imhentai.xxx/gallery/599998/
104.26.12.229301 Moved Permanently 0 B URL HTTP/1.1 imhentai.xxx/gallery/599998/
IP 104.26.12.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata high ET POLICY request to .xxx TLD
GET /gallery/599998/ HTTP/1.1
Host: imhentai.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 21:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 Feb 2023 22:14:58 GMT
Location: https://imhentai.xxx/gallery/599998/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1GAV9QVN2zgddFu%2BDtDpm0K%2FvXfoyx6%2BHGtEGoC0pk0fse%2BIPDBlwEfpR31SZ0LBdC5fr7sCEW5ksBwueIbjz11Cfu1JoKFf9XljX7Z5XdKRGrplw%2Fcb%2BNejTFU9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796760c1db730b41-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4355
Expires: Wed, 08 Feb 2023 22:27:33 GMT
Date: Wed, 08 Feb 2023 21:14:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3713
Expires: Wed, 08 Feb 2023 22:16:51 GMT
Date: Wed, 08 Feb 2023 21:14:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 20:34:13 GMT
content-type: application/json
age: 2445
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16870
Expires: Thu, 09 Feb 2023 01:56:08 GMT
Date: Wed, 08 Feb 2023 21:14:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 240fb124905b0a28b1d85b8cabedf04d
20b6d1b8fc7286749217064be1d6f60e3e30a7b5
db9db6a6ea06c2e6d146d2974637f219ca6150b323e27dae02c791eee50bb772
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4523
Cache-Control: max-age=106301
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:58 GMT
Etag: "63e2fb64-117"
Expires: Fri, 10 Feb 2023 02:46:39 GMT
Last-Modified: Wed, 08 Feb 2023 01:31:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: F4HR18WHqwAwvBoCBF1IjBfS6jFIMXt0VwQRImAowIr5VqLjNUGD7hUL/GTCB8LeGaoKR09zc+8=
x-amz-request-id: 5WRYAPPM7NWFQHWH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 20:46:06 GMT
age: 1732
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:14:58 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 240fb124905b0a28b1d85b8cabedf04d
20b6d1b8fc7286749217064be1d6f60e3e30a7b5
db9db6a6ea06c2e6d146d2974637f219ca6150b323e27dae02c791eee50bb772
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4524
Cache-Control: max-age=106301
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Etag: "63e2fb64-117"
Expires: Fri, 10 Feb 2023 02:46:40 GMT
Last-Modified: Wed, 08 Feb 2023 01:31:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4201
Expires: Wed, 08 Feb 2023 22:25:00 GMT
Date: Wed, 08 Feb 2023 21:14:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 21:14:52 GMT
age: 7
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5c88d3bea11b5e4ab55139b12afd6481
e6f6a45f9cad1fe06edbc5371887199387f51b5f
897d20199934381ef24f0c9c9d1738f5cc504b0ccd5d16005eeb8837955d3ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4076
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Last-Modified: Wed, 08 Feb 2023 20:07:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 4.0 kB IP 93.184.220.29:0
File type PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash f4003f4c9ad62124956644de06401f6b
dcbb55562391040e663e1f581c753f232a57a4fd
4869f8096575c8ecedb0137f233f4fedaef0d23f93350939f6f97d7e8b4ad9ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4076
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Last-Modified: Wed, 08 Feb 2023 20:07:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 206 kB IP 93.184.220.29:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 206 kB (205825 bytes)
Hash e5b8577bd81f7a215e9975c85cb42a74
2899cf3b2a9f0a5414d9ecf7e774a13c8ff26a37
cd963911553c69f4206edbdd4a63aa19971e0f7961db7b3d49e1a0e32558e43e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4076
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Last-Modified: Wed, 08 Feb 2023 20:07:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.70.68.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.68.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r3Tjx+eUILY8VPEhadIRKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oh+Vz0u4VXpQDsTUZIgS1cTbDZQ=
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/ui/1.12.1/jquery-ui.min.js
69.16.175.10200 OK 68 kB URL HTTP/2 code.jquery.com/ui/1.12.1/jquery-ui.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32073)
