photo.09p.quest/mp2g6i274
170.10.160.83200 OK 139 B URL HTTP/1.1 photo.09p.quest/mp2g6i274
IP 170.10.160.83:0
File type HTML document, ASCII text, with no line terminators
Hash dbd8a7e53e5e4ff76666ade80ba8197c
16ba953f6c9af694a22d078dab1a877172f96697
4cc16bf8af1fb3fe50bb3c687ceef122bfb6da52ac87edcb109fa404ec22ecc8
GET /mp2g6i274 HTTP/1.1
Host: photo.09p.quest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 139
content-encoding: gzip
vary: Accept-Encoding
date: Sun, 04 Dec 2022 22:24:31 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4713
Expires: Sun, 04 Dec 2022 23:43:05 GMT
Date: Sun, 04 Dec 2022 22:24:32 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1372
Cache-Control: max-age=131377
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:32 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:54:09 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 22:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 368
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5232
Expires: Sun, 04 Dec 2022 23:51:44 GMT
Date: Sun, 04 Dec 2022 22:24:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nDGNjqzSP47A3vsOoa84vD2cBsu+bpzFevxx/VAciBfV8ziJcTDmdvQlbLojY56zn5G6eMC4G9w=
x-amz-request-id: KEV89HDX6VG07XD1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 21:47:43 GMT
age: 2209
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:24:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
photo.09p.quest/favicon.ico
170.10.160.83404 Not Found 1.2 kB URL HTTP/1.1 photo.09p.quest/favicon.ico
IP 170.10.160.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: photo.09p.quest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://photo.09p.quest/mp2g6i274
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 04 Dec 2022 22:24:32 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 22:11:19 GMT
cache-control: public,max-age=3600
age: 793
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
sanebreq12.com/?api=1&lan=vy7sQWrIg0OJCIgYF8OaOksSytL&ht=1
156.67.72.48200 OK 104 B URL HTTP/2 sanebreq12.com/?api=1&lan=vy7sQWrIg0OJCIgYF8OaOksSytL&ht=1
IP 156.67.72.48:0
ASN #47583 Hostinger International Limited
File type ASCII text, with no line terminators
Hash 954f124dd5267b21f091900a4b80a0ac
00ab0c8d60ad4bddafdd743cc69320e0f70b6ca2
125f3615ce4cd596c913ba91d379656fa6f959a77ba1d7a729e1c51ab936fba8
GET /?api=1&lan=vy7sQWrIg0OJCIgYF8OaOksSytL&ht=1 HTTP/1.1
Host: sanebreq12.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://photo.09p.quest/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
set-cookie: PHPSESSID=228900633bdb1259fd7e1b59aeaad293; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 104
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 22:24:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1360
Cache-Control: max-age=126299
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:32 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:29:31 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.186.39101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.186.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DKjuxEYekz8G4FZ8FV3tgA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pzMc78qNAxFhtl3g3wWMQ0suRxs=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d68286b345e069a9b18366e3d6f8cf5c
016c42a3b98dc82f82a11fc315bd69e2c8b0fd7b
1fb9d189376a20f18dd86f2e67cf137c8d6c92fd85ed9d97bf2224d218fa1ca6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1FB9D189376A20F18DD86F2E67CF137C8D6C92FD85ED9D97BF2224D218FA1CA6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8878
Expires: Mon, 05 Dec 2022 00:52:31 GMT
Date: Sun, 04 Dec 2022 22:24:33 GMT
Connection: keep-alive
www.highperformancegate.com/g9cxq0mw?key=03a2b117b8446852a7b3c3715d7b47be
173.233.137.44200 OK 1.3 kB URL HTTP/1.1 www.highperformancegate.com/g9cxq0mw?key=03a2b117b8446852a7b3c3715d7b47be
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8a39898d15c93ae84bd3d3d3b91a319a
216b34a78ef638d8921381fdea08df93f796fae1
ef2b9e385c9bf8a5ee5f65678f7574c7dc824d992b327b2c71c63befa842e557
Analyzer Verdict Alert quad9 Sinkholed
GET /g9cxq0mw?key=03a2b117b8446852a7b3c3715d7b47be HTTP/1.1
