c546aa
8fd50190b554430bbdfe2fa671c8f15eb33ea7ca8fd3d1c7f25b7ceaa0e788cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:24:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 08:28:37 GMT
Expires: Fri, 09 Dec 2022 08:28:36 GMT
Etag: "648590f24e0f7dda45c99d24211a328266c546aa"
Cache-Control: max-age=381241,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747f3f82942b51e-OSL

www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713

94.75.250.120

200 OK

2.2 kB

URL HTTP/2
www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
2.2 kB (2151 bytes)
Hash
145f7219b2ba7fa9d587f50247b77e66
12ca9710d442d2d9bbffa62e5cdb03241fbaa4cf
ba205d1c385038a2a67a6b268c661a50501ad3606a76f3f28a099527bef22e95

HTTP Headers

GET /?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:34 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; expires=Mon, 05-Dec-2022 06:24:34 GMT; Max-Age=28800; path=/; secure; SameSite=None
lang=en; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
ref_id=1962391; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc1=wv19998pve6lsmuk2hcfg3i2; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc2=Adsterra-David; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc3=NO; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc5=16694713; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
source=96bfc843-3d0a-43e6-983d-914746b3a7f8; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
campaign=693838; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
HAPBK=web10|Y40eJ; path=/; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
content-length: 2151
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/screenfull.js?v=66997040

94.75.250.120

200 OK

935 B

URL HTTP/2
www.hentaiheroes.com/js/screenfull.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (2863), with no line terminators
Size
935 B (935 bytes)
Hash
4dfe9ff40759d6d7316a51d4c38e5f9e
e1e3d4777637e222b1200a6d6bc67135492f9dd0
5ba0c79e328a50335bcd5850178c1f0cb70cd5478e738950a925081d04c49c50

HTTP Headers

GET /js/screenfull.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:34 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:08 GMT
etag: "b2f-5eed449036db1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 935
content-type: application/javascript
X-Firefox-Spdy: h2

www.hentaiheroes.com/css/chat.css?v=66997038

94.75.250.120

200 OK

15 kB

URL HTTP/2
www.hentaiheroes.com/css/chat.css?v=66997038
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
15 kB (14842 bytes)
Hash
36c678f83bdb35473b9ca7b60cffea3e
d6e1c0aa9490f6acb63c7ca263da98685833c103
8bd55f9d7cd0dbc923ec33bc23bb91ba660e28e1c2841ddaab0f214c3d570eb2

HTTP Headers

GET /css/chat.css?v=66997038 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:34 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:47 GMT
etag: "1ed5a-5eed447bb2e9a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14842
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

142.250.74.74

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 11:24:15 GMT
expires: Tue, 28 Nov 2023 11:24:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 558020
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script

142.250.74.106

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1309 bytes)
Hash
f552454024ce809af83d6df60b7e7a80
7eaf0b61613c8df7c1bca8be6147846a81e2aec8
cbca653fe88d4d4c21d53a735d2325d368c53404657303491b0c76abcd3d338c

HTTP Headers

GET /css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 22:24:35 GMT
date: Sun, 04 Dec 2022 22:24:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.hentaiheroes.com/js/chat.js?v=66997040

94.75.250.120

200 OK

116 kB

URL HTTP/2
www.hentaiheroes.com/js/chat.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
116 kB (116409 bytes)
Hash
3f81f6046bd9061226b3995d54040209
43eada1700c4d83091b3433c3fc4a774aeb970e3
52fc5b03a81657dc3302fad004df684f49259f868f5048c5f16728ae99661a24

HTTP Headers

GET /js/chat.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:34 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:07 GMT
etag: "65b72-5eed448f28595-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.hentaiheroes.com/js/quest.js?v=66997040

94.75.250.120

200 OK

7.6 kB

URL HTTP/2
www.hentaiheroes.com/js/quest.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (31025), with no line terminators
Size
7.6 kB (7571 bytes)
Hash
d65d7a20c194bf8c9125428dd44b1576
7bff10651a28b670fc525d24ecff7dde31ca303b
2003ec1e3f70928e8364fa4da4e6a0fbe39f298c162538c653d8f99e241cbeec

HTTP Headers

GET /js/quest.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:05 GMT
etag: "7931-5eed448d20d19-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7571
content-type: application/javascript
X-Firefox-Spdy: h2

fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2

216.58.207.227

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 27984, version 1.0\012- data
Size
28 kB (27984 bytes)
Hash
9c01ef3c4862a40bf29bd780e7e88da4
54db29d9cf8092d9c50d477c5d9d9e199c944453
dc6d951120092f271275422fbff657a219671695d03bdd251761e05ee9e86589

