Overview

URLtm-offers.gamingadult.com/?offer=47&uid=507583a4-7fe9-4587-a5fd-cf52fcff602d&subid=wek1o8vsbref5ssk2ih2s29a
IP 137.74.247.34 (France)
ASN#16276 OVH SAS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-02 12:03:40 UTC
StatusLoading report..
IDS alerts0
Blocklist alert31
urlquery alerts No alerts detected
Tags None

Domain Summary (13)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
tm-offers.gamingadult.com (1) 175580 2018-06-16 00:27:18 UTC 2020-05-04 17:23:47 UTC 137.74.247.34
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 17:12:49 UTC 34.117.237.239
ocsp.pki.goog (5) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-12-01 22:08:56 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-01 17:28:41 UTC 142.250.74.138
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
r3.o.lencr.org (7) 344 No data No data 23.36.76.226
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 17:14:08 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
landing.hentaiheroes.com (43) 506360 2019-03-06 17:06:34 UTC 2022-12-01 20:57:07 UTC 144.217.67.42
ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-12-01 21:19:58 UTC 142.250.74.74
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.41.252.32

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-02 2 landing.hentaiheroes.com/wp-includes/css/dist/block-library/style.min.css?v (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/themes/elementor-hello-theme-master/sty (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/sitepress-multilingual-cms/temp (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/wpml-translation-management/res (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/uploads/elementor/css/post-58008.css?ve (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/css/frontend-l (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/css (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/font-aweso (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/uploads/elementor/css/post-57596.css?ve (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/css/frontend.m (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/css/fronte (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/sitepress-multilingual-cms/res/ (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/sitepress-multilingual-cms/dist (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/font-aweso (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/animations (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/js/webpack (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/js/frontend-mo (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-includes/js/dist/vendor/regenerator-runtime.min (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver= (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/waypoints/ (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/share-link (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/dialog/dia (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/js/frontend.mi (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/js/preload (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/js/preloaded-m (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/lib/sticky (...) Phishing
2022-12-02 2 landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/swiper/swi (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 137.74.247.34
Date UQ / IDS / BL URL IP
2023-01-07 13:51:19 +0000 0 - 1 - 0 tm-offers.gamingadult.com/ 137.74.247.34
2023-01-06 22:09:03 +0000 0 - 1 - 0 tm-offers.gamingadult.com/?offer=123&uid=ce7c (...) 137.74.247.34
2022-12-31 03:56:25 +0000 0 - 2 - 0 tm-offers.gamingadult.com/?offer=3722&uid=7e7 (...) 137.74.247.34
2022-12-20 06:02:14 +0000 0 - 1 - 0 tm-offers.gamingadult.com/?offer=49&uid=50758 (...) 137.74.247.34
2022-12-02 12:03:40 +0000 0 - 0 - 31 tm-offers.gamingadult.com/?offer=47&uid=50758 (...) 137.74.247.34


Last 5 reports on ASN: OVH SAS
Date UQ / IDS / BL URL IP
2023-02-05 00:15:34 +0000 0 - 2 - 0 node7.datanodes.to:8443/d/rcmhqp5ckae5w4x3s3z (...) 141.94.254.79
2023-02-04 23:47:01 +0000 0 - 0 - 23 zelenka.guru/account-confirmation/6559443/ema (...) 151.80.169.29
2023-02-04 23:46:13 +0000 0 - 1 - 0 mcdrivers.driverscloud.com/applis/DriversClou (...) 178.33.231.199
2023-02-04 23:46:02 +0000 0 - 0 - 15 jurassik-race.com/ 46.105.51.211
2023-02-04 23:38:41 +0000 0 - 1 - 0 files1.majorgeeks.com/10afebdbffcd4742c81a3cb (...) 51.81.2.249


Last 5 reports on domain: gamingadult.com
Date UQ / IDS / BL URL IP
2023-02-04 23:26:01 +0000 0 - 2 - 0 tm-offers.gamingadult.com/s/?k=63ce4b5a86271& (...) 5.196.166.128
2023-02-04 19:22:54 +0000 0 - 1 - 0 tm-offers.gamingadult.com/?offer=715&uid=a815 (...) 5.196.166.128
2023-01-07 13:51:19 +0000 0 - 1 - 0 tm-offers.gamingadult.com/ 137.74.247.34
2023-01-06 22:09:03 +0000 0 - 1 - 0 tm-offers.gamingadult.com/?offer=123&uid=ce7c (...) 137.74.247.34
2022-12-31 03:56:25 +0000 0 - 2 - 0 tm-offers.gamingadult.com/?offer=3722&uid=7e7 (...) 137.74.247.34


No other reports with similar screenshot

JavaScript

Executed Scripts (31)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (72)


Request Response
                                        
                                            GET /?offer=47&uid=507583a4-7fe9-4587-a5fd-cf52fcff602d&subid=wek1o8vsbref5ssk2ih2s29a HTTP/1.1 
Host: tm-offers.gamingadult.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         137.74.247.34
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 02 Dec 2022 12:03:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HH-offer47=1; expires=Sat, 03-Dec-2022 00:03:28 GMT; Max-Age=43200; path=/; SameSite=Lax
Location: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6510
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 12:03:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2487
Cache-Control: max-age=169754
Date: Fri, 02 Dec 2022 12:03:28 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 11:12:42 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 11:19:56 GMT
cache-control: public,max-age=3600
age: 2612
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3475
Expires: Fri, 02 Dec 2022 13:01:23 GMT
Date: Fri, 02 Dec 2022 12:03:28 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: wKrK4StC//rgk+k01a9Eu6RUyZgxHImna0NW4Reu8ND6p5aKDmY8OjZy+7MaXEqT2b+9eiNKWzE=
x-amz-request-id: 4BSTHW7WZ3D3F041
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 11:46:41 GMT
age: 1007
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 02 Dec 2022 12:03:28 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E307012B9F7BEA1754A25AE50CE922B65F1CF8E10C51D4FC7B32DA8513CC004F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7714
Expires: Fri, 02 Dec 2022 14:12:03 GMT
Date: Fri, 02 Dec 2022 12:03:29 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 11:08:57 GMT
cache-control: public,max-age=3600
age: 3272
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8= HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Link: <https://landing.hentaiheroes.com/wp-json/>; rel="https://api.w.org/", <https://landing.hentaiheroes.com/wp-json/wp/v2/pages/57596>; rel="alternate"; type="application/json", <https://landing.hentaiheroes.com/en/?p=57596>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6871


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Size:   6871
Md5:    01ea40240b2a53b6285a0a03f1bd0970
Sha1:   e7144ec950240f17e2637644b60221d1e27adf53
Sha256: 2236d966d719ddcb289e8cab11922e116bef6134c96faa060ab87ce5f5ae6973
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2490
Cache-Control: max-age=164695
Date: Fri, 02 Dec 2022 12:03:29 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:48:24 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:31:39 GMT
ETag: "15b64-5e92a18e45cf8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11681


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   11681
Md5:    e5548800176e913a9084f47a3e1e04f6
Sha1:   eff4604acc5c26ae82a19188de2f98bf5b79d80c
Sha256: a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/elementor-hello-theme-master/style.css?ver=6.0.2 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Fri, 01 Feb 2019 13:20:41 GMT
ETag: "24bb-580d5027d3342-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2943


--- Additional Info ---
Magic:  ASCII text, with very long lines (8795)
Size:   2943
Md5:    80b2eb0bb4e18debb039a36eb3eb1f56
Sha1:   5970f98411739816d1354831cafb62feaad50d7b
Sha256: f64a02b1ccc0fce8cf3c8304d31f6158ea648fdec215156b11639dc68915f04b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 11:09:22 GMT
expires: Wed, 29 Nov 2023 11:09:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 262447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30399
Md5:    0f83cadc148d2ad7e53c91f6c4ee05bb
Sha1:   90035c5fffedf4b0f099465f6b929a030b46c92b
Sha256: 3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7BjabaFrDo6lYyQeIMSlWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.252.32
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Rncx1CWN8yVV9UVNqBlbSJ7SQ+8=

                                        
                                            GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.css?ver=1 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 12:07:44 GMT
ETag: "353-5aaa2013068f2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 313


--- Additional Info ---
Magic:  ASCII text, with very long lines (850)
Size:   313
Md5:    1dd1129795df6e900fecbe2d73ac3068
Sha1:   9adafd827ba7c5a59f41d466862547c45508a0a8
Sha256: 9dfdac78c0115c8877fbe917d83f5ade1e64af7c50c3167ecae8e139efe1edd3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wpml-translation-management/res/css/admin-bar-style.css?ver=2.9.9 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 12:07:47 GMT
ETag: "70-5aaa2015313f1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 113


--- Additional Info ---
Magic:  ASCII text
Size:   113
Md5:    8bd858d224c135ea74666d7f05df248e
Sha1:   5ef009ed8087ce73a4912d9749d7f041bc16961b
Sha256: 77e5f04f2f5d3a83c50b55652151182633e799d0daf2280c85e4650a0b06d8ab

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-58008.css?ver=1656070629 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 11:37:09 GMT
ETag: "61a-5e22ffd97c576-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 534


--- Additional Info ---
Magic:  ASCII text, with very long lines (1562), with no line terminators
Size:   534
Md5:    32bca46e2a4736dce3216e0bdffd3160
Sha1:   a6c5eed7a9e57a75372956c05e0c150399b5a722
Sha256: a85c14856b1d17da603c11964ed1d13b1d120504cf4d3dc473c03c86be7ce8ae

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "35ed-5e92a158a8247-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 855


--- Additional Info ---
Magic:  ASCII text, with very long lines (13766)
Size:   855
Md5:    b67ce014664ad80f61a78b2721f5001f
Sha1:   80a3c23a3643598f590765c091f16008c834eb18
Sha256: 77f77a21706b27952b789ff364c6322da6675363d50bb0f9cdff7c4b6db6ec40

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "4b4f-5e92a158a6307-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3961


--- Additional Info ---
Magic:  ASCII text, with very long lines (19233)
Size:   3961
Md5:    24dc15839234f4dbd06f677098762e1c
Sha1:   a285318fa3f4d9a1491f523f080cd32e1df12315
Sha256: 016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "e7d0-5e92a158a43c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12869


--- Additional Info ---
Magic:  ASCII text, with very long lines (59158)
Size:   12869
Md5:    d7913fc87c4606f82b4ee77a8d47fc2f
Sha1:   62a54acf7535ae53425b44dadfe5fdabf3d8300a
Sha256: bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css?family=Carter+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.138
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 12:03:29 GMT
date: Fri, 02 Dec 2022 12:03:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2068
Md5:    c8375f1f3e7c76f6eab6777967d5e457
Sha1:   7f77a51773bf8e4bb796aa2ff24025407bb108ff
Sha256: fd0a21450d8696970f6b214d8c04b1f4e2c8e2d763ff964550a61a41aec0351b
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "684e-5e92a158a43c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4229


--- Additional Info ---
Magic:  ASCII text, with very long lines (26516)
Size:   4229
Md5:    d74abcef3df71d56667a44693f75c454
Sha1:   be993a7b5c88a550ef0dc19c4841f240e41967f8
Sha256: 8c8fb98c0a68a93f2bcf224fcc1bdaa1095fc1b3f5418f2e2c5fddcfa3dee410
                                        
                                            GET /wp-content/uploads/elementor/css/global.css?ver=1656070629 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 11:37:09 GMT
ETag: "9f18-5e22ffd9eab16-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2931


--- Additional Info ---
Magic:  ASCII text, with very long lines (12340)
Size:   2931
Md5:    77435b39885bbd38aa06b53f2fe0341e
Sha1:   56c77fde4f56884914712c96f3eeada4a04d9d9b
Sha256: 9fad07bfc1f261fb481a79615eee17c35e3eb5e8521418d6af36344f0e88c6ce
                                        
                                            GET /wp-content/uploads/elementor/css/post-57596.css?ver=1656070654 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 11:37:34 GMT
ETag: "85a-5e22fff1c90c6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 579


--- Additional Info ---
Magic:  ASCII text, with very long lines (1749)
Size:   579
Md5:    4af93258e01a56272a0580b644750931
Sha1:   8e5eec3982fd2525151d1dffa3a80e5457e651dd
Sha256: 1cc8aa1f3b1e131fb2cebd3c2164db180bf4740739b66a1249f3bb6ac1f43f9d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "28722-5e92a158a8247-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20219


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   20219
Md5:    aabd344581399563134b985f514a1cd8
Sha1:   6b5a37930501a8b1ed54dd5f6c41251dd1943ecf
Sha256: b4dee2a7a178a601312478f2b97c5b8aff205c8930669a9bf90825bb4a2a9bb1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:29 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:32:15 GMT
ETag: "75771-5e92a1b0fd8e5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 41398


--- Additional Info ---
Magic:  ASCII text, with very long lines (65493)
Size:   41398
Md5:    0f96fcabd409b41b5856861df80db999
Sha1:   5b306dde023f7dc771c40b4db0e2f3b0534d7e51
Sha256: 4e35df015ada698444e32130938fc8d9dee84572fe7ff78c5a3c9061853fd86f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
ETag: "2bd8-5e22ffbae0661-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4169


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4169
Md5:    5629711d7fdd5b28441bac39b851299f
Sha1:   4e0bf2b7383097f7c352023a1b1b1b48a50356b6
Sha256: 44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
                                        
                                            GET /wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=4.3.16 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 12:07:44 GMT
ETag: "b01-5aaa2012e4612-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1109


--- Additional Info ---
Magic:  ASCII text
Size:   1109
Md5:    d2c9e62ba741c5dc1cd388f4cb4322c1
Sha1:   57ad65e2ffdb51d2751763b8bee9ad67f372e2a7
Sha256: 0ad3c73c3eaf52b9deb1941a12db921002dbfb2326ca007c6838d9a936a31b02

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.3.16 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 12:07:44 GMT
ETag: "e3-5aaa2012e4612-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 155


--- Additional Info ---
Magic:  ASCII text
Size:   155
Md5:    d3453f9d25d07fae0b6919f644988971
Sha1:   dba21fa483385a873ca38d99bf2433b77dd17fb0
Sha256: f0fa5140f70a19702bdf6bbf7d495857cadc158e12975983212a36068cab241d
                                        
                                            GET /wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/app.js?ver=4.3.16 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 12:07:44 GMT
ETag: "14735-5aaa2012d4c12-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 27781


--- Additional Info ---
Magic:  ASCII text, with very long lines (33809)
Size:   27781
Md5:    ebc7d938b0da802ed92cda0f232bc36a
Sha1:   7229a708a939d9c0b114fb9998f9efd3e96e856c
Sha256: 8f53d8b7f4ea23067a028fe7c5e12f3a0c72b091735a7d89ffc331c6b1b6ca82

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "3acf-5e92a158a5367-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4205


--- Additional Info ---
Magic:  ASCII text, with very long lines (14869)
Size:   4205
Md5:    1fcdd9935a66511c3b8069495af248e3
Sha1:   b0e375ac95b547b3bb6ce74cd1bcc505ffc2281d
Sha256: 4a741209fc122872cb5ae018a5870d70848a616fa98eb4289ad78cec986ec282

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
ETag: "15db1-5e22ffbadf6c1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30908


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30908
Md5:    9640915738503451aa21181699feab5b
Sha1:   c053eaf36ef0da96619706b3abda326305063bd6
Sha256: f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
ETag: "48b9-5e22ffbadd781-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5009


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5009
Md5:    e6624e0b978e6ddba476be41aaaa82df
Sha1:   822e920d8233072110ed7c8a7f379e5b13209b18
Sha256: dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "4824-5e92a158a14e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2592


--- Additional Info ---
Magic:  ASCII text, with very long lines (10019)
Size:   2592
Md5:    0ea81c35141c6a4692506e4fe8d36edb
Sha1:   392c5f96995e66d74c27ed5a42f93169c2f32d18
Sha256: b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:32:15 GMT
ETag: "1440-5e92a1b102705-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2364


--- Additional Info ---
Magic:  ASCII text, with very long lines (5141)
Size:   2364
Md5:    e186b0d6fdc598cefc74bbefe66d986a
Sha1:   c7500f9dd31b0bbd51aaef0b60ce919197dcd44e
Sha256: 259469986f91cf79e604c9c703aa0e50c177d8363a68620e39fff3ed1d39410f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "135d-5e92a158aefa7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2193


--- Additional Info ---
Magic:  ASCII text, with very long lines (4918)
Size:   2193
Md5:    ac5286e01cb948466083b4a9db3725b1
Sha1:   158ee166465804fafaf226ed85b2243bb34d5fb1
Sha256: e4ab2a0069a89260933d5fc4235c352cd504a7fe88d14c95ef66f46a680718b3
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "80a1-5e92a158ae007-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10742


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32889)
Size:   10742
Md5:    540ab7a81306a8a45622d154e9df498b
Sha1:   f06d1223e432a8d648d15008c4dcd7306553e0ac
Sha256: 9f5782726439ecaa602bfb3f5d4762d50409899eb22562da187e252a3eaf0df9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
ETag: "194b-5e22ffbad9901-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2457


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2457
Md5:    27cbbd0a9d7c5ad9402118c4afc36035
Sha1:   7659d08a005f5ecfa6c779e3cda45c30007fd059
Sha256: ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
ETag: "4ac6-5e22ffbad9901-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7095


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size:   7095
Md5:    2f4fcc5a628b379672d76b7e91cbdf07
Sha1:   9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
Sha256: a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
ETag: "132e-5e22ffbad5a81-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1661


--- Additional Info ---
Magic:  ASCII text, with very long lines (4875)
Size:   1661
Md5:    320b86bb1a9ce650a5e3553b2bb1c430
Sha1:   c56e8668b398641ed5cdcfbd8a8eba7d631cdb9c
Sha256: c9ebbb8d122c6be3880d18172abfe308bb07db900689484fa765a73b8b20b3ec

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
ETag: "27ee-5e22ffbad4ae1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3865


--- Additional Info ---
Magic:  data
Size:   3865
Md5:    ca0cf10a1d933e4262c732da8f9008c1
Sha1:   d6fdc041e650cf096841671884db8854490dba72
Sha256: fbd145cb64d3185e42b8a3f6fff22b3e4cc3550934b63a4f874c21c44f920702
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://landing.hentaiheroes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:08 GMT
expires: Thu, 30 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 145762
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "2fa6-5e92a158a14e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2993


--- Additional Info ---
Magic:  ASCII text, with very long lines (12198), with no line terminators
Size:   2993
Md5:    cfea3c51880820f2962a7773fbc864f9
Sha1:   45aa7ddc9b0c4201097d0df36791ab346470b734
Sha256: 12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
ETag: "50eb-5e22ffbadf6c1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6914


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   6914
Md5:    7e2b78a6e8a9b90385330755ee1cf3e5
Sha1:   684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
Sha256: 43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:32:15 GMT
ETag: "53a9-5e92a1b104645-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5714


--- Additional Info ---
Magic:  ASCII text, with very long lines (21374)
Size:   5714
Md5:    db3b93dd49507a7f0b1b95bbbc0cc450
Sha1:   89116e1953551e4c544c4f68c069b628b2580fe8
Sha256: 002eed6e37695cc5d9b76667f8b2708643bf0d0c9fb24fa88b48eacbfe1841b7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "a3c-5e92a158a14e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1139


--- Additional Info ---
Magic:  ASCII text, with very long lines (2620), with no line terminators
Size:   1139
Md5:    366a9c35bbef9fea7021f6b1b56cf8d0
Sha1:   18feab78c61c6e8261db364d6681a9633041e837
Sha256: b1108a264198109bc4e692e30e2dc7c148625fa9a3dce15477fc7618669c7a6f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "29ba-5e92a158a5367-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3446


--- Additional Info ---
Magic:  ASCII text, with very long lines (10544)
Size:   3446
Md5:    88f71137b2a89a53df46cdb4deeb4e3d
Sha1:   426e12f0e8712db20afd2c54e77e1384074f3181
Sha256: 591a8b7a859de8af878c56e1ec72384596285f768387e9958f0a0afe53d89428

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "9e41-5e92a158aefa7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12045


--- Additional Info ---
Magic:  ASCII text, with very long lines (40474)
Size:   12045
Md5:    9f98d9eb97acbaa6fdbecb9086f0eba1
Sha1:   b8f3c7e68de9fcbc87c3bb232f71800e62a2c2f7
Sha256: 1eff8a686486469b581f8ea377acaaedb79cc6339976d17c9392752be4c4a993

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:32:15 GMT
ETag: "20de6-5e92a1b102705-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 31439


--- Additional Info ---
Magic:  ASCII text, with very long lines (65493)
Size:   31439
Md5:    f6dda4694e20958cdb9eacd1a73bd140
Sha1:   e337470b9511ce1888fc37331f9699da69ee7a3b
Sha256: 966166a0f07b717271b6f9a4cfd1f0ffe471630d1944d882bb841f546fac426b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2019/09/LP9_BG.jpg HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         144.217.67.42
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache
Content-length: 0
Location: https://landing.hentaiheroes.com/wp-content/uploads/2019/09/LP9_BG.jpg

                                        
                                            GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "a884-5e92a158ad067-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13121


--- Additional Info ---
Magic:  ASCII text, with very long lines (43101)
Size:   13121
Md5:    227f3f29a5ac2d74fec28aeb97d0768a
Sha1:   2a7516811b58b46c0ee982c7c6616c76433e19c5
Sha256: dbc5b4077a4e85e9dedec28dd5c513cfdfbc672d16f8eb3eb7d2340188bcd6c6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.7 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:32:15 GMT
ETag: "e78-5e92a1b0fb9a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1586


--- Additional Info ---
Magic:  ASCII text, with very long lines (3703)
Size:   1586
Md5:    dbb7b7eb1f27ef159dcd3e20d95d0ccf
Sha1:   fef3645e4691734fee4bac5a58c1d5d70acd6a1b
Sha256: dd5eb456aa6a6ccad9a7eebd497a816aa22f73e5007a507ff8929192cd7d7c8e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 06:30:42 GMT
ETag: "21f91-5e92a158a2487-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 35491


--- Additional Info ---
Magic:  ASCII text, with very long lines (65280)
Size:   35491
Md5:    f2f239cb6e82311cd197aa5888632811
Sha1:   e2376a981fa3bf8e7e36e86b979f3a3ea6443d29
Sha256: c4ceac2088d1b38f5263c50bdfb2e54ed643186248b3a81c5850214b55336e4d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2019/09/LP9_button-2.png HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 27 Sep 2019 11:05:53 GMT
ETag: "b354-59386de9ca035"
Accept-Ranges: bytes
Content-Length: 45908


--- Additional Info ---
Magic:  PNG image data, 447 x 365, 8-bit/color RGBA, non-interlaced\012- data
Size:   45908
Md5:    971efea62f70d98cf399438c582cbf02
Sha1:   0dd13a2b0697d1708f84e8b282a41b122728a84d
Sha256: 37bdc49ff2cb5e13b3b63677982a5f0b67df1096655f22a11c5c46c674650f97
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4974
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 12:03:30 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2019/09/LP9_BG.jpg HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Fri, 27 Sep 2019 10:48:55 GMT
ETag: "83361-59386a1ecd1b6"
Accept-Ranges: bytes
Content-Length: 537441


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1980x967, components 3\012- data
Size:   537441
Md5:    22da72fc807fa86ced11eaab5759539b
Sha1:   00caa85ca49d0d7a6bd29ebc9b2552e65767facc
Sha256: bcf23580ab27d4d52cbbc09192c541b2416c7ccfe3464a7d5ea32692497692ed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4974
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 12:03:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4974
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 12:03:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4974
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 12:03:30 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 21762
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6174
Md5:    b986f9fcbeca91ed5c8d58fbfaf47d19
Sha1:   6e6c8bd2bce144cc4da1cd7be375b046b60dca79
Sha256: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 02EF3QEVKmEB2ikbGk9gzQq7_VMi00ufHUNRFTL8MpwJKaXQwdT8HA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:42:27 GMT
age: 30063
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4834
Md5:    cd8ad22c2eb1eb91c76970fa449f1bc4
Sha1:   0de97f3a4964038222bd751e043e413113e6db9d
Sha256: 668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 24195
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:50 GMT
age: 50980
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10270
Md5:    4c7113338bc3310b13d23ca415c177e2
Sha1:   2cb4edc6b161c6d2d5b47aa498ae54e677966466
Sha256: 3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 51117
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11402
Md5:    1c80b8025242ddfcc816ec612456b99e
Sha1:   aa944d10fe4a44b790b01ef62edc0f85a6d558e3
Sha256: a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:21:56 GMT
age: 81694
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8863
Md5:    156e9ea97b774cbd8361072e4041b6c8
Sha1:   fc71ae3cae92ed6011904bb2367f23bf4e69fab4
Sha256: 58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
                                        
                                            GET /wp-content/uploads/2019/02/HH_Favicon.png HTTP/1.1 
Host: landing.hentaiheroes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.hentaiheroes.com/en/lp09-aff/?ref_id=135846&noagev=1&tc1=HHadac5526bcaa89d03e8cd652a5559007&tc2=1377&tc3=47&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Cookie: wpml_browser_redirect_test=0; _icl_visitor_lang_js=en-us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 02 Dec 2022 12:03:30 GMT
Server: Apache
Last-Modified: Thu, 07 Feb 2019 12:57:07 GMT
ETag: "486-5814d613a9a44"
Accept-Ranges: bytes
Content-Length: 1158


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1158
Md5:    0c7e0f160b63872c310a51f467128902
Sha1:   72ab794ae1a37710d37026d9f428f1398eb1b7f1
Sha256: aac3968945a774991bf001827933e44e611fb28025e55edce9aa96805fa13f53