Host: www.highperformancegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://photo.09p.quest/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 22:24:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16694713; expires=Mon, 05 Dec 2022 22:24:33 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY5NDcxMywiayI6IjAzYTJiMTE3Yjg0NDY4NTJhN2IzYzM3MTVkN2I0N2JlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjkxMjM2LCJwaWQiOjM4NDIxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoiZzljeHEwbXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9waG90by4wOXAucXVlc3QvIn19.mxMwrcy9hsDr28LPHoY0fG3jF05ybmRMi1XJ7VD8o9w; expires=Sun, 04 Dec 2022 22:25:33 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c43950ba75ac98554bfff424aadc455
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.highperformancegate.com/g9cxq0mw?shu=c201cc324735edc0ccff1bc4e834ef78876fdfd7e6b22d512c879eb97444bd462bb3cbdac76ab254f8b25ce018cf6968827175009e734c144c5e1264a839328f98c0a3773d31844c72aef154419e81eb95ef86696e683d12923231311f02d6f3f0e5&pst=1670192733&rmtc=t&uuid=&pii=&in=false&key=03a2b117b8446852a7b3c3715d7b47be&refer=http%3A%2F%2Fphoto.09p.quest%2F
173.233.137.44302 Found 0 B URL HTTP/1.1 www.highperformancegate.com/g9cxq0mw?shu=c201cc324735edc0ccff1bc4e834ef78876fdfd7e6b22d512c879eb97444bd462bb3cbdac76ab254f8b25ce018cf6968827175009e734c144c5e1264a839328f98c0a3773d31844c72aef154419e81eb95ef86696e683d12923231311f02d6f3f0e5&pst=1670192733&rmtc=t&uuid=&pii=&in=false&key=03a2b117b8446852a7b3c3715d7b47be&refer=http%3A%2F%2Fphoto.09p.quest%2F
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /g9cxq0mw?shu=c201cc324735edc0ccff1bc4e834ef78876fdfd7e6b22d512c879eb97444bd462bb3cbdac76ab254f8b25ce018cf6968827175009e734c144c5e1264a839328f98c0a3773d31844c72aef154419e81eb95ef86696e683d12923231311f02d6f3f0e5&pst=1670192733&rmtc=t&uuid=&pii=&in=false&key=03a2b117b8446852a7b3c3715d7b47be&refer=http%3A%2F%2Fphoto.09p.quest%2F HTTP/1.1
Host: www.highperformancegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.highperformancegate.com/g9cxq0mw?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=16694713
Cookie: u_pl=16694713; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY5NDcxMywiayI6IjAzYTJiMTE3Yjg0NDY4NTJhN2IzYzM3MTVkN2I0N2JlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjkxMjM2LCJwaWQiOjM4NDIxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoiZzljeHEwbXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9waG90by4wOXAucXVlc3QvIn19.mxMwrcy9hsDr28LPHoY0fG3jF05ybmRMi1XJ7VD8o9w; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 22:24:34 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=16694713&country_code=NO&cost_cpa=6.000000&externalid=1949f9b4cdff2d0fce74d417f43aeba0
Set-Cookie: pdhtkv=true; expires=Mon, 05 Dec 2022 22:24:33 GMT
uncs=1; expires=Mon, 05 Dec 2022 22:24:33 GMT
pdhtkv28=true; expires=Mon, 05 Dec 2022 22:24:33 GMT
uncs28=1; expires=Mon, 05 Dec 2022 22:24:33 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 03ac6796e62f1121756c329b1f947c54
Strict-Transport-Security: max-age=0; includeSubdomains
www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=16694713&country_code=NO&cost_cpa=6.000000&externalid=1949f9b4cdff2d0fce74d417f43aeba0
18.194.134.212302 Found 0 B URL HTTP/2 www.gaming-adult.com/7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=16694713&country_code=NO&cost_cpa=6.000000&externalid=1949f9b4cdff2d0fce74d417f43aeba0
IP 18.194.134.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7204697f-4e8d-41d7-be50-8876231cc9f1?campaign_ID=693838&placement_id=16694713&country_code=NO&cost_cpa=6.000000&externalid=1949f9b4cdff2d0fce74d417f43aeba0 HTTP/1.1
Host: www.gaming-adult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 22:24:34 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713
pragma: no-cache