HTTP Headers

GET /s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 00:07:21 GMT
expires: Sat, 02 Dec 2023 00:07:21 GMT
cache-control: public, max-age=31536000
age: 253034
last-modified: Thu, 21 Apr 2022 17:07:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/guest.js?v=66997039

94.75.250.120

200 OK

529 B

URL HTTP/2
www.hentaiheroes.com/js/guest.js?v=66997039
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (1367), with no line terminators
Size
529 B (529 bytes)
Hash
7348e55be15dc16f98e50b2826ece833
4186367a3694585077625c655a9c503cdabbd545
ea3aab4a54f71ce834d19887b7b10988bb3ba09ed818f92b80ee64150bf59972

HTTP Headers

GET /js/guest.js?v=66997039 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:53 GMT
etag: "557-5eed4481d632f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 529
content-type: application/javascript
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f77f379ab403eb0f175d3abf51eacc1e
4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f
16e42cd2de65fb2e13c9bff46834ea94ec3038bfe3c958f8297676c920d4225d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:24:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 15:14:35 GMT
Expires: Thu, 08 Dec 2022 15:14:34 GMT
Etag: "4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f"
Cache-Control: max-age=319198,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747f3fc2f8ab51e-OSL

www.hentaiheroes.com/img/quests/1/1/1600x/p1a.jpg

94.75.250.120

200 OK

192 kB

URL HTTP/2
www.hentaiheroes.com/img/quests/1/1/1600x/p1a.jpg
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 177x177, segment length 16, baseline, precision 8, 1600x901, components 3\012- data
Size
192 kB (192482 bytes)
Hash
1bc1f5f820121de985f85046a2f733d6
1cfc01a3beca685e34f117271e5b0b3e9f25cd71
0b8d2fe2ed596e9edfa3b05858f55d5f5cf5f9fcad84baeb4354ed5a96bc99fa

HTTP Headers

GET /img/quests/1/1/1600x/p1a.jpg HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
cache-control: private, max-age=2629000, pre-check=2629000
pragma: private
expires: Sat, 31 Jan 70 11:16:40 +0100
strict-transport-security: max-age=31536000
content-type: image/jpg
X-Firefox-Spdy: h2

hh2.hh-content.com/clubs/ic_xCross.png

104.152.112.105

200 OK

1.3 kB

URL HTTP/2
hh2.hh-content.com/clubs/ic_xCross.png
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 82 x 74, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1264 bytes)
Hash
8ae89c096a2186b9ed393a2baa1e8886
53917bc9a063bc304440ec6ae17fb1c583c8f9c4
02c88820b0f0b1292dfc9a5ad88c8cbbfd7941a41ca69f00b769b41deb198be6

HTTP Headers

GET /clubs/ic_xCross.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 1264
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6139-0-3673-h-0-0---;7619-27-38667----0-0-1
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/design/mob_rotation.gif

104.152.112.105

200 OK

104 kB

URL HTTP/2
hh2.hh-content.com/pictures/design/mob_rotation.gif
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
GIF image data, version 89a, 500 x 443\012- data
Size
104 kB (104376 bytes)
Hash
56deb21462c0875468e3d21f85bb61f9
97cb9c682beb7c0f9c7396d47472c9e263e0677a
f849636c8b1d9a0fb7fde5dde56795c2428291e5e76a53ce4c53974e6c32afa8

HTTP Headers

GET /pictures/design/mob_rotation.gif HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/gif
content-length: 104376
last-modified: Fri, 12 Mar 2021 15:25:52 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43340-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/ic_loading_carrot.svg

104.152.112.105

200 OK

3.7 kB

URL HTTP/2
hh2.hh-content.com/ic_loading_carrot.svg
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
3.7 kB (3743 bytes)
Hash
c7ea21734a64fecf0b2b8f54e582e036
2383ef4319d210f37b256cdd05a6e75de60091bc
bd50e89429493ff3043675f67cbbdeea7da18da0ef2a8e0de870eb39dac8dd25

HTTP Headers

GET /ic_loading_carrot.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 3743
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-28237-h-0-0---;7619-27-38667----0-0-1
X-Firefox-Spdy: h2

images.hh-content.com/hentai/pictures/design/logo2.png

104.152.112.105

200 OK

3.4 kB

URL HTTP/2
images.hh-content.com/hentai/pictures/design/logo2.png
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 566 x 250, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3449 bytes)
Hash
bb30651d4829e8d4aa2d2fe1da64b9c9
1607a6cec035df2fc2779732d7505f4c9ecdb5a2
0a9d9b559f56759b74032fa25a5f422cb094864a26e93f7b366a0f0dc8675782