Hash f0bace743f1df1ed27e2fe6611e39946
e5f42b8d964a6bf9962b8a5e68a2b7cdeb9e59e2
ff0566efdda39b480ab9871deddb3358906449518c2db3c105aa0b461c3c742d
GET /ui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:14:59 GMT
content-encoding: gzip
content-length: 67751
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-3dee4"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675890899.dop014.sk1.t,1675890899.cds237.sk1.hn,1675890899.cds227.sk1.c
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
216.58.207.234200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:18:19 GMT
expires: Tue, 06 Feb 2024 17:18:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 187000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-8082650-48
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-8082650-48
IP 172.217.21.168:0
File type ASCII text, with very long lines (1759)
Hash 119671a7b9fc37d7b0bc2fc9ddef21fa
d0436522235bbb0878d04545b1b1ceafe344ecce
1cbf7f4e5e222f0bb25348ce1e169c85f06eb14e9a7eb58bfa4cce5dc9a6a226
GET /gtag/js?id=UA-8082650-48 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 21:14:59 GMT
expires: Wed, 08 Feb 2023 21:14:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43989
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Hash 0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://imhentai.xxx
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 14:19:26 GMT
expires: Wed, 07 Feb 2024 14:19:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
age: 111333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Hash ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://imhentai.xxx
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 06:21:50 GMT
expires: Wed, 07 Feb 2024 06:21:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
age: 139989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
142.250.74.164200 OK 1.6 kB URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
Hash 1bd97526205ae78a32e467f9eed3bc23
43ba554f37c19a58f3f242ea2a9ba715246585b4
18fb286cd06dc7b6a273eb160b4ca4f434c3d47b4a848222b9bd2b7c40739d77
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 08 Feb 2023 21:14:59 GMT
date: Wed, 08 Feb 2023 21:14:59 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 22 kB IP 142.250.74.163:0
File type PNG image data, 50 x 50, 8-bit gray+alpha, non-interlaced\012- data
Hash 03b7e60a6c2ba1e74a53207738f7be7b
524c36741eff2ae2ffa21f7910567d2fb6f345f8
0cd5d23622e7f80f3ff681a03d9adb193b3ebdf53b00561f517f1e1b724920f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 2.6 kB IP 142.250.74.163:0
Hash 1020a8bc5f5ff7ebaf039824697a3901
2a34db4cc73c4313b3d5b8a57de3721b8639a266
34b4677489b12a0addfe8a2ec495a2955be75aff22236d7ff790cc37f365027b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Noto+Sans:400,700
142.250.74.74200 OK 165 kB URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans:400,700
IP 142.250.74.74:0
Size 165 kB (165026 bytes)
Hash 2e5433e21c128f4b69914bf7e2793873
82370f86970cdbec7128872909fd1680b364a54d
d725683148b017d815f6b0b0b9ef5dd5be6f3c091a703454b680d2f7f8987ac5
GET /css?family=Noto+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 21:14:59 GMT
date: Wed, 08 Feb 2023 21:14:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ae2ab5be4bee22f924a96868291fa01e
de3d3f0b3eaa9db2cb80dc8f184aa49d3ccd3fcc
45a8aa13875f0aff1b1fcd5af2b4e9d754854fe1a38663b8671f5068aa639b8c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4527
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:14:59 GMT
Etag: "63e303b8-116"
Last-Modified: Wed, 08 Feb 2023 19:59:32 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 278
go.hentaigold.net/id/45/
188.114.97.1200 OK 9.1 kB IP 188.114.97.1:0
File type ASCII text, with very long lines (17582), with no line terminators
Hash 054bd23b20c87f4c4731717e6a90b1c7
60d723e49854595be1d718b4a4df479f265b9cb2
a28878d6627d92f26ce038cbc309d8dae50f532bceab34c12b89635ab9ff5fa9
GET /id/45/ HTTP/1.1
Host: go.hentaigold.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:14:59 GMT
content-type: text/plain;charset=UTF-8
x-powered-by: PHP/7.1.33
set-cookie: sp_356=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