set-cookie: 7204697f-4e8d-41d7-be50-8876231cc9f1-v4=c_49mpi8rc6HHFO3A3f1nyGJCInOFSEFI01W9BsQAHY; Max-Age=86400; Expires=Mon, 05-Dec-2022 22:24:34 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=GB5%2Bs75UZw8S53%2F4i1mBNk1OvdAsIGhekw1%2FWZEWTlZIgHozPVenDNL7HOqMy3cuxKthrQ8jUBy%2FCs1p%2FU1JZA58W1flCftMqCRuz9NoxYMYa9yKq%2BH2Mv0BzHnPWAfET9ulaqdV1ShUX2Qj8W%2Frsw%3D%3D; Max-Age=31536000; Expires=Mon, 04-Dec-2023 22:24:34 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:24:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:24:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:24:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pFKMx6_a5Ml_dBK1dafOt4KFMeC5SwUqNlNpc8sO4DVj0Ocb2Yksrw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:45:46 GMT
age: 67128
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 2179
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0402b0c3474a5bd3b1ba804528b64a8
2d47af0fb664d9fec52549bb3bdba1dfd8911bb2
7f87af77663b8bf22211e135554ada8865cdcf6499e9fcf0f3442b10ca3984e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5276
x-amzn-requestid: d337310e-59be-4268-bfd0-8cc4f2c91a11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_soE98IAMF0aA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-230591591f8fd0984c222549;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x7xrn7E3aUdw75Br3B_GcqRhg-i5FcqG2NRMo4Pa5VhqjblbsvcgDg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 2179
etag: "2d47af0fb664d9fec52549bb3bdba1dfd8911bb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZbrQ6wWHMvuPGfdujPdgWq3ahDYeTi0wGfwnn27xEBt6TvM8r0kMgQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 2179
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZjAfnCIfBIkjjk0E62TZ7bHsCTUhJk9Wm_wIyhnUNvhgXja5ELfC4g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 2179
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7bde76a4dbab17f37747e7da55ad924
56ee7aa6cf94570b1218ef6e767a7036d0b8900f
bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3707
x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_xhEm-IAMFRNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5XGO_QToLjgti1g7xU6jnUNtcyzzQZtc5pGmHqrtt6zD2dlVAN2BfQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 2179
etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 98a41bbcebf8dbe1787a0edacd0bd2d4
648590f24e0f7dda45c99d24211a328266c546aa
8fd50190b554430bbdfe2fa671c8f15eb33ea7ca8fd3d1c7f25b7ceaa0e788cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:24:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 08:28:37 GMT
Expires: Fri, 09 Dec 2022 08:28:36 GMT
Etag: "648590f24e0f7dda45c99d24211a328266c546aa"
Cache-Control: max-age=381241,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747f3f82942b51e-OSL
www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713
94.75.250.120200 OK 2.2 kB URL HTTP/2 www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 145f7219b2ba7fa9d587f50247b77e66
12ca9710d442d2d9bbffa62e5cdb03241fbaa4cf
ba205d1c385038a2a67a6b268c661a50501ad3606a76f3f28a099527bef22e95
GET /?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:34 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; expires=Mon, 05-Dec-2022 06:24:34 GMT; Max-Age=28800; path=/; secure; SameSite=None
lang=en; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
ref_id=1962391; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc1=wv19998pve6lsmuk2hcfg3i2; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc2=Adsterra-David; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc3=NO; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc5=16694713; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
source=96bfc843-3d0a-43e6-983d-914746b3a7f8; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
campaign=693838; expires=Mon, 04-Dec-2023 22:24:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None
HAPBK=web10|Y40eJ; path=/; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
content-length: 2151
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.hentaiheroes.com/js/screenfull.js?v=66997040
94.75.250.120200 OK 935 B URL HTTP/2 www.hentaiheroes.com/js/screenfull.js?v=66997040
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (2863), with no line terminators
Hash 4dfe9ff40759d6d7316a51d4c38e5f9e
e1e3d4777637e222b1200a6d6bc67135492f9dd0
5ba0c79e328a50335bcd5850178c1f0cb70cd5478e738950a925081d04c49c50