HTTP Headers

GET /hentai/pictures/design/logo2.png HTTP/1.1
Host: images.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 3449
last-modified: Tue, 23 Mar 2021 12:09:15 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: images.hh-content.com
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;7619-24-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_join.svg

104.152.112.105

200 OK

1.4 kB

URL HTTP/2
hh2.hh-content.com/design/ic_join.svg
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (401), with CRLF line terminators
Size
1.4 kB (1411 bytes)
Hash
8ba97dba6572f93deebde7fe83bd5b69
f4cda4f98492c210aa990cf6063e8a79590ae011
f5557fa48f8dcff13b38b1b5055d04768470bc01be5a1a0971fd9293042b1b79

HTTP Headers

GET /design/ic_join.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 1411
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43335-h-0-0---;7619-24-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_login.svg

104.152.112.105

200 OK

8.7 kB

URL HTTP/2
hh2.hh-content.com/design/ic_login.svg
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
8.7 kB (8722 bytes)
Hash
5915a8ebac160e3953e4467dedec30b8
df20474ef16fc034e7c9bf27bb1bff222d106032
fec09101a2dbd6d4956c64c59f4898b448ec8dc884cbc01976ce6e6fa6eeb118

HTTP Headers

GET /design/ic_login.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 8722
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;7619-24-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_legal.svg

104.152.112.105

200 OK

2.3 kB

URL HTTP/2
hh2.hh-content.com/design/ic_legal.svg
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.3 kB (2320 bytes)
Hash
e12db90b345490737b33530778cf44ee
e873e0209b1a08f5d87dd0534d6fd3311c9f766f
b8f586101e80adb692675c6b21adaad397a7ba1033d45d61d2f0189b78c6cb91

HTTP Headers

GET /design/ic_legal.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 2320
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-7901-h-0-0---;7619-24-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/quest/ic_eyeclosed.svg

104.152.112.105

200 OK

1.4 kB

URL HTTP/2
hh2.hh-content.com/quest/ic_eyeclosed.svg
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.4 kB (1424 bytes)
Hash
ee4ad4b4410fcc5898cab08a69780cd6
a8ed6e8ef5b181c240270cbcc7aa155405eb3003
1221af76045abbae2c6505da09d58cdee9ece408c45c084198f4b6646e60cb84

HTTP Headers

GET /quest/ic_eyeclosed.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 1424
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-28237-h-0-0---;7619-24-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/quest/ic_eyeopen.svg

104.152.112.105

200 OK

1.1 kB

URL HTTP/2
hh2.hh-content.com/quest/ic_eyeopen.svg
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1142 bytes)
Hash
d024138a612c10f6f1f53a59ee5e3dd2
eeaf38bfbcc7b8eb245647db978e61db286bcc30
54dc51810c4190a40a490c712bc60a7a2764e6213f8c1b7230836d83de5de996

HTTP Headers

GET /quest/ic_eyeopen.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 1142
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7846-0-3620-h-0-0---;7619-24-38667----0-1-0
X-Firefox-Spdy: h2

fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2

216.58.207.227

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22144, version 1.0\012- data
Size
22 kB (22144 bytes)
Hash
f3ad3b3081bb38a18628d88ddf39b8b6
befa33190a885871d06ebf259dc12d0d325fd74c
252063af6ade8b9a744cde4ddad0fc21ea53b8ba711eed121a0c2e8610ea9c93

HTTP Headers

GET /s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:44:16 GMT
expires: Sun, 03 Dec 2023 14:44:16 GMT
cache-control: public, max-age=31536000
age: 114019
last-modified: Tue, 26 Apr 2022 15:48:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_fullscreen.svg

104.152.112.105

200 OK

9.1 kB

URL HTTP/2
hh2.hh-content.com/design/ic_fullscreen.svg
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
9.1 kB (9108 bytes)
Hash
0831c44a1a21d67c02ef25bc69e5b889
b160e53081718dfbde5d57fc71d3d09e7d263eac
ceb0ca832f16fdb1647cbf5d34d6c095dd6ad6b8b842dc2cf7317f15dcbe2f76

HTTP Headers

GET /design/ic_fullscreen.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 9108
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/menu/sound_on.svg