sp_356=1; expires=Thu, 09-Feb-2023 21:14:59 GMT; Max-Age=86400; path=/; secure
cache-control: public, max-age=0
expires: Wed, 08 Feb 2023 21:14:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90lUVviU8cl%2FxkhZKnxkqWvVuYT1XVEHu9jyyR%2FfJ%2F28C8IpuFWTov1y7iv%2F9yAl5JWaxVySIyyVa6kLWewE0ASDdC4gnEGnExnsuzxtZ3pKMKYrTHSYe7NfxnCtqry1q6ewEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796760cc38fdb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
104.18.10.207200 OK 22 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (65371)
Hash 7787d6395b815534d3ab269de34bfd5f
01efaad383ea75c6a091ba9dbc8f772222d07de6
f80e512049525b2197c867673e728abfdf9859fb6b8c13a8eb717b7d8ae07705
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:14:59 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 24001236
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 796760c8ba23b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
el.trochaboozing.com/tTyhqosCUy5/52728
172.255.6.139200 OK 25 B URL HTTP/1.1 el.trochaboozing.com/tTyhqosCUy5/52728
IP 172.255.6.139:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tTyhqosCUy5/52728 HTTP/1.1
Host: el.trochaboozing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 21:15:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://imhentai.xxx
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Thu, 09-Feb-2023 21:15:00 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Thu, 09-Feb-2023 21:15:00 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
a.realsrv.com/video-slider.js
185.76.9.18200 OK 16 kB URL HTTP/2 a.realsrv.com/video-slider.js
IP 185.76.9.18:0
ASN #60068 Datacamp Limited
Hash 3a9bd78fc27cef23587aac77bb467bb3
50d3d717247a8e3bdab145010a1e3e14e681a40f
72f4d10605096ca1a97c691d427c72159b6e549d36b367dd8ae55ee5855b3552
GET /video-slider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:15:00 GMT
content-type: application/javascript
etag: W/"d47440cec8a01b26fa25d1d4c51"
expires: Wed, 08 Feb 2023 19:23:05 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1675895058
server: CDN77-Turbo
x-77-nzt: AblMCQ2aML//8hkAAA
x-77-nzt-ray: c0a4cc2809c12982d410e463a8b78414
x-cache: HIT
x-age: 6642
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a77924333faf583901b105005d00c0d1
ad357fab1697697cba7308514e76cf8ceaf2dd86
983e6f65c4b4711af2d367e9ba4521df56f4fc07bbd7b0a4ebfab8d9274557fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3674
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:15:00 GMT
Last-Modified: Wed, 08 Feb 2023 20:13:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
go.xlivrdr.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOprsqrutdVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6V3f_W4DZ9xqUpznSuldK6V0rpXSuldK4Ps-&sourceId=4675698&p1=4581534&skipOffset=00:00:05
104.18.59.150302 Found 0 B URL HTTP/2 go.xlivrdr.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOprsqrutdVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6V3f_W4DZ9xqUpznSuldK6V0rpXSuldK4Ps-&sourceId=4675698&p1=4581534&skipOffset=00:00:05
IP 104.18.59.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOprsqrutdVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6V3f_W4DZ9xqUpznSuldK6V0rpXSuldK4Ps-&sourceId=4675698&p1=4581534&skipOffset=00:00:05 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imhentai.xxx
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 21:15:00 GMT
content-length: 0
location: https://go.xlivrdr.com/api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397613&masterSmartpopId=2683&memberId=ooc4ASOprsqrutdVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6V3f_W4DZ9xqUpznSuldK6V0rpXSuldK4Ps-&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=4675698&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30208&videosList=oil-show11
access-control-allow-origin: https://imhentai.xxx
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=7868025.30208; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCeScBLPeXxw9eeb9YoxjksGh8zY4; SameSite=None; Secure; path=/; expires=Thu, 09-Feb-23 20:15:00 GMT; HttpOnly
server: cloudflare
cf-ray: 796760d07daa0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a77924333faf583901b105005d00c0d1
ad357fab1697697cba7308514e76cf8ceaf2dd86