GET /js/screenfull.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:34 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:08 GMT
etag: "b2f-5eed449036db1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 935
content-type: application/javascript
X-Firefox-Spdy: h2
www.hentaiheroes.com/css/chat.css?v=66997038
94.75.250.120200 OK 15 kB URL HTTP/2 www.hentaiheroes.com/css/chat.css?v=66997038
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 36c678f83bdb35473b9ca7b60cffea3e
d6e1c0aa9490f6acb63c7ca263da98685833c103
8bd55f9d7cd0dbc923ec33bc23bb91ba660e28e1c2841ddaab0f214c3d570eb2
GET /css/chat.css?v=66997038 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:34 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:47 GMT
etag: "1ed5a-5eed447bb2e9a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14842
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
142.250.74.74200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 11:24:15 GMT
expires: Tue, 28 Nov 2023 11:24:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 558020
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script
142.250.74.106200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script
IP 142.250.74.106:0
Hash f552454024ce809af83d6df60b7e7a80
7eaf0b61613c8df7c1bca8be6147846a81e2aec8
cbca653fe88d4d4c21d53a735d2325d368c53404657303491b0c76abcd3d338c
GET /css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 22:24:35 GMT
date: Sun, 04 Dec 2022 22:24:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hentaiheroes.com/js/chat.js?v=66997040
94.75.250.120200 OK 116 kB URL HTTP/2 www.hentaiheroes.com/js/chat.js?v=66997040
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Size 116 kB (116409 bytes)
Hash 3f81f6046bd9061226b3995d54040209
43eada1700c4d83091b3433c3fc4a774aeb970e3
52fc5b03a81657dc3302fad004df684f49259f868f5048c5f16728ae99661a24
GET /js/chat.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wv19998pve6lsmuk2hcfg3i2&tc2=Adsterra-David&tc3=NO&source=96bfc843-3d0a-43e6-983d-914746b3a7f8&campaign=693838&tc5=16694713
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:34 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:07 GMT
etag: "65b72-5eed448f28595-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:24:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hentaiheroes.com/js/quest.js?v=66997040
94.75.250.120200 OK 7.6 kB URL HTTP/2 www.hentaiheroes.com/js/quest.js?v=66997040
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (31025), with no line terminators
Hash d65d7a20c194bf8c9125428dd44b1576
7bff10651a28b670fc525d24ecff7dde31ca303b
2003ec1e3f70928e8364fa4da4e6a0fbe39f298c162538c653d8f99e241cbeec
GET /js/quest.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:05 GMT
etag: "7931-5eed448d20d19-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7571
content-type: application/javascript
X-Firefox-Spdy: h2
fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 27984, version 1.0\012- data
Hash 9c01ef3c4862a40bf29bd780e7e88da4
54db29d9cf8092d9c50d477c5d9d9e199c944453
dc6d951120092f271275422fbff657a219671695d03bdd251761e05ee9e86589
GET /s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 00:07:21 GMT
expires: Sat, 02 Dec 2023 00:07:21 GMT
cache-control: public, max-age=31536000
age: 253034
last-modified: Thu, 21 Apr 2022 17:07:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.hentaiheroes.com/js/guest.js?v=66997039
94.75.250.120200 OK 529 B URL HTTP/2 www.hentaiheroes.com/js/guest.js?v=66997039
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (1367), with no line terminators
Hash 7348e55be15dc16f98e50b2826ece833
4186367a3694585077625c655a9c503cdabbd545
ea3aab4a54f71ce834d19887b7b10988bb3ba09ed818f92b80ee64150bf59972
GET /js/guest.js?v=66997039 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:53 GMT
etag: "557-5eed4481d632f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 529
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f77f379ab403eb0f175d3abf51eacc1e
4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f
16e42cd2de65fb2e13c9bff46834ea94ec3038bfe3c958f8297676c920d4225d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:24:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 15:14:35 GMT
Expires: Thu, 08 Dec 2022 15:14:34 GMT
Etag: "4c0bc75fab7089bb7f0b172bd9c1a93d69b1671f"
Cache-Control: max-age=319198,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747f3fc2f8ab51e-OSL
www.hentaiheroes.com/img/quests/1/1/1600x/p1a.jpg
94.75.250.120200 OK 192 kB URL HTTP/2 www.hentaiheroes.com/img/quests/1/1/1600x/p1a.jpg
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 177x177, segment length 16, baseline, precision 8, 1600x901, components 3\012- data
Size 192 kB (192482 bytes)
Hash 1bc1f5f820121de985f85046a2f733d6
1cfc01a3beca685e34f117271e5b0b3e9f25cd71
0b8d2fe2ed596e9edfa3b05858f55d5f5cf5f9fcad84baeb4354ed5a96bc99fa
GET /img/quests/1/1/1600x/p1a.jpg HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
cache-control: private, max-age=2629000, pre-check=2629000
pragma: private
expires: Sat, 31 Jan 70 11:16:40 +0100
strict-transport-security: max-age=31536000
content-type: image/jpg
X-Firefox-Spdy: h2
hh2.hh-content.com/clubs/ic_xCross.png
104.152.112.105200 OK 1.3 kB URL HTTP/2 hh2.hh-content.com/clubs/ic_xCross.png
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 82 x 74, 8-bit colormap, non-interlaced\012- data
Hash 8ae89c096a2186b9ed393a2baa1e8886
53917bc9a063bc304440ec6ae17fb1c583c8f9c4
02c88820b0f0b1292dfc9a5ad88c8cbbfd7941a41ca69f00b769b41deb198be6
GET /clubs/ic_xCross.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 1264
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6139-0-3673-h-0-0---;7619-27-38667----0-0-1
X-Firefox-Spdy: h2
hh2.hh-content.com/pictures/design/mob_rotation.gif
104.152.112.105200 OK 104 kB URL HTTP/2 hh2.hh-content.com/pictures/design/mob_rotation.gif
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type GIF image data, version 89a, 500 x 443\012- data
Size 104 kB (104376 bytes)
Hash 56deb21462c0875468e3d21f85bb61f9
97cb9c682beb7c0f9c7396d47472c9e263e0677a
f849636c8b1d9a0fb7fde5dde56795c2428291e5e76a53ce4c53974e6c32afa8
GET /pictures/design/mob_rotation.gif HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/gif
content-length: 104376
last-modified: Fri, 12 Mar 2021 15:25:52 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43340-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2
hh2.hh-content.com/ic_loading_carrot.svg
104.152.112.105200 OK 3.7 kB URL HTTP/2 hh2.hh-content.com/ic_loading_carrot.svg
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c7ea21734a64fecf0b2b8f54e582e036
2383ef4319d210f37b256cdd05a6e75de60091bc
bd50e89429493ff3043675f67cbbdeea7da18da0ef2a8e0de870eb39dac8dd25
GET /ic_loading_carrot.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 3743
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-28237-h-0-0---;7619-27-38667----0-0-1
X-Firefox-Spdy: h2
images.hh-content.com/hentai/pictures/design/logo2.png
104.152.112.105200 OK 3.4 kB URL HTTP/2 images.hh-content.com/hentai/pictures/design/logo2.png
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 566 x 250, 8-bit colormap, non-interlaced\012- data
Hash bb30651d4829e8d4aa2d2fe1da64b9c9
1607a6cec035df2fc2779732d7505f4c9ecdb5a2
0a9d9b559f56759b74032fa25a5f422cb094864a26e93f7b366a0f0dc8675782
GET /hentai/pictures/design/logo2.png HTTP/1.1
Host: images.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 3449
last-modified: Tue, 23 Mar 2021 12:09:15 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: images.hh-content.com
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;7619-24-38667----0-0-0
X-Firefox-Spdy: h2
hh2.hh-content.com/design/ic_join.svg
104.152.112.105200 OK 1.4 kB URL HTTP/2 hh2.hh-content.com/design/ic_join.svg
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (401), with CRLF line terminators
Hash 8ba97dba6572f93deebde7fe83bd5b69
f4cda4f98492c210aa990cf6063e8a79590ae011
f5557fa48f8dcff13b38b1b5055d04768470bc01be5a1a0971fd9293042b1b79
GET /design/ic_join.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 1411
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43335-h-0-0---;7619-24-38667----0-0-0
X-Firefox-Spdy: h2
hh2.hh-content.com/design/ic_login.svg
104.152.112.105200 OK 8.7 kB URL HTTP/2 hh2.hh-content.com/design/ic_login.svg