104.152.112.105

200 OK

2.3 kB

URL HTTP/2
hh2.hh-content.com/design/menu/sound_on.svg
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.3 kB (2269 bytes)
Hash
c89b911deef6444f334ee6bec8b70bae
8e9121d4a8eb7cac274a7cc6b9665531d908e604
7c114f2ad2ce1fb762d9a537d35c75de9901a6885e00a77aa1b9486dd8169c8f

HTTP Headers

GET /design/menu/sound_on.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 2269
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43335-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png

104.152.112.105

200 OK

500 B

URL HTTP/2
hh2.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
500 B (500 bytes)
Hash
0be950aa354017dc58d2523c5d7bb687
d0fc1a220cdc3975fa92ac6f5f7b118048c54902
10bc9639649542c420fdec036e7aceedb3b16a0081c33fc97125c07b90f2b6b8

HTTP Headers

GET /design/quest_fullscreen/quest_exit_fullscreen.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 500
last-modified: Fri, 23 Sep 2022 06:45:28 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/design/form/ic_XP.png

104.152.112.105

200 OK

4.4 kB

URL HTTP/2
hh2.hh-content.com/pictures/design/form/ic_XP.png
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
4.4 kB (4352 bytes)
Hash
5a8d57bde80c34a9a0f49ae67eeba882
e7112c1c1ba4b0013ae4089568ba14390a304bbf
645ef1f9c9ef97db46d9ff931b84312e6853df6c6a5e5406677b370d391aa8ad

HTTP Headers

GET /pictures/design/form/ic_XP.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 4352
last-modified: Tue, 29 May 2018 11:40:00 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4184-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/design/ic_soft_currency.png

104.152.112.105

200 OK

4.8 kB

URL HTTP/2
hh2.hh-content.com/pictures/design/ic_soft_currency.png
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
4.8 kB (4783 bytes)
Hash
628032e842e346860ba4132a5b66fe93
d441605bb3c43621520525758d75b9c9bc99831a
1fbde569f6ce61dc1302f088318f2d1acdc24b85475e998bda540fc131c4f04a

HTTP Headers

GET /pictures/design/ic_soft_currency.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 4783
last-modified: Wed, 13 Mar 2019 16:03:42 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2

www.hentaiheroes.com/ajax.php

94.75.250.120

200 OK

16 B

URL HTTP/2
www.hentaiheroes.com/ajax.php
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

HTTP Headers

POST /ajax.php HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 60
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-length: 16
content-type: application/json; charset=utf-8
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d01b051d95bfdeede5a54d888c61893a
ddfe4dd98bb77188751de40191712bed122509a5
db7c0f80f756aea3126fb8b72edb272f312a1866744becbb8e313102d3c6ccbf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB7C0F80F756AEA3126FB8B72EDB272F312A1866744BECBB8E313102D3C6CCBF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9333
Expires: Mon, 05 Dec 2022 01:00:08 GMT
Date: Sun, 04 Dec 2022 22:24:35 GMT
Connection: keep-alive

use.typekit.net/lfu1uah.css

95.101.11.120

200 OK

827 B

URL HTTP/2
use.typekit.net/lfu1uah.css
IP
95.101.11.120:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
827 B (827 bytes)
Hash
23cb3bd0e9baa58586be8877ed1fa4cf
4ba80bb386eced49c48a45d0f1760810178e4fbe
9170aa9c3289e5e5d09f40bc0941d772e3d4cde22e5f145eafdfa7b68118ad69

HTTP Headers

GET /lfu1uah.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 827
date: Sun, 04 Dec 2022 22:24:35 GMT
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/audio/bg_music_2.ogg

104.152.112.105

206 Partial Content

215 kB

URL HTTP/2
hh2.hh-content.com/pictures/audio/bg_music_2.ogg
IP
104.152.112.105:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
Ogg data, Vorbis audio, stereo, 44100 Hz, ~48000 bps\012- data
Size
215 kB (214585 bytes)
Hash
bc07da9c6394b98918cd179c9d3b707b
375a0c2c2cd0e4a718812e6c2ebb84e1988547b2
852fcd6ca95f05bb06f174f2d823898b471c535682bb773ab485158557ed01ea

HTTP Headers

GET /pictures/audio/bg_music_2.ogg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: audio/ogg
content-length: 1833608
last-modified: Mon, 22 Feb 2021 09:58:57 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
content-range: bytes 0-1833607/1833608
x-cdn-diag: ams5-7846-0-3620-h-0-0---;7619-30-38667----0-0-1
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/show.svg