983e6f65c4b4711af2d367e9ba4521df56f4fc07bbd7b0a4ebfab8d9274557fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3674
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:15:00 GMT
Last-Modified: Wed, 08 Feb 2023 20:13:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
IP 142.250.74.163:0
Hash a1c41b6480e25a6e7696bdf77d62a010
31c837ad49e101f72be7e3bf59b681437e74ceda
0a047b2f18afc3b590c695085c957a59c8da8d0455f6f057c5d5712cf0983ee7
POST /s/gts1p5/97q-VzuQ-Mw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:15:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d52a3514189d091236692d2e22966d67
efb31cd86a76f4ddca3306266db80aa1a2879d34
d1edc6919681b37e93ceb87190df8bf93710b33c781fd2ef7689145ef2f39ef4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:15:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 03:56:19 GMT
Expires: Wed, 15 Feb 2023 03:56:18 GMT
Etag: "efb31cd86a76f4ddca3306266db80aa1a2879d34"
Cache-Control: max-age=541877,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796760d14ee01c02-OSL
lcdn.tsyndicate.com/sdk/v1/b.b.js
8.247.218.249200 OK 2.8 kB URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP 8.247.218.249:0
File type ASCII text, with very long lines (2590)
Hash 01c3ce239d639853ba1e41661c115938
704741ca41e890a26eef6190c2d61131ff294f56
9aabcddb7b91826c4b8bf721d77fa448ceba501616a38c6fe0d6c4f11091ed47
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=9b6c586d-c9f3-44bf-b95d-658ec6bb8f41; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PYuFEjx40bM2DA6NJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:15:00 GMT
content-type: application/javascript
content-length: 2808
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 29156637
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Feb 2023 19:44:05 GMT
expires: Wed, 08 Feb 2023 21:44:05 GMT
cache-control: public, max-age=7200
age: 5455
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
go.xlivrdr.com/api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397613&masterSmartpopId=2683&memberId=ooc4ASOprsqrutdVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6V3f_W4DZ9xqUpznSuldK6V0rpXSuldK4Ps-&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=4675698&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30208&videosList=oil-show11
104.18.59.150200 OK 36 kB URL HTTP/2 go.xlivrdr.com/api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397613&masterSmartpopId=2683&memberId=ooc4ASOprsqrutdVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6V3f_W4DZ9xqUpznSuldK6V0rpXSuldK4Ps-&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=4675698&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30208&videosList=oil-show11
IP 104.18.59.150:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (2066), with no line terminators
Hash 2c14aeb2e9218f8616c4cdf8a09a167e
5a8669dd8a8dc3c6fb264ea2c21b07ad0a0f832a
3ceaf80c97878485722f84c418e20a58ce4df802dca13f38f319598cabdd97ff
GET /api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397613&masterSmartpopId=2683&memberId=ooc4ASOprsqrutdVdTdRZXO6VzpppXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6V3f_W4DZ9xqUpznSuldK6V0rpXSuldK4Ps-&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=4675698&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30208&videosList=oil-show11 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imhentai.xxx
Referer: https://imhentai.xxx/
Connection: keep-alive
Cookie: __cflb=02DiuDfsBaY2bRYJiCeScBLPeXxw9eeb9YoxjksGh8zY4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:15:00 GMT
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://imhentai.xxx
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796760d0bddf0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=425350982&t=pageview&_s=1&dl=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&ul=en-us&de=UTF-8&dt=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=86807442&gjid=1347247128&cid=1360559965.1675890957&tid=UA-8082650-48&_gid=1119486179.1675890957&_r=1>m=457e3260&z=572858540
142.250.74.110200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=425350982&t=pageview&_s=1&dl=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&ul=en-us&de=UTF-8&dt=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=86807442&gjid=1347247128&cid=1360559965.1675890957&tid=UA-8082650-48&_gid=1119486179.1675890957&_r=1>m=457e3260&z=572858540
IP 142.250.74.110:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j99&a=425350982&t=pageview&_s=1&dl=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&ul=en-us&de=UTF-8&dt=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=86807442&gjid=1347247128&cid=1360559965.1675890957&tid=UA-8082650-48&_gid=1119486179.1675890957&_r=1>m=457e3260&z=572858540 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://imhentai.xxx
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://imhentai.xxx
date: Wed, 08 Feb 2023 21:15:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:15:00 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10773314
X-HW: 1675890900.dop208.sk1.t,1675890900.cds023.sk1.shn,1675890900.cds023.sk1.c
Access-Control-Allow-Origin: *
tsyndicate.com/iframes2/262c10ecfcb34caf98268f7695133b43.html?
46.4.114.55200 OK 3.0 kB URL HTTP/2 tsyndicate.com/iframes2/262c10ecfcb34caf98268f7695133b43.html?
IP 46.4.114.55:0
ASN #24940 Hetzner Online GmbH
Hash 371d92cf9db0c814ee9f2bd3dce4ac51
9cdc124d7c6c2f11791c3dc8b0947d631ba85043
76d85a94ffa643a669c589ba2ffcb70d4d3e8de093216098fa9cf32633b6d487
GET /iframes2/262c10ecfcb34caf98268f7695133b43.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:15:00 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 262cd131331bb4c1
set-cookie: ts_uid=9b6c586d-c9f3-44bf-b95d-658ec6bb8f41; expires=Tue, 08 Aug 2023 21:15:00 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PYuFEjx40bM2DA6NJH; expires=Thu, 09 Feb 2023 21:15:00 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6281
Expires: Wed, 08 Feb 2023 22:59:42 GMT
Date: Wed, 08 Feb 2023 21:15:01 GMT
Connection: keep-alive
a.adtng.com/get/10010248?time=1592494928726&atc=425995&apb=OVxWnitt5m-n5WRbz-dq-vCpfG-2puvE0RyiJv87OzqPNy4UoiBabORM6rG0B-ZqEPGoawsV604E-enKpCEnF-fEha0eeNElo6TXYpM2SepuaAceISuL_gUIDRUi
66.254.114.171200 OK 9.4 kB URL HTTP/2 a.adtng.com/get/10010248?time=1592494928726&atc=425995&apb=OVxWnitt5m-n5WRbz-dq-vCpfG-2puvE0RyiJv87OzqPNy4UoiBabORM6rG0B-ZqEPGoawsV604E-enKpCEnF-fEha0eeNElo6TXYpM2SepuaAceISuL_gUIDRUi
IP 66.254.114.171:0
Hash 3b3eb6ac5058abd5d233890cde8c1027
ca50137da7d917b1dcb8bdf063088ada3603fa2d
728be34167785f59295aff572b44768871bb91adb1decc7f5fc22251e422e8ae
GET /get/10010248?time=1592494928726&atc=425995&apb=OVxWnitt5m-n5WRbz-dq-vCpfG-2puvE0RyiJv87OzqPNy4UoiBabORM6rG0B-ZqEPGoawsV604E-enKpCEnF-fEha0eeNElo6TXYpM2SepuaAceISuL_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 08 Feb 2023 21:15:00 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KEmPkENSfrS7SDyJnAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7041; path=/; HttpOnly; Secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63E410D4-42FE72AB01BB8FDD-8F5A8D3
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6281
Expires: Wed, 08 Feb 2023 22:59:42 GMT
Date: Wed, 08 Feb 2023 21:15:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6281
Expires: Wed, 08 Feb 2023 22:59:42 GMT
Date: Wed, 08 Feb 2023 21:15:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de2fe3c9a2b091689a7213c4f781446
385fa88a857ba301f37ab56d72d11fb49abd8c6b
b64b11a68493fa304aa6102bf9b9ff11fab5e1536ecf768e4b0fa51470ae2293
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13714
x-amzn-requestid: 8f776dba-4e5d-46e5-a3ac-459d86852375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PFjGNHIAMFrMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c556-74429dc755cc37672c68b58b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KYWj40o5goODdNjGr_Evrb_bfXcxtJRIyGvs7ViEWlELAyJt0-ZzMw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 84047
etag: "385fa88a857ba301f37ab56d72d11fb49abd8c6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 544181f4aba24fc687a14522dd20f720
2b117270563b8c466ec774acce55271c38f6135b
607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dSxTM3mmYK8cLOy5_x4o-lew1goEgwT4fBHi0pM-HSK_qBC6rDAlzg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:47:57 GMT
age: 55624
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18a84ae645223aba0709b5e16c0207f7
0b865e797846520ccc6fff6fb2ee38d8836bd2c0
b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: d5d8fdde-048f-4705-9fa4-99fd7d29d804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f582DETSIAMFmEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a826-52a3b175584df1914260c8ae;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wUaruDuqNDIlR6CWz9G7DAofcvS7UNmtPM7C2ve-RRbp57J43rWPxQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 07:27:43 GMT
age: 49638
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=e1ezagi0ka&t=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai&c=s&x=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&y=&a=0&d=1.376&v=27&r=9669
172.67.8.141200 OK 6.1 kB URL HTTP/2 whos.amung.us/pingjs/?k=e1ezagi0ka&t=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai&c=s&x=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&y=&a=0&d=1.376&v=27&r=9669
IP 172.67.8.141:0
Hash a0f0ccc8807a41cd9a9f763d3640d8e8
54aaeb5880b2876973f88b7fd231870fad44a285
f51e23fa2c14a88d1fc6c0981bca62474b8b13aa4afedf84d3733b07143c2e5d
GET /pingjs/?k=e1ezagi0ka&t=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai&c=s&x=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&y=&a=0&d=1.376&v=27&r=9669 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:15:01 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796760d34893b50f-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d2eccb9280b851aa1725df5681f6bbd
b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5
c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pNBF_lBtNmvVWQAnBxCp0e03pdV_rbGOf9V1UvqeRO2vcZR3_lSE2w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:21 GMT
age: 83980
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2bf626b824fefec1ecaceb9243f2e5ec
f222976d76d889a0cd767bfd73075ee114c531ce
3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECAdRS7as57pL15HxK4Ep0YOho8Kba8RFhMVnXGdJuKYItQHNf2yHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 84047
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:15:01 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10624026
X-HW: 1675890901.dop020.sk1.t,1675890901.cds255.sk1.shn,1675890901.dop020.sk1.t,1675890901.cds225.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/1/49/814444/1030998/1030998_logo.png
205.185.208.20200 OK 60 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/1/49/814444/1030998/1030998_logo.png
IP 205.185.208.20:0
File type PNG image data, 900 x 250, 8-bit colormap, non-interlaced\012- data
Hash 798caea0d314426d40fd500d8b96732f
7557efc84bcc649381c8118eb37e4243fe52df0e
0898893d60e07543ca69ed24331f3558234250d3bcdeb78d762959683c46754c
GET /a7/creatives/1/49/814444/1030998/1030998_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:15:01 GMT
Connection: Keep-Alive
ETag: "1651856942"
Content-Length: 59993
Content-Type: image/png
Last-Modified: Fri, 06 May 2022 17:09:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10433367
X-HW: 1675890901.dop067.sk1.t,1675890901.cds066.sk1.shn,1675890901.dop067.sk1.t,1675890901.cds210.sk1.c
Access-Control-Allow-Origin: *
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XkMGODTI4ZOGa0KGMDhowWNMiYidEixxgYNVrciDGG4wwbMmzkyEFGxMMwdcZkpFHDDA0ZMMKYacGRxhiUZmaUaSGGxo2lOHLUCMMVh1EyY3r-JGNnoU6cD-HUEUPxKA0aP-HAoQjjhg0bD-fAmahjRg6rMGjAeDimzVwdR2vsdAhR5UIZOB6KcePmMQ4YMXDUYNzGDUYdMm7czJG28-cYOWDcfFgnRkY0dOjAmaPjxYswLgzS8exizJs2L86UofMiBgzMJmng-EEnTZsyPRrmkEHj73QcN3JyqXM8Zxg6Y3okXry9u40wcMT0EPNkjRkpYoqYyRPnxhw5buCcySNECR4qcZShBhNLtIADG1bUcEYRc9ihRxxrCPGEGFk4AQMdR5QBgx5F1IGFFUTslYMYQWBhRhxEPBHHFGLAAIUdY9jxRR1CmFQEEmSksQQVaOgxgx53DKEGDjQFEQQMRyTxURE0zMBEFFgwQcUbQ9gRRhJPzBHDF2dUkQQRUlSRhk8iwNEGRQ-9YSaaIpDxW0bOEeQGHWGk4QIeeJI5xncLbREDXjPE0EVacgilAwwuHFeRCGKYsRCimBFm5hdwFPpoot3dEJkIcthxGFIPlTHGmodiqppVrNUxpg4aiWHDGDXg0FELY2wk0luNUqUVGS3YEKuoNoghhlc0uPZQGodpFIMLqblwlAsN0UCmHF8gm1EOyzb7bLRk1hFGRk28oUcabLARxgs1JAoCClek4Yabd8wBghNUgGBcojuA0K4bNtCQLx795tspQzAlmgIIGY6xxhsvIGUccjGAYEQacpRhxht4FFcwDHoaKoITT5D5BrVjeAwymWx4XIQTZB4kY8VsUFTDDZredNlgnJ5RGWix3vCQy1-IIcdCOGwKdBtv9ASarIuSIccbC82QpkKIEYpxHgvBxanFr8U2W20vxFnGnHXeiecLZN5XFqtP00nHyC3U4UYadLSAmQtkyNCyxwd9kTeZdJzJkA03xJpaajgHrvfghWcFA-KCbWrQFxXr9QWfjBv--HGhyhgGGwjRQfUWM9AwKERi8NWmxUCxMVFaKT9K2Gcw9KFAQA%3D%3D&s=0e90a6da7ba8fdafe90b756b27003554449a670d69b9d4fdd575894db62c78d21675890900&w=t&r=1&d=819&priv=false
148.251.120.78200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XkMGODTI4ZOGa0KGMDhowWNMiYidEixxgYNVrciDGG4wwbMmzkyEFGxMMwdcZkpFHDDA0ZMMKYacGRxhiUZmaUaSGGxo2lOHLUCMMVh1EyY3r-JGNnoU6cD-HUEUPxKA0aP-HAoQjjhg0bD-fAmahjRg6rMGjAeDimzVwdR2vsdAhR5UIZOB6KcePmMQ4YMXDUYNzGDUYdMm7czJG28-cYOWDcfFgnRkY0dOjAmaPjxYswLgzS8exizJs2L86UofMiBgzMJmng-EEnTZsyPRrmkEHj73QcN3JyqXM8Zxg6Y3okXry9u40wcMT0EPNkjRkpYoqYyRPnxhw5buCcySNECR4qcZShBhNLtIADG1bUcEYRc9ihRxxrCPGEGFk4AQMdR5QBgx5F1IGFFUTslYMYQWBhRhxEPBHHFGLAAIUdY9jxRR1CmFQEEmSksQQVaOgxgx53DKEGDjQFEQQMRyTxURE0zMBEFFgwQcUbQ9gRRhJPzBHDF2dUkQQRUlSRhk8iwNEGRQ-9YSaaIpDxW0bOEeQGHWGk4QIeeJI5xncLbREDXjPE0EVacgilAwwuHFeRCGKYsRCimBFm5hdwFPpoot3dEJkIcthxGFIPlTHGmodiqppVrNUxpg4aiWHDGDXg0FELY2wk0luNUqUVGS3YEKuoNoghhlc0uPZQGodpFIMLqblwlAsN0UCmHF8gm1EOyzb7bLRk1hFGRk28oUcabLARxgs1JAoCClek4Yabd8wBghNUgGBcojuA0K4bNtCQLx795tspQzAlmgIIGY6xxhsvIGUccjGAYEQacpRhxht4FFcwDHoaKoITT5D5BrVjeAwymWx4XIQTZB4kY8VsUFTDDZredNlgnJ5RGWix3vCQy1-IIcdCOGwKdBtv9ASarIuSIccbC82QpkKIEYpxHgvBxanFr8U2W20vxFnGnHXeiecLZN5XFqtP00nHyC3U4UYadLSAmQtkyNCyxwd9kTeZdJzJkA03xJpaajgHrvfghWcFA-KCbWrQFxXr9QWfjBv--HGhyhgGGwjRQfUWM9AwKERi8NWmxUCxMVFaKT9K2Gcw9KFAQA%3D%3D&s=0e90a6da7ba8fdafe90b756b27003554449a670d69b9d4fdd575894db62c78d21675890900&w=t&r=1&d=819&priv=false
IP 148.251.120.78:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XkMGODTI4ZOGa0KGMDhowWNMiYidEixxgYNVrciDGG4wwbMmzkyEFGxMMwdcZkpFHDDA0ZMMKYacGRxhiUZmaUaSGGxo2lOHLUCMMVh1EyY3r-JGNnoU6cD-HUEUPxKA0aP-HAoQjjhg0bD-fAmahjRg6rMGjAeDimzVwdR2vsdAhR5UIZOB6KcePmMQ4YMXDUYNzGDUYdMm7czJG28-cYOWDcfFgnRkY0dOjAmaPjxYswLgzS8exizJs2L86UofMiBgzMJmng-EEnTZsyPRrmkEHj73QcN3JyqXM8Zxg6Y3okXry9u40wcMT0EPNkjRkpYoqYyRPnxhw5buCcySNECR4qcZShBhNLtIADG1bUcEYRc9ihRxxrCPGEGFk4AQMdR5QBgx5F1IGFFUTslYMYQWBhRhxEPBHHFGLAAIUdY9jxRR1CmFQEEmSksQQVaOgxgx53DKEGDjQFEQQMRyTxURE0zMBEFFgwQcUbQ9gRRhJPzBHDF2dUkQQRUlSRhk8iwNEGRQ-9YSaaIpDxW0bOEeQGHWGk4QIeeJI5xncLbREDXjPE0EVacgilAwwuHFeRCGKYsRCimBFm5hdwFPpoot3dEJkIcthxGFIPlTHGmodiqppVrNUxpg4aiWHDGDXg0FELY2wk0luNUqUVGS3YEKuoNoghhlc0uPZQGodpFIMLqblwlAsN0UCmHF8gm1EOyzb7bLRk1hFGRk28oUcabLARxgs1JAoCClek4Yabd8wBghNUgGBcojuA0K4bNtCQLx795tspQzAlmgIIGY6xxhsvIGUccjGAYEQacpRhxht4FFcwDHoaKoITT5D5BrVjeAwymWx4XIQTZB4kY8VsUFTDDZredNlgnJ5RGWix3vCQy1-IIcdCOGwKdBtv9ASarIuSIccbC82QpkKIEYpxHgvBxanFr8U2W20vxFnGnHXeiecLZN5XFqtP00nHyC3U4UYadLSAmQtkyNCyxwd9kTeZdJzJkA03xJpaajgHrvfghWcFA-KCbWrQFxXr9QWfjBv--HGhyhgGGwjRQfUWM9AwKERi8NWmxUCxMVFaKT9K2Gcw9KFAQA%3D%3D&s=0e90a6da7ba8fdafe90b756b27003554449a670d69b9d4fdd575894db62c78d21675890900&w=t&r=1&d=819&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=9b6c586d-c9f3-44bf-b95d-658ec6bb8f41; bfq=APeIECNCxxYZOGDEwFGjRhcWIsYU3BLjoYgyE2PYuFEjx40bM2DA6NJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:15:01 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 31a51dfff45e63ba8909bda3a3f2ca53
429a7ea67f57ea2c49699e650a09e09c1f983950
dc62d165a95afb87c345affd01d2e6a18d9f85647892b90d94500cb333f76a1c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:15:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 11:33:42 GMT
Expires: Sun, 12 Feb 2023 11:33:41 GMT
Etag: "429a7ea67f57ea2c49699e650a09e09c1f983950"
Cache-Control: max-age=310118,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796760d49a681c02-OSL
ic.tynt.com/b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&t=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&t=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&t=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 08 Feb 2023 21:15:02 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!e1ezagi0ka&dn=TC&cc=1&r=&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F
67.202.105.31200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!e1ezagi0ka&dn=TC&cc=1&r=&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F
IP 67.202.105.31:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!e1ezagi0ka&dn=TC&cc=1&r=&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Thu, 09 Feb 2023 21:15:02 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Wed, 08 Feb 2023 21:15:01 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&t=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&t=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&t=Artist%20%E2%9D%A4%EF%B8%8F%E2%9D%A4%EF%B8%8F%20alexanderdinh%20-%20IMHentai HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 08 Feb 2023 21:15:02 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 08 Feb 2023 21:15:02 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 08 Feb 2023 21:15:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e1ezagi0ka&lm=0&ts=1675890958294&dn=TC&iso=0&pu=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 08 Feb 2023 21:15:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
go.hentaigold.net/id/56/
188.114.97.1200 OK 0 B IP 188.114.97.1:0
GET /id/56/ HTTP/1.1
Host: go.hentaigold.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:15:00 GMT
content-type: text/plain;charset=UTF-8
x-powered-by: PHP/7.1.33
set-cookie: sp_292=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
sp_292=1; expires=Thu, 09-Feb-2023 21:14:59 GMT; Max-Age=86400; path=/; secure
cache-control: public, max-age=0
expires: Wed, 08 Feb 2023 21:14:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FB1EiZfTPcgcQYjJx2rQ8XKKLvKao7K7LTSj7FTFaK%2BUwM9YJazJjHMW4qifypESl8bZJaRtwzXFN9FGdAlkhWiX%2BNSo%2BqXVJUOiXDm984rr4FneyRh8xpkGt1LSBDFHfdWANQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796760ccc9edb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:14:59 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 21337653
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 796760c8da82b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
waust.at/s.js
104.26.5.7200 OK 0 B IP 104.26.5.7:0
GET /s.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:14:59 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:44 GMT
etag: W/"63c04130-2170"
expires: Thu, 09 Feb 2023 20:54:15 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 1244
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RErUcmhB4BvHM7BtrXrx%2BXCYxr%2BZIoe014t9yWpduKqaj7NQQ11RCb96eARrxAFaCz7DXjNtv65IJENsA5aPUkT7goTMc6diZn9wkBlTzChTa6g08%2B1h%2BYpn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796760c9eddeb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&j=
141.101.120.11200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&j=
IP 141.101.120.11:0
GET /i/?l=https%3A%2F%2Fimhentai.xxx%2Fgallery%2F599998%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:15:00 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Wed, 08-Feb-2023 22:38:20 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Thu, 09-Feb-2023 01:15:00 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1675890900; Domain=dtscout.com; Expires=Fri, 19-May-2023 21:15:00 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.518
expires: Wed, 08 Feb 2023 21:14:59 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIUOZGQF6Iqo5LwgQXDqei8bg%2Bb84RjKAnEjBaZiMt0JWrvl87z94ztwJosIY35%2F3Pi%2FbSdMOAL0T1EpV96ZhJQ%2FfM9%2F2f7kGSY5l0D6d7D41%2FeE07cewUb6V4mP%2BWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796760d15ff495f7-ARN
content-encoding: br
X-Firefox-Spdy: h2
imhentai.xxx/gallery/599998/
172.67.71.114200 OK 0 B URL HTTP/2 imhentai.xxx/gallery/599998/
IP 172.67.71.114:0
NIDS Severity Alert suricata high ET POLICY request to .xxx TLD
GET /gallery/599998/ HTTP/1.1
Host: imhentai.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:14:59 GMT
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-railgun: direct (starting new WAN connection)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: PHPSESSID=pv6c1g8rt0psi2d864354icml2; path=/; secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xu%2Fqv3xvKtza%2B97HRTJRKzmZLe1J0JTjIjVGp3pyzeBX3Idk7Yv%2BUadPV4J3Q2SY42Emhgaqth1PVGSGYNDOlMZrZ%2BS3pFlrvXkqDtA6Ci432RFUTNznfG%2BkwqjnQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796760c4a8e0b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
172.64.151.83200 OK 0 B IP 172.64.151.83:0
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imhentai.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:15:02 GMT
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 20:39:00 GMT
vary: Accept-Encoding
etag: W/"63bdcce4-4571"
content-encoding: gzip
cf-cache-status: HIT
age: 230903
expires: Sat, 11 Feb 2023 21:15:02 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 796760dadbbf0b45-OSL
X-Firefox-Spdy: h2