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5915a8ebac160e3953e4467dedec30b8
df20474ef16fc034e7c9bf27bb1bff222d106032
fec09101a2dbd6d4956c64c59f4898b448ec8dc884cbc01976ce6e6fa6eeb118
GET /design/ic_login.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 8722
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;7619-24-38667----0-0-0
X-Firefox-Spdy: h2
hh2.hh-content.com/design/ic_legal.svg
104.152.112.105200 OK 2.3 kB URL HTTP/2 hh2.hh-content.com/design/ic_legal.svg
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash e12db90b345490737b33530778cf44ee
e873e0209b1a08f5d87dd0534d6fd3311c9f766f
b8f586101e80adb692675c6b21adaad397a7ba1033d45d61d2f0189b78c6cb91
GET /design/ic_legal.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 2320
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-7901-h-0-0---;7619-24-38667----0-0-0
X-Firefox-Spdy: h2
hh2.hh-content.com/quest/ic_eyeclosed.svg
104.152.112.105200 OK 1.4 kB URL HTTP/2 hh2.hh-content.com/quest/ic_eyeclosed.svg
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ee4ad4b4410fcc5898cab08a69780cd6
a8ed6e8ef5b181c240270cbcc7aa155405eb3003
1221af76045abbae2c6505da09d58cdee9ece408c45c084198f4b6646e60cb84
GET /quest/ic_eyeclosed.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 1424
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-28237-h-0-0---;7619-24-38667----0-0-0
X-Firefox-Spdy: h2
hh2.hh-content.com/quest/ic_eyeopen.svg
104.152.112.105200 OK 1.1 kB URL HTTP/2 hh2.hh-content.com/quest/ic_eyeopen.svg
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d024138a612c10f6f1f53a59ee5e3dd2
eeaf38bfbcc7b8eb245647db978e61db286bcc30
54dc51810c4190a40a490c712bc60a7a2764e6213f8c1b7230836d83de5de996
GET /quest/ic_eyeopen.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 1142
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7846-0-3620-h-0-0---;7619-24-38667----0-1-0
X-Firefox-Spdy: h2
fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22144, version 1.0\012- data
Hash f3ad3b3081bb38a18628d88ddf39b8b6
befa33190a885871d06ebf259dc12d0d325fd74c
252063af6ade8b9a744cde4ddad0fc21ea53b8ba711eed121a0c2e8610ea9c93
GET /s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:44:16 GMT
expires: Sun, 03 Dec 2023 14:44:16 GMT
cache-control: public, max-age=31536000
age: 114019
last-modified: Tue, 26 Apr 2022 15:48:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hh2.hh-content.com/design/ic_fullscreen.svg
104.152.112.105200 OK 9.1 kB URL HTTP/2 hh2.hh-content.com/design/ic_fullscreen.svg
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0831c44a1a21d67c02ef25bc69e5b889
b160e53081718dfbde5d57fc71d3d09e7d263eac
ceb0ca832f16fdb1647cbf5d34d6c095dd6ad6b8b842dc2cf7317f15dcbe2f76
GET /design/ic_fullscreen.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 9108
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2
hh2.hh-content.com/design/menu/sound_on.svg
104.152.112.105200 OK 2.3 kB URL HTTP/2 hh2.hh-content.com/design/menu/sound_on.svg
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c89b911deef6444f334ee6bec8b70bae
8e9121d4a8eb7cac274a7cc6b9665531d908e604
7c114f2ad2ce1fb762d9a537d35c75de9901a6885e00a77aa1b9486dd8169c8f
GET /design/menu/sound_on.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 2269
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-43335-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2
hh2.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png
104.152.112.105200 OK 500 B URL HTTP/2 hh2.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 0be950aa354017dc58d2523c5d7bb687
d0fc1a220cdc3975fa92ac6f5f7b118048c54902
10bc9639649542c420fdec036e7aceedb3b16a0081c33fc97125c07b90f2b6b8
GET /design/quest_fullscreen/quest_exit_fullscreen.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 500
last-modified: Fri, 23 Sep 2022 06:45:28 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2
hh2.hh-content.com/pictures/design/form/ic_XP.png
104.152.112.105200 OK 4.4 kB URL HTTP/2 hh2.hh-content.com/pictures/design/form/ic_XP.png
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 5a8d57bde80c34a9a0f49ae67eeba882
e7112c1c1ba4b0013ae4089568ba14390a304bbf
645ef1f9c9ef97db46d9ff931b84312e6853df6c6a5e5406677b370d391aa8ad
GET /pictures/design/form/ic_XP.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 4352
last-modified: Tue, 29 May 2018 11:40:00 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4184-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2
hh2.hh-content.com/pictures/design/ic_soft_currency.png
104.152.112.105200 OK 4.8 kB URL HTTP/2 hh2.hh-content.com/pictures/design/ic_soft_currency.png
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 628032e842e346860ba4132a5b66fe93
d441605bb3c43621520525758d75b9c9bc99831a
1fbde569f6ce61dc1302f088318f2d1acdc24b85475e998bda540fc131c4f04a
GET /pictures/design/ic_soft_currency.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 4783
last-modified: Wed, 13 Mar 2019 16:03:42 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4182-h-0-0---;7619-27-38667----0-0-0
X-Firefox-Spdy: h2
www.hentaiheroes.com/ajax.php
94.75.250.120200 OK 16 B URL HTTP/2 www.hentaiheroes.com/ajax.php
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /ajax.php HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 60
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-length: 16
content-type: application/json; charset=utf-8
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d01b051d95bfdeede5a54d888c61893a
ddfe4dd98bb77188751de40191712bed122509a5
db7c0f80f756aea3126fb8b72edb272f312a1866744becbb8e313102d3c6ccbf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB7C0F80F756AEA3126FB8B72EDB272F312A1866744BECBB8E313102D3C6CCBF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9333
Expires: Mon, 05 Dec 2022 01:00:08 GMT
Date: Sun, 04 Dec 2022 22:24:35 GMT
Connection: keep-alive
use.typekit.net/lfu1uah.css
95.101.11.120200 OK 827 B URL HTTP/2 use.typekit.net/lfu1uah.css
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 23cb3bd0e9baa58586be8877ed1fa4cf
4ba80bb386eced49c48a45d0f1760810178e4fbe
9170aa9c3289e5e5d09f40bc0941d772e3d4cde22e5f145eafdfa7b68118ad69
GET /lfu1uah.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 827
date: Sun, 04 Dec 2022 22:24:35 GMT
X-Firefox-Spdy: h2
hh2.hh-content.com/pictures/audio/bg_music_2.ogg
104.152.112.105206 Partial Content 215 kB URL HTTP/2 hh2.hh-content.com/pictures/audio/bg_music_2.ogg
IP 104.152.112.105:0
ASN #11019 HAPROXY-TECHNOLOGIES
File type Ogg data, Vorbis audio, stereo, 44100 Hz, ~48000 bps\012- data
Size 215 kB (214585 bytes)
Hash bc07da9c6394b98918cd179c9d3b707b
375a0c2c2cd0e4a718812e6c2ebb84e1988547b2
852fcd6ca95f05bb06f174f2d823898b471c535682bb773ab485158557ed01ea
GET /pictures/audio/bg_music_2.ogg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: audio/ogg
content-length: 1833608
last-modified: Mon, 22 Feb 2021 09:58:57 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
content-range: bytes 0-1833607/1833608
x-cdn-diag: ams5-7846-0-3620-h-0-0---;7619-30-38667----0-0-1
X-Firefox-Spdy: h2
eggs-content.kinkoid.com/authentication/show.svg
94.75.250.120200 OK 510 B URL HTTP/2 eggs-content.kinkoid.com/authentication/show.svg
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (510), with no line terminators
Hash aae407daa4dba9e5d6b2ddf37a0f1b41
fa37c7736d6c33b9e62349cc65d0252bc715cb47
84bc80996a1db1c515d60d9fb037042d6220adc9b5be3bf279b06013fc9d6aa2
GET /authentication/show.svg HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 510
last-modified: Tue, 14 Jul 2020 06:31:15 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
eggs-content.kinkoid.com/authentication/hide.svg
94.75.250.120200 OK 748 B URL HTTP/2 eggs-content.kinkoid.com/authentication/hide.svg
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (748), with no line terminators
Hash cad59edc70e2ae6387ab04e4f961528f
c7bb66aa521e859f4d8a35b6b8da847862e24413
51bdb6a686feff9b34838a4e975c4ed30fb665543036b1f8adc6036be0764192
GET /authentication/hide.svg HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/svg+xml
content-length: 748
last-modified: Tue, 14 Jul 2020 06:31:25 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hentaiheroes.com/css/default.css?v=66997038
94.75.250.120200 OK 405 kB URL HTTP/2 www.hentaiheroes.com/css/default.css?v=66997038
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
Size 405 kB (404580 bytes)
Hash bf96baa0eca9cf3f8f5866e79a1b70e3
638553eba039ca7410f54bc750218463c65ef87d
28c8867dd587fc412dc18a0a77a9fb52a4460d13fcf5ccf7e4e8046e99aeec86
GET /css/default.css?v=66997038 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:39:45 GMT
etag: "1a002d-5eed4479c4c5e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2
eggs-content.kinkoid.com/authentication/hentai/logo.png
94.75.250.120200 OK 3.4 kB URL HTTP/2 eggs-content.kinkoid.com/authentication/hentai/logo.png
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 270 x 123, 8-bit colormap, non-interlaced\012- data
Hash 646617323d6d9e7cc959c516687af6d2
692b46ea8a5edbe527788e6b4e497363699cad5d
c95f6a0e76f202044aaf647ad9894d5822b322adf586f3b656c99aabcab6ee4e
GET /authentication/hentai/logo.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 3379
last-modified: Tue, 14 Jul 2020 06:31:34 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
eggs-content.kinkoid.com/authentication/hentai/authenticate.png
94.75.250.120200 OK 376 kB URL HTTP/2 eggs-content.kinkoid.com/authentication/hentai/authenticate.png
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size 376 kB (375725 bytes)
Hash aab6e513d0b432bdcf6dad47cd4bc8ed
fddf92ae7fc344fb7840184cd4f754b41a6adf6c
b6880722169342e566a36393a92ceefac70f35020bb5193f9872e1e0dd8a905b
GET /authentication/hentai/authenticate.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 375725
last-modified: Tue, 14 Jul 2020 04:40:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
eggs-content.kinkoid.com/authentication/hentai/register.png
94.75.250.120200 OK 657 kB URL HTTP/2 eggs-content.kinkoid.com/authentication/hentai/register.png
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size 657 kB (657088 bytes)
Hash 94e78471d96928c94b8a02a81744ac8d
eed3da5bce576f851fdc86811a9c02f68757ae87
9df1ddbf2d792fc3c08ab0313cb55f85d9206d897e0030d39f1ab5dcb2fa8fb6
GET /authentication/hentai/register.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 04 Dec 2022 22:24:35 GMT
content-type: image/png
content-length: 657088
last-modified: Tue, 14 Jul 2020 04:40:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css
95.101.11.112200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css
IP 95.101.11.112:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
date: Sun, 04 Dec 2022 22:24:36 GMT
X-Firefox-Spdy: h2
www.hentaiheroes.com/js/default.js?v=66997040
94.75.250.120200 OK 0 B URL HTTP/2 www.hentaiheroes.com/js/default.js?v=66997040
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /js/default.js?v=66997040 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 08:40:04 GMT
etag: "1ca4c8-5eed448b82c1c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
www.hentaiheroes.com/phoenix-tr_labels-en-1412.js
94.75.250.120200 OK 0 B URL HTTP/2 www.hentaiheroes.com/phoenix-tr_labels-en-1412.js
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /phoenix-tr_labels-en-1412.js HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=i7090rd36m3df1i5tarah0oqst; lang=en; ref_id=1962391; tc1=wv19998pve6lsmuk2hcfg3i2; tc2=Adsterra-David; tc3=NO; tc5=16694713; source=96bfc843-3d0a-43e6-983d-914746b3a7f8; campaign=693838; HAPBK=web10|Y40eJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:24:35 GMT
server: Apache
content-encoding: gzip
cache-control: private, max-age=604800, pre-check=604800
pragma: private
expires: Thu, 08 Jan 70 01:00:00 +0100
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8;
X-Firefox-Spdy: h2
eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate
94.75.250.120200 OK 0 B URL HTTP/2 eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate
IP 94.75.250.120:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /authentication/start_authentication?product_id=1&language=en&purpose=authenticate HTTP/1.1
Host: eggs-ext.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST, GET
access-control-max-age: 2592000
access-control-allow-headers: protocol
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 22:24:35 GMT
X-Firefox-Spdy: h2