94.75.250.120

200 OK

510 B

URL HTTP/2
eggs-content.kinkoid.com/authentication/show.svg
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (510), with no line terminators
Size
510 B (510 bytes)
Hash
aae407daa4dba9e5d6b2ddf37a0f1b41
fa37c7736d6c33b9e62349cc65d0252bc715cb47
84bc80996a1db1c515d60d9fb037042d6220adc9b5be3bf279b06013fc9d6aa2

HTTP Headers

GET /authentication/show.svg HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 510
last-modified: Tue, 14 Jul 2020 06:31:15 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hide.svg

94.75.250.120

200 OK

748 B

URL HTTP/2
eggs-content.kinkoid.com/authentication/hide.svg
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (748), with no line terminators
Size
748 B (748 bytes)
Hash
cad59edc70e2ae6387ab04e4f961528f
c7bb66aa521e859f4d8a35b6b8da847862e24413
51bdb6a686feff9b34838a4e975c4ed30fb665543036b1f8adc6036be0764192

HTTP Headers

GET /authentication/hide.svg HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 748
last-modified: Tue, 14 Jul 2020 06:31:25 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hentaiheroes.com/css/default.css?v=66997038

94.75.250.120

200 OK

405 kB

URL HTTP/2
www.hentaiheroes.com/css/default.css?v=66997038
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
405 kB (404580 bytes)
Hash
bf96baa0eca9cf3f8f5866e79a1b70e3
638553eba039ca7410f54bc750218463c65ef87d
28c8867dd587fc412dc18a0a77a9fb52a4460d13fcf5ccf7e4e8046e99aeec86

HTTP Headers

GET /css/default.css?v=66997038 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:45 GMT
etag: "1a002d-5eed4479c4c5e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hentai/logo.png

94.75.250.120

200 OK

3.4 kB

URL HTTP/2
eggs-content.kinkoid.com/authentication/hentai/logo.png
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 270 x 123, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3379 bytes)
Hash
646617323d6d9e7cc959c516687af6d2
692b46ea8a5edbe527788e6b4e497363699cad5d
c95f6a0e76f202044aaf647ad9894d5822b322adf586f3b656c99aabcab6ee4e

HTTP Headers

GET /authentication/hentai/logo.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 3379
last-modified: Tue, 14 Jul 2020 06:31:34 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hentai/authenticate.png

94.75.250.120

200 OK

376 kB

URL HTTP/2
eggs-content.kinkoid.com/authentication/hentai/authenticate.png
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size
376 kB (375725 bytes)
Hash
aab6e513d0b432bdcf6dad47cd4bc8ed
fddf92ae7fc344fb7840184cd4f754b41a6adf6c
b6880722169342e566a36393a92ceefac70f35020bb5193f9872e1e0dd8a905b

HTTP Headers

GET /authentication/hentai/authenticate.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 375725
last-modified: Tue, 14 Jul 2020 04:40:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hentai/register.png

94.75.250.120

200 OK

657 kB

URL HTTP/2
eggs-content.kinkoid.com/authentication/hentai/register.png
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size
657 kB (657088 bytes)
Hash
94e78471d96928c94b8a02a81744ac8d
eed3da5bce576f851fdc86811a9c02f68757ae87
9df1ddbf2d792fc3c08ab0313cb55f85d9206d897e0030d39f1ab5dcb2fa8fb6

HTTP Headers

GET /authentication/hentai/register.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 657088
last-modified: Tue, 14 Jul 2020 04:40:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css

95.101.11.112

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css
IP
95.101.11.112:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
date: Sun, 04 Dec 2022 22:24:36 GMT
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/default.js?v=66997040

94.75.250.120

200 OK

0 B

URL HTTP/2
www.hentaiheroes.com/js/default.js?v=66997040
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/default.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:04 GMT
etag: "1ca4c8-5eed448b82c1c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

www.hentaiheroes.com/phoenix-tr_labels-en-1412.js

94.75.250.120

200 OK

0 B

URL HTTP/2
www.hentaiheroes.com/phoenix-tr_labels-en-1412.js
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /phoenix-tr_labels-en-1412.js HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
content-encoding: gzip
cache-control: private, max-age=604800, pre-check=604800
pragma: private
expires: Thu, 08 Jan 70 01:00:00 +0100
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8;
X-Firefox-Spdy: h2

eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate

94.75.250.120

200 OK

0 B

URL HTTP/2
eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /authentication/start_authentication?product_id=1&language=en&purpose=authenticate HTTP/1.1
Host: eggs-ext.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST, GET
access-control-max-age: 2592000
access-control-allow-headers: protocol
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 22:24:35 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations