Report - porxvi.blogspot.com/2023/01/z.html

Report Overview

Submitted URL
porxvi.blogspot.com/2023/01/z.html
IP
172.217.21.161
ASN
#15169 GOOGLE
Submitted
2023-02-03 20:16:14
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	4.9 kB	142.250.74.163
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.149.111.148
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	66 kB	34.120.237.76
www.gaming-adult.com	315167	2017-10-26T20:35:18Z	2023-03-13T06:52:23Z	640 B	933 B	18.194.134.212
hh2.hh-content.com	490552	2019-09-20T11:11:13Z	2023-03-12T20:03:13Z	5.0 kB	204 kB	104.152.112.111
eggs-content.kinkoid.com	668083	2020-02-19T00:31:03Z	2023-03-12T15:25:34Z	2.2 kB	1.3 MB	94.75.250.120
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
use.typekit.net	494	2012-07-05T03:42:39Z	2023-03-13T05:10:17Z	381 B	1.3 kB	23.36.76.186
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	2.0 kB	5.8 kB	172.64.155.188
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	396 B	32 kB	142.250.74.42
images.hh-content.com	unknown	2022-10-19T15:41:01Z	2023-03-12T17:11:18Z	415 B	3.8 kB	104.152.112.111
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	500 B	23 kB	142.250.74.35
p.typekit.net	620	2012-05-23T16:28:57Z	2023-03-13T05:10:18Z	468 B	338 B	23.36.76.186
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
porxvi.blogspot.com	unknown	2023-01-11T11:17:57Z	2023-02-03T21:15:58Z	828 B	20 kB	172.217.21.161
www.highcpmrevenuenetwork.com	unknown	2022-12-23T15:30:56Z	2023-03-13T05:52:07Z	2.3 kB	4.0 kB	173.233.137.36
www.hentaiheroes.com	373902	2017-02-11T06:18:41Z	2023-03-13T06:52:47Z	7.9 kB	57 kB	94.75.250.120
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	447 B	30 kB	142.250.74.106
eggs-ext.kinkoid.com	552669	2019-10-16T13:40:45Z	2023-03-12T15:25:34Z	555 B	110 kB	94.75.250.120
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	23.33.119.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	highcpmrevenuenetwork.com	Sinkholed
2023-02-03	medium	highcpmrevenuenetwork.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	www.hentaiheroes.com/js/guest.js?v=67522961	1.4 kB	2023-03-07	2023-07-04
Pretty URL www.hentaiheroes.com/js/guest.js?v=67522961 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:20 Last Seen2023-07-04 17:49:38 Times Seen61 Hash e0b082b77c7be4355a7049a6a7c5f353 d915737134d98b3a965cd5fa5cdaca6f65b5057c 9e09472f0d52ddb3a3d195366f5595855fd08ece7a60d3dfb5b38ea02363bfef Loading...

	www.highcpmrevenuenetwork.com/u20kc9hk?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=18136462	2.1 kB	2023-03-07	2023-04-05
Pretty URL www.highcpmrevenuenetwork.com/u20kc9hk?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=18136462 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462	603 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen9 Hash 3557b9760f3d69a5bfadfae6511cc233 8324cc62723d39c36afc3a4fde6186d19cc7a6cb 72fcce08b7302a94277b130b6c0f996e95856edbdbce4471b4b180c995890f46 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 13:25:05 Times Seen37039115 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.hentaiheroes.com/js/quest.js?v=67522962	32 kB	2023-03-13	2024-02-11
Pretty URL www.hentaiheroes.com/js/quest.js?v=67522962 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:58:28 Last Seen2024-02-11 09:00:35 Times Seen1 Hash 457d55929ada479f0bc06d134e97d49c ddf1588bfdb7d44022b2f7afd5207a7cafab3e18 9e06646169299e6132215a048d0b8ffef0a0fb81a00f32f1ecfd58a7142a2bf1 Loading...

	www.hentaiheroes.com/home.html	4.6 kB	2023-03-13	2024-02-11
Pretty URL www.hentaiheroes.com/home.html IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:03:55 Last Seen2024-02-11 09:00:35 Times Seen1 Hash 88edfe258d043c69c59f328ea3a0d50e 6661cfc9a07b9e9f35689f7827c29c056f9b4c8a 15752219cf38be5c1aca1286783cceb7e38242ce874b9e21a1126dfcbc80dbb7 Loading...

	eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate	14 kB	2023-03-08	2024-02-07
Pretty URL eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2024-02-07 05:38:08 Times Seen1 Hash 0e2ee7dcd3c08aadd1997cf6b73177e0 7162c2103f222b3973fe4e5b096f30cb5263a340 d8ca24273ef503416d51bedb22f7c6e3171912e082bb079f395fede04d41b337 Loading...

	www.highcpmrevenuenetwork.com/u20kc9hk?key=67a5c11e3ef6333957fe780cb4146379	357 B	2023-03-13	2024-02-11
Pretty URL www.highcpmrevenuenetwork.com/u20kc9hk?key=67a5c11e3ef6333957fe780cb4146379 IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:03:55 Last Seen2024-02-11 09:00:35 Times Seen1 Hash 660f1bec8283fae35f5a4ba09c6e5aa7 c6cc13d966d236f41e0d129b06bf8a1e238ace5d 1f9106824d75f220ccb0ad314176337bff07be9a09a5094aa9c5c6ebf3523d07 Loading...

	www.hentaiheroes.com/js/screenfull.js?v=67522962	2.9 kB	2023-03-07	2024-02-05
Pretty URL www.hentaiheroes.com/js/screenfull.js?v=67522962 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:20 Last Seen2024-02-05 22:18:33 Times Seen112 Hash 67dbfe9b672c902f618ccb6440d6e8c4 5ee56f41df8abdd06f7fb5a668b95e9cb8076209 6f575774986ea35312c5d750b761fd82298bbfd8664f810d43e499d8c9bdb266 Loading...

	www.hentaiheroes.com/js/chat.js?v=67522962	417 kB	2023-03-12	2023-05-24
Pretty URL www.hentaiheroes.com/js/chat.js?v=67522962 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:11:32 Last Seen2023-05-24 13:18:05 Times Seen27 Hash 3dc3d1e2f3ca908b22a7db7ec0c979d8 de9b5d3588b4f8bf7e8c296f27d10bbcb488f803 d2a079d60e5198d50197b7035cc456dd0931e7f27a5af8c114b9ebc4a277ec84 Loading...

	www.hentaiheroes.com/home.html	641 B	2023-03-13	2023-04-05
Pretty URL www.hentaiheroes.com/home.html IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:03:55 Last Seen2023-04-05 02:11:25 Times Seen9 Hash cfcfd148cbb684f1e0cf2b36ff384094 a9094069f124225533cc53f6f41e75f235fa6fe3 26cea0409173f4e8bc128aaa077bf115aa18b36c56583466fb7386f5c87e3137 Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462	282 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen9 Hash eb8aff3709acb0f74ca084fc25705401 76b21aecb131f668c31b0b85c77573df22564daa db55d66890b6ffa5a5985df1397837bca74f22660470407b15ea5ef5b7db4219 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-24 13:09:56 Times Seen260935 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462	372 B	2023-03-08	2023-04-05
Pretty URL www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462 IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:32:31 Last Seen2023-04-05 02:11:25 Times Seen5 Hash 6a064ea2edd05fa1f76073af9c6bb531 a1ed97aa3e5a0eed66917059ef7e7946ab8684e5 fb4c198e5d9f593b38e0355209b01b862147319f2e1c2d9385839005f928d22e Loading...

	www.hentaiheroes.com/phoenix-tr_labels-en-1438.js	47 kB	2023-03-13	2024-02-11
Pretty URL www.hentaiheroes.com/phoenix-tr_labels-en-1438.js IP 94.75.250.120 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:03:55 Last Seen2024-02-11 09:00:35 Times Seen1 Hash 82a4969f808c6cb789307822d3d80267 6140bd663f18b4220c7c46e3f336401902e222d8 0ef672e063a299687aa047a88c94689ade463f1568bfc655617435f56af3672b Loading...

	porxvi.blogspot.com/2023/01/z.html	275 B	2023-03-07	2024-04-24
Pretty URL porxvi.blogspot.com/2023/01/z.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-24 12:08:31 Times Seen57283 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	porxvi.blogspot.com/2023/01/z.html	165 B	2023-03-13	2024-02-11
Pretty URL porxvi.blogspot.com/2023/01/z.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:03:55 Last Seen2024-02-11 09:00:35 Times Seen1 Hash ad4adf9638c605655d69b9b6df37e4a5 6df90b910251435c48c8733fa7548a4026fc7be4 e096eb3c70c6155188a6117fb497c41af34f142874f9b037fe2afd89d19a9ad6 Loading...

		Size	First Seen	Last Seen
	#1 Write - 120e61e6b4c2f5e8544b8c78d722a904	621 B	2023-03-07	2024-02-05
Pretty Observations First Seen2023-03-07 14:38:20 Last Seen2024-02-05 22:18:33 Times Seen59 Hash 120e61e6b4c2f5e8544b8c78d722a904 574db9117bb739ac8dfe7218b4b0d4aac79d2f16 af36037d076d94f2c9f53b219d848056bcef43f86667ae5e550f57c75bf61caa Loading...

HTTP Transactions (74)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8486
Expires: Fri, 03 Feb 2023 22:37:29 GMT
Date: Fri, 03 Feb 2023 20:16:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9726
Expires: Fri, 03 Feb 2023 22:58:09 GMT
Date: Fri, 03 Feb 2023 20:16:03 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 19:36:11 GMT
content-type: application/json
age: 2392
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19862
Expires: Sat, 04 Feb 2023 01:47:05 GMT
Date: Fri, 03 Feb 2023 20:16:03 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: R8ejW01j01jzqts5YeawgxHfCQQMohpcZF9R2NdojCdGH19LvQGNY5VXIg478KGZWGclM7H5EqeR5uprMMz4tA==
x-amz-request-id: 5C4QDPCPP7G3FJHQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 19:52:32 GMT
age: 1411
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 20:16:03 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

porxvi.blogspot.com/2023/01/z.html

172.217.21.161

301 Moved Permanently

188 B

URL HTTP/1.1
porxvi.blogspot.com/2023/01/z.html
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
188 B (188 bytes)
Hash
21428ccff829f1eb7d6244d800525061
32863036a96fe76f09172a4a2da509c98a1aea54
ac6e8e7532f709435877857bc50eb6518586b334e94da787e0febb67eb535ee0

HTTP Headers

GET /2023/01/z.html HTTP/1.1
Host: porxvi.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://porxvi.blogspot.com/2023/01/z.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 03 Feb 2023 20:16:04 GMT
Expires: Fri, 03 Feb 2023 20:16:04 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 188
Server: GSE

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 19:49:06 GMT
age: 1618
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8210
Expires: Fri, 03 Feb 2023 22:32:54 GMT
Date: Fri, 03 Feb 2023 20:16:04 GMT
Connection: keep-alive

porxvi.blogspot.com/2023/01/z.html

172.217.21.161

200 OK

19 kB

URL HTTP/2
porxvi.blogspot.com/2023/01/z.html
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5019)
Size
19 kB (18744 bytes)
Hash
aa63a61c8a01a0c5dabe57b8992c25d9
59982ecb63c2ddde44113987c88385ed73835680
b3cd6b7c97512e342944647f9c1ec792284175caf4b2a339815449be947a78cd

HTTP Headers

GET /2023/01/z.html HTTP/1.1
Host: porxvi.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 03 Feb 2023 20:16:04 GMT
date: Fri, 03 Feb 2023 20:16:04 GMT
cache-control: private, max-age=0
last-modified: Fri, 03 Feb 2023 16:54:16 GMT
etag: W/"f66e0a86e8699b8ef857f49fede0b65606225ff3644523975ff1773d14955109"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 18744
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.149.111.148

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.111.148:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Coj9phfO5v/XE6vkpSSbSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: U53XHEDz5W+NP1/rubgku1BV8DU=

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f73b25b85b47513c518f27e63d9a3938
9d71acd2fc1875bac9399e56b6508f4d5cd31a35
fc6073a0b633a99bc296ceb5afc65e32e77cbe1875cbc2ab22ba4a7869853f56

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
788ac15d640a80960ec62659682283a8
edd5272fc948ba47d8a16fb08c62c829d2fe5fcc
48cc15ab3259526c43206d5461c10b356d1e44efd1f5adb6fa9446baaa767b87

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48CC15AB3259526C43206D5461C10B356D1E44EFD1F5ADB6FA9446BAAA767B87"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12283
Expires: Fri, 03 Feb 2023 23:40:48 GMT
Date: Fri, 03 Feb 2023 20:16:05 GMT
Connection: keep-alive

www.highcpmrevenuenetwork.com/u20kc9hk?key=67a5c11e3ef6333957fe780cb4146379

173.233.137.36

200 OK

1.3 kB

URL HTTP/1.1
www.highcpmrevenuenetwork.com/u20kc9hk?key=67a5c11e3ef6333957fe780cb4146379
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.3 kB (1253 bytes)
Hash
ae6ddb70eac21558ed9fba6c033d257e
794e2f9c29d5e2f9b4393800e90736325f93e869
887e423daab7291fe45c33c6193ba9b3133a8dfea86769be820eba57dbd499fc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /u20kc9hk?key=67a5c11e3ef6333957fe780cb4146379 HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porxvi.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 20:16:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18136462; expires=Sat, 04 Feb 2023 20:16:05 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODEzNjQ2MiwiayI6IjY3YTVjMTFlM2VmNjMzMzk1N2ZlNzgwY2I0MTQ2Mzc5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTUzODMzLCJwaWQiOjY0NDczNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoidTIwa2M5aGsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vcG9yeHZpLmJsb2dzcG90LmNvbS8ifX0.YTr3t1wjWEqmbDFWrFjiwGy304oaN84LXIfCm7YONW8; expires=Fri, 03 Feb 2023 20:17:05 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4bb4578afcfc6cd904e9a3cefe40b9c2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.highcpmrevenuenetwork.com/u20kc9hk?shu=46b30b119c878e118c44afbd08a2f4e3cc220c6dbd087d13dcfc50ea15fe59e591620fc9a87479e9a9c6ef91efb2375a1ea06046e3c9f1309e6d607baca74920943bdf2bef0d3b53a0ecc2d850eb394d01cb896f57cdbb47a0b0c112b5b0daa72e&pst=1675455425&rmtc=t&uuid=&pii=&in=false&key=67a5c11e3ef6333957fe780cb4146379&refer=https%3A%2F%2Fporxvi.blogspot.com%2F

173.233.137.36

302 Found

0 B

URL HTTP/1.1
www.highcpmrevenuenetwork.com/u20kc9hk?shu=46b30b119c878e118c44afbd08a2f4e3cc220c6dbd087d13dcfc50ea15fe59e591620fc9a87479e9a9c6ef91efb2375a1ea06046e3c9f1309e6d607baca74920943bdf2bef0d3b53a0ecc2d850eb394d01cb896f57cdbb47a0b0c112b5b0daa72e&pst=1675455425&rmtc=t&uuid=&pii=&in=false&key=67a5c11e3ef6333957fe780cb4146379&refer=https%3A%2F%2Fporxvi.blogspot.com%2F
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /u20kc9hk?shu=46b30b119c878e118c44afbd08a2f4e3cc220c6dbd087d13dcfc50ea15fe59e591620fc9a87479e9a9c6ef91efb2375a1ea06046e3c9f1309e6d607baca74920943bdf2bef0d3b53a0ecc2d850eb394d01cb896f57cdbb47a0b0c112b5b0daa72e&pst=1675455425&rmtc=t&uuid=&pii=&in=false&key=67a5c11e3ef6333957fe780cb4146379&refer=https%3A%2F%2Fporxvi.blogspot.com%2F HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.highcpmrevenuenetwork.com/u20kc9hk?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=18136462
Cookie: u_pl=18136462; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODEzNjQ2MiwiayI6IjY3YTVjMTFlM2VmNjMzMzk1N2ZlNzgwY2I0MTQ2Mzc5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTUzODMzLCJwaWQiOjY0NDczNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoidTIwa2M5aGsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vcG9yeHZpLmJsb2dzcG90LmNvbS8ifX0.YTr3t1wjWEqmbDFWrFjiwGy304oaN84LXIfCm7YONW8; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 20:16:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://www.gaming-adult.com/ac734f97-5441-4f52-bea9-71d2fea3752c?campaign_ID=728615&placement_id=18136462&country_code=NO&cost_cpa=3.000000&externalid=1d1b97ebb9c69136ed5db76f985e01d8
Set-Cookie: iprc3cc257ef498b3c03ab1ed373b79463ad=3991454; expires=Sat, 04 Feb 2023 20:16:05 GMT
pdhtkv=true; expires=Sat, 04 Feb 2023 20:16:05 GMT
uncs=1; expires=Sat, 04 Feb 2023 20:16:05 GMT
pdhtkv28=true; expires=Sat, 04 Feb 2023 20:16:05 GMT
uncs28=1; expires=Sat, 04 Feb 2023 20:16:05 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fe527057fcdf4ad5ef3f915ec6400fb8
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5848
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 20:16:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5848
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 20:16:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5848
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 20:16:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5848
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 20:16:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13065 bytes)
Hash
cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 20c6f462-0f1f-44d1-9b6b-6afbc4e79e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpYpcELtIAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da07d5-44cd803c0feba28919b0a9ec;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 06:33:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T3PhGRcHX1X2hn8K_4587fXBrEyuY5Em-b9Jg41uH4uyQXeFoRBIYg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 80949
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10166 bytes)
Hash
2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hSyEfSDToqgfnFIW68Krz-ANYUNQoUPWhyb-8xDUarI6mnVLXriHDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:59:54 GMT
age: 80171
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8211 bytes)
Hash
114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 6a1fd567-b34d-4787-aa05-5b7db3fc51c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fflRBHU4IAMFnsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61c06-2d1ec3206d2ebeb4780a84b4;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:11:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUloQ6xaRWpnvMRh7kFvFIWhFotmILLZHfD_YK01RmrQ2vmYKVh46w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 03:08:32 GMT
age: 61653
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 80884
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5641 bytes)
Hash
d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 80296
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10796 bytes)
Hash
3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.gaming-adult.com/ac734f97-5441-4f52-bea9-71d2fea3752c?campaign_ID=728615&placement_id=18136462&country_code=NO&cost_cpa=3.000000&externalid=1d1b97ebb9c69136ed5db76f985e01d8

18.194.134.212

302 Found

0 B

URL HTTP/2
www.gaming-adult.com/ac734f97-5441-4f52-bea9-71d2fea3752c?campaign_ID=728615&placement_id=18136462&country_code=NO&cost_cpa=3.000000&externalid=1d1b97ebb9c69136ed5db76f985e01d8
IP
18.194.134.212:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ac734f97-5441-4f52-bea9-71d2fea3752c?campaign_ID=728615&placement_id=18136462&country_code=NO&cost_cpa=3.000000&externalid=1d1b97ebb9c69136ed5db76f985e01d8 HTTP/1.1
Host: www.gaming-adult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmrevenuenetwork.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 20:16:06 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462
pragma: no-cache
set-cookie: ac734f97-5441-4f52-bea9-71d2fea3752c-v4=NvqmsPzy0n53osOJdNSnvymiXcRNXNbI9e3ILZ68HEo; Max-Age=86400; Expires=Sat, 04-Feb-2023 20:16:06 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=HvQc%2B6Zp490aK8S54BWReyUp6JkoXq9PFtT0OZ7waQbs1JEB52xfd7Zyc1recofTR4CWIrszvGeSxvOmRV%2F4qb9sRrkeyGLMFrFpEziUjQB5Y92NNzAKexOoFZT3Hs0uXIzg8PK26eHdnrcw91%2BB%2Bw%3D%3D; Max-Age=31536000; Expires=Sat, 03-Feb-2024 20:16:06 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6a06e7d04a6be89a3e5a60141cdc3137
b3154407b42bcbb9e650f024e6b21e8f4158fbd4
60ab84decea963f1da034b80f5dfc11d4b585109e135a50b139bcd53994bf6d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:16:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 08:28:37 GMT
Expires: Fri, 10 Feb 2023 08:28:36 GMT
Etag: "b3154407b42bcbb9e650f024e6b21e8f4158fbd4"
Cache-Control: max-age=561749,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793dd7a65d3ab515-OSL

www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462

94.75.250.120

200 OK

2.1 kB

URL HTTP/2
www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
2.1 kB (2137 bytes)
Hash
abf05704865b13a98e23d32821222a07
4494a2c1b66d97d7399626acba2fbf5b34fb774d
dcaba1b89f439efdbe6dffe291422cdead6ef2cefc8c8bad44e7cd13d1ecdfe7

HTTP Headers

GET /?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmrevenuenetwork.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: HH_SESS_13=dj3isvmie2kp5ve19kc4pa7s9r; expires=Sat, 04-Feb-2023 04:16:06 GMT; Max-Age=28800; path=/; secure; SameSite=None
lang=en; expires=Sat, 03-Feb-2024 20:16:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
ref_id=1962391; expires=Sat, 03-Feb-2024 20:16:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc1=wlg20gjcbstjsccm2fd4hdlq; expires=Sat, 03-Feb-2024 20:16:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc2=AdsterraChX-David; expires=Sat, 03-Feb-2024 20:16:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc3=NO; expires=Sat, 03-Feb-2024 20:16:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc5=18136462; expires=Sat, 03-Feb-2024 20:16:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
source=83bb8f10-7b18-4488-94b2-c1f5634a15fc; expires=Sat, 03-Feb-2024 20:16:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
campaign=728615; expires=Sat, 03-Feb-2024 20:16:06 GMT; Max-Age=31536000; path=/; secure; SameSite=None
HAPBK=web10|Y91ri; path=/; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
content-length: 2137
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/screenfull.js?v=67522962

94.75.250.120

200 OK

935 B

URL HTTP/2
www.hentaiheroes.com/js/screenfull.js?v=67522962
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (2863), with no line terminators
Size
935 B (935 bytes)
Hash
4dfe9ff40759d6d7316a51d4c38e5f9e
e1e3d4777637e222b1200a6d6bc67135492f9dd0
5ba0c79e328a50335bcd5850178c1f0cb70cd5478e738950a925081d04c49c50

HTTP Headers

GET /js/screenfull.js?v=67522962 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462
Cookie: HH_SESS_13=dj3isvmie2kp5ve19kc4pa7s9r; lang=en; ref_id=1962391; tc1=wlg20gjcbstjsccm2fd4hdlq; tc2=AdsterraChX-David; tc3=NO; tc5=18136462; source=83bb8f10-7b18-4488-94b2-c1f5634a15fc; campaign=728615; HAPBK=web10|Y91ri
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Wed, 01 Feb 2023 05:33:48 GMT
etag: "b2f-5f39ccaf09536-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 935
content-type: application/javascript
X-Firefox-Spdy: h2

www.hentaiheroes.com/css/chat.css?v=67522960

94.75.250.120

200 OK

16 kB

URL HTTP/2
www.hentaiheroes.com/css/chat.css?v=67522960
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
16 kB (15641 bytes)
Hash
ce0a8efd041e18311fd4ec66241558f0
887cbfe85c384e89fd130c2e10fe70b037cb0852
d4860d6e9ce84321bab65a06ed8c9d9a102c5dfd89832378b6cacb0590bd1654

HTTP Headers

GET /css/chat.css?v=67522960 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462
Cookie: HH_SESS_13=dj3isvmie2kp5ve19kc4pa7s9r; lang=en; ref_id=1962391; tc1=wlg20gjcbstjsccm2fd4hdlq; tc2=AdsterraChX-David; tc3=NO; tc5=18136462; source=83bb8f10-7b18-4488-94b2-c1f5634a15fc; campaign=728615; HAPBK=web10|Y91ri
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Wed, 01 Feb 2023 05:33:27 GMT
etag: "21728-5f39cc9aa9841-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15641
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

142.250.74.42

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:11:27 GMT
expires: Fri, 02 Feb 2024 10:11:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
age: 122679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.hentaiheroes.com/home.html

94.75.250.120

200 OK

4.4 kB

URL HTTP/2
www.hentaiheroes.com/home.html
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1409)
Size
4.4 kB (4390 bytes)
Hash
540facb725d75a0b4724a23cbb676715
74504ccba549371d68da2ac55eb2af8f0920f700
460643c54692dac5abf15b231bf7b5173ff6e8a9b6dbfbbb1aa6f6165b303ec3

HTTP Headers

GET /home.html HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462
Cookie: HH_SESS_13=dj3isvmie2kp5ve19kc4pa7s9r; lang=en; ref_id=1962391; tc1=wlg20gjcbstjsccm2fd4hdlq; tc2=AdsterraChX-David; tc3=NO; tc5=18136462; source=83bb8f10-7b18-4488-94b2-c1f5634a15fc; campaign=728615; HAPBK=web10|Y91ri
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
content-length: 4390
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.hentaiheroes.com/js/quest.js?v=67522962

94.75.250.120

200 OK

7.7 kB

URL HTTP/2
www.hentaiheroes.com/js/quest.js?v=67522962
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (31801), with no line terminators
Size
7.7 kB (7726 bytes)
Hash
41d954de2ac80864a346f8e746003525
f2c139f6cfd0efcdaa0be974cb77dc0257ecf52f
3580bdcfc459c3c987098d62f6787a23ffccbde8ce3769ce12673895db07e048

HTTP Headers

GET /js/quest.js?v=67522962 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=dj3isvmie2kp5ve19kc4pa7s9r; lang=en; ref_id=1962391; tc1=wlg20gjcbstjsccm2fd4hdlq; tc2=AdsterraChX-David; tc3=NO; tc5=18136462; source=83bb8f10-7b18-4488-94b2-c1f5634a15fc; campaign=728615; HAPBK=web10|Y91ri
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Wed, 01 Feb 2023 05:33:45 GMT
etag: "7c39-5f39ccabe791d-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7726
content-type: application/javascript
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script

142.250.74.106

200 OK

29 kB

URL HTTP/2
fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
29 kB (28821 bytes)
Hash
5ad1656a6bd3f1273af22ab3ac4a005a
d493d1e6fd968cd3578fb6d36273c58ac7e6636d
6ed5ae8da627f850f8e1fe05cf584a9deead05b9205296fa15995b6888501fe5

HTTP Headers

GET /css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 20:16:06 GMT
date: Fri, 03 Feb 2023 20:16:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/guest.js?v=67522961

94.75.250.120

200 OK

529 B

URL HTTP/2
www.hentaiheroes.com/js/guest.js?v=67522961
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (1367), with no line terminators
Size
529 B (529 bytes)
Hash
7348e55be15dc16f98e50b2826ece833
4186367a3694585077625c655a9c503cdabbd545
ea3aab4a54f71ce834d19887b7b10988bb3ba09ed818f92b80ee64150bf59972

HTTP Headers

GET /js/guest.js?v=67522961 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=dj3isvmie2kp5ve19kc4pa7s9r; lang=en; ref_id=1962391; tc1=wlg20gjcbstjsccm2fd4hdlq; tc2=AdsterraChX-David; tc3=NO; tc5=18136462; source=83bb8f10-7b18-4488-94b2-c1f5634a15fc; campaign=728615; HAPBK=web10|Y91ri
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Wed, 01 Feb 2023 05:33:33 GMT
etag: "557-5f39cca0a3c94-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 529
content-type: application/javascript
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0f27f32c7cd58f60416fca7aafd9f948
fb2622a0253d1540d9b8e972722a0c9d81933ce4
b2d90c17489a0dc0dd60b246277f134b3e89296b56639c3743869526a3f45eb3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:16:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 15:14:36 GMT
Expires: Thu, 09 Feb 2023 15:14:35 GMT
Etag: "fb2622a0253d1540d9b8e972722a0c9d81933ce4"
Cache-Control: max-age=499708,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793dd7aa68240b51-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0f27f32c7cd58f60416fca7aafd9f948
fb2622a0253d1540d9b8e972722a0c9d81933ce4
b2d90c17489a0dc0dd60b246277f134b3e89296b56639c3743869526a3f45eb3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:16:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 15:14:36 GMT
Expires: Thu, 09 Feb 2023 15:14:35 GMT
Etag: "fb2622a0253d1540d9b8e972722a0c9d81933ce4"
Cache-Control: max-age=499708,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793dd7aa6a15b521-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0f27f32c7cd58f60416fca7aafd9f948
fb2622a0253d1540d9b8e972722a0c9d81933ce4
b2d90c17489a0dc0dd60b246277f134b3e89296b56639c3743869526a3f45eb3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:16:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 15:14:36 GMT
Expires: Thu, 09 Feb 2023 15:14:35 GMT
Etag: "fb2622a0253d1540d9b8e972722a0c9d81933ce4"
Cache-Control: max-age=499708,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793dd7aa6c81b505-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0f27f32c7cd58f60416fca7aafd9f948
fb2622a0253d1540d9b8e972722a0c9d81933ce4
b2d90c17489a0dc0dd60b246277f134b3e89296b56639c3743869526a3f45eb3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:16:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 15:14:36 GMT
Expires: Thu, 09 Feb 2023 15:14:35 GMT
Etag: "fb2622a0253d1540d9b8e972722a0c9d81933ce4"
Cache-Control: max-age=499708,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793dd7a99a0eb515-OSL

www.hentaiheroes.com/phoenix-tr_labels-en-1438.js

94.75.250.120

200 OK

16 kB

URL HTTP/2
www.hentaiheroes.com/phoenix-tr_labels-en-1438.js
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
16 kB (16546 bytes)
Hash
12bcf8c9d1bc138b4ebe5fcf4614f505
98533ac3d4f918b0abc14dbda1675cb44c9f203f
1228368fae9416325a082cd27b9d5e2d4c7be0a13758603285363bc1f15c3cae

HTTP Headers

GET /phoenix-tr_labels-en-1438.js HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=dj3isvmie2kp5ve19kc4pa7s9r; lang=en; ref_id=1962391; tc1=wlg20gjcbstjsccm2fd4hdlq; tc2=AdsterraChX-David; tc3=NO; tc5=18136462; source=83bb8f10-7b18-4488-94b2-c1f5634a15fc; campaign=728615; HAPBK=web10|Y91ri
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
server: Apache
content-encoding: gzip
cache-control: private, max-age=604800, pre-check=604800
pragma: private
expires: Thu, 08 Jan 70 01:00:00 +0100
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8;
X-Firefox-Spdy: h2

hh2.hh-content.com/ic_loading_carrot.svg

104.152.112.111

200 OK

3.7 kB

URL HTTP/2
hh2.hh-content.com/ic_loading_carrot.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
3.7 kB (3743 bytes)
Hash
c7ea21734a64fecf0b2b8f54e582e036
2383ef4319d210f37b256cdd05a6e75de60091bc
bd50e89429493ff3043675f67cbbdeea7da18da0ef2a8e0de870eb39dac8dd25

HTTP Headers

GET /ic_loading_carrot.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
content-type: image/svg+xml
content-length: 3743
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-39858-h-0-0---;6141-30-26816----0-0-1
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_legal.svg

104.152.112.111

200 OK

2.3 kB

URL HTTP/2
hh2.hh-content.com/design/ic_legal.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.3 kB (2320 bytes)
Hash
e12db90b345490737b33530778cf44ee
e873e0209b1a08f5d87dd0534d6fd3311c9f766f
b8f586101e80adb692675c6b21adaad397a7ba1033d45d61d2f0189b78c6cb91

HTTP Headers

GET /design/ic_legal.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
content-type: image/svg+xml
content-length: 2320
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-16152-h-0-0---;6141-30-26816----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/quest/ic_eyeopen.svg

104.152.112.111

200 OK

1.1 kB

URL HTTP/2
hh2.hh-content.com/quest/ic_eyeopen.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1142 bytes)
Hash
d024138a612c10f6f1f53a59ee5e3dd2
eeaf38bfbcc7b8eb245647db978e61db286bcc30
54dc51810c4190a40a490c712bc60a7a2764e6213f8c1b7230836d83de5de996

HTTP Headers

GET /quest/ic_eyeopen.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
content-type: image/svg+xml
content-length: 1142
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7846-0-57515-h-0-0---;6141-30-26816----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/quest/ic_eyeclosed.svg

104.152.112.111

200 OK

1.4 kB

URL HTTP/2
hh2.hh-content.com/quest/ic_eyeclosed.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.4 kB (1424 bytes)
Hash
ee4ad4b4410fcc5898cab08a69780cd6
a8ed6e8ef5b181c240270cbcc7aa155405eb3003
1221af76045abbae2c6505da09d58cdee9ece408c45c084198f4b6646e60cb84

HTTP Headers

GET /quest/ic_eyeclosed.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
content-type: image/svg+xml
content-length: 1424
last-modified: Mon, 24 Feb 2020 08:40:25 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-39858-h-0-0---;6141-30-26816----0-0-2
X-Firefox-Spdy: h2

hh2.hh-content.com/clubs/ic_xCross.png

104.152.112.111

200 OK

1.3 kB

URL HTTP/2
hh2.hh-content.com/clubs/ic_xCross.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 82 x 74, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1264 bytes)
Hash
8ae89c096a2186b9ed393a2baa1e8886
53917bc9a063bc304440ec6ae17fb1c583c8f9c4
02c88820b0f0b1292dfc9a5ad88c8cbbfd7941a41ca69f00b769b41deb198be6

HTTP Headers

GET /clubs/ic_xCross.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
content-type: image/png
content-length: 1264
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6139-0-27690-h-0-0---;6141-30-26816----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/design/ic_favicon_32px.png

104.152.112.111

200 OK

576 B

URL HTTP/2
hh2.hh-content.com/pictures/design/ic_favicon_32px.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
576 B (576 bytes)
Hash
f76e95aa42153a9047cd4b8bcca0be00
f67a235e807ec1d016d394d9d3790a95846e89fd
cd37f4f58b91e31ceb237b9470026a39bb96cf967b5886698bb2e38e65bf34e2

HTTP Headers

GET /pictures/design/ic_favicon_32px.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
content-type: image/png
content-length: 576
last-modified: Mon, 18 Jun 2018 08:55:04 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-16152-h-0-0---;6141-28-26816----0-0-0
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0f27f32c7cd58f60416fca7aafd9f948
fb2622a0253d1540d9b8e972722a0c9d81933ce4
b2d90c17489a0dc0dd60b246277f134b3e89296b56639c3743869526a3f45eb3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:16:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 15:14:36 GMT
Expires: Thu, 09 Feb 2023 15:14:35 GMT
Etag: "fb2622a0253d1540d9b8e972722a0c9d81933ce4"
Cache-Control: max-age=499708,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793dd7aa6928b52d-OSL

images.hh-content.com/hentai/pictures/design/logo2.png

104.152.112.111

200 OK

3.4 kB

URL HTTP/2
images.hh-content.com/hentai/pictures/design/logo2.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 566 x 250, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3449 bytes)
Hash
bb30651d4829e8d4aa2d2fe1da64b9c9
1607a6cec035df2fc2779732d7505f4c9ecdb5a2
0a9d9b559f56759b74032fa25a5f422cb094864a26e93f7b366a0f0dc8675782

HTTP Headers

GET /hentai/pictures/design/logo2.png HTTP/1.1
Host: images.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
content-type: image/png
content-length: 3449
last-modified: Tue, 23 Mar 2021 12:09:15 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: images.hh-content.com
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4014-h-0-0---;6141-25-26816----0-0-1
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_login.svg

104.152.112.111

200 OK

8.7 kB

URL HTTP/2
hh2.hh-content.com/design/ic_login.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
8.7 kB (8722 bytes)
Hash
5915a8ebac160e3953e4467dedec30b8
df20474ef16fc034e7c9bf27bb1bff222d106032
fec09101a2dbd6d4956c64c59f4898b448ec8dc884cbc01976ce6e6fa6eeb118

HTTP Headers

GET /design/ic_login.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:07 GMT
content-type: image/svg+xml
content-length: 8722
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4015-h-0-0---;6141-29-26816----0-0-1
X-Firefox-Spdy: h2

fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2

142.250.74.35

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22144, version 1.0\012- data
Size
22 kB (22144 bytes)
Hash
f3ad3b3081bb38a18628d88ddf39b8b6
befa33190a885871d06ebf259dc12d0d325fd74c
252063af6ade8b9a744cde4ddad0fc21ea53b8ba711eed121a0c2e8610ea9c93

HTTP Headers

GET /s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:05:49 GMT
expires: Fri, 02 Feb 2024 18:05:49 GMT
cache-control: public, max-age=31536000
age: 94218
last-modified: Tue, 26 Apr 2022 15:48:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hh2.hh-content.com/design/ic_fullscreen.svg

104.152.112.111

200 OK

9.1 kB

URL HTTP/2
hh2.hh-content.com/design/ic_fullscreen.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
9.1 kB (9108 bytes)
Hash
0831c44a1a21d67c02ef25bc69e5b889
b160e53081718dfbde5d57fc71d3d09e7d263eac
ceb0ca832f16fdb1647cbf5d34d6c095dd6ad6b8b842dc2cf7317f15dcbe2f76

HTTP Headers

GET /design/ic_fullscreen.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:07 GMT
content-type: image/svg+xml
content-length: 9108
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4014-h-0-0---;6141-25-26816----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/menu/sound_on.svg

104.152.112.111

200 OK

2.3 kB

URL HTTP/2
hh2.hh-content.com/design/menu/sound_on.svg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.3 kB (2269 bytes)
Hash
c89b911deef6444f334ee6bec8b70bae
8e9121d4a8eb7cac274a7cc6b9665531d908e604
7c114f2ad2ce1fb762d9a537d35c75de9901a6885e00a77aa1b9486dd8169c8f

HTTP Headers

GET /design/menu/sound_on.svg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:07 GMT
content-type: image/svg+xml
content-length: 2269
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-19877-h-0-0---;6141-25-26816----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png

104.152.112.111

200 OK

500 B

URL HTTP/2
hh2.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
500 B (500 bytes)
Hash
0be950aa354017dc58d2523c5d7bb687
d0fc1a220cdc3975fa92ac6f5f7b118048c54902
10bc9639649542c420fdec036e7aceedb3b16a0081c33fc97125c07b90f2b6b8

HTTP Headers

GET /design/quest_fullscreen/quest_exit_fullscreen.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:07 GMT
content-type: image/png
content-length: 500
last-modified: Fri, 23 Sep 2022 06:45:28 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4014-h-0-0---;6141-25-26816----0-0-0
X-Firefox-Spdy: h2

hh2.hh-content.com/pictures/design/form/ic_XP.png

104.152.112.111

200 OK

4.4 kB

URL HTTP/2
hh2.hh-content.com/pictures/design/form/ic_XP.png
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
4.4 kB (4352 bytes)
Hash
5a8d57bde80c34a9a0f49ae67eeba882
e7112c1c1ba4b0013ae4089568ba14390a304bbf
645ef1f9c9ef97db46d9ff931b84312e6853df6c6a5e5406677b370d391aa8ad

HTTP Headers

GET /pictures/design/form/ic_XP.png HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:07 GMT
content-type: image/png
content-length: 4352
last-modified: Tue, 29 May 2018 11:40:00 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-4014-h-0-0---;6141-25-26816----0-0-0
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/default.js?v=67522962

94.75.250.120

200 OK

4.8 kB

URL HTTP/2
www.hentaiheroes.com/js/default.js?v=67522962
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
4.8 kB (4783 bytes)
Hash
628032e842e346860ba4132a5b66fe93
d441605bb3c43621520525758d75b9c9bc99831a
1fbde569f6ce61dc1302f088318f2d1acdc24b85475e998bda540fc131c4f04a

HTTP Headers

GET /js/default.js?v=67522962 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=dj3isvmie2kp5ve19kc4pa7s9r; lang=en; ref_id=1962391; tc1=wlg20gjcbstjsccm2fd4hdlq; tc2=AdsterraChX-David; tc3=NO; tc5=18136462; source=83bb8f10-7b18-4488-94b2-c1f5634a15fc; campaign=728615; HAPBK=web10|Y91ri
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Wed, 01 Feb 2023 05:33:43 GMT
etag: "1cc7b5-5f39ccaa3fbe1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

www.hentaiheroes.com/ajax.php

94.75.250.120

200 OK

16 B

URL HTTP/2
www.hentaiheroes.com/ajax.php
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

HTTP Headers

POST /ajax.php HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 60
Origin: https://www.hentaiheroes.com
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=dj3isvmie2kp5ve19kc4pa7s9r; lang=en; ref_id=1962391; tc1=wlg20gjcbstjsccm2fd4hdlq; tc2=AdsterraChX-David; tc3=NO; tc5=18136462; source=83bb8f10-7b18-4488-94b2-c1f5634a15fc; campaign=728615; HAPBK=web10|Y91ri
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:07 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-length: 16
content-type: application/json; charset=utf-8
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b1629dede4f7e222f49a81412c439544
c5ed76c10fda7f98f028613673c529426ba2d4c8
1b22612c5c06e0431fdc88c270c48ab7c5b504d092b339f9cb520084dc75d1b2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B22612C5C06E0431FDC88C270C48AB7C5B504D092B339F9CB520084DC75D1B2"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10367
Expires: Fri, 03 Feb 2023 23:08:54 GMT
Date: Fri, 03 Feb 2023 20:16:07 GMT
Connection: keep-alive

hh2.hh-content.com/pictures/audio/bg_music_2.ogg

104.152.112.111

206 Partial Content

164 kB

URL HTTP/2
hh2.hh-content.com/pictures/audio/bg_music_2.ogg
IP
104.152.112.111:0
ASN
#11019 HAPROXY-TECHNOLOGIES

File type
Ogg data, Vorbis audio, stereo, 44100 Hz, ~48000 bps\012- data
Size
164 kB (163875 bytes)
Hash
972a22a06d18936c7d33c8b3ebac2e66
ba462ba71d9543ef8f3164876e2377e98fa2519e
6ff31281a435c9a3bf2976b2926b14cc68e4e964c74c1b4b05c75fe4a690d4ce

HTTP Headers

GET /pictures/audio/bg_music_2.ogg HTTP/1.1
Host: hh2.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 03 Feb 2023 20:16:07 GMT
content-type: audio/ogg
content-length: 1833608
last-modified: Mon, 22 Feb 2021 09:58:57 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: hh
content-range: bytes 0-1833607/1833608
x-cdn-diag: ams5-7846-0-57515-h-0-0---;6141-22-26816----0-0-1
X-Firefox-Spdy: h2

use.typekit.net/lfu1uah.css

23.36.76.186

200 OK

827 B

URL HTTP/2
use.typekit.net/lfu1uah.css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
827 B (827 bytes)
Hash
23cb3bd0e9baa58586be8877ed1fa4cf
4ba80bb386eced49c48a45d0f1760810178e4fbe
9170aa9c3289e5e5d09f40bc0941d772e3d4cde22e5f145eafdfa7b68118ad69

HTTP Headers

GET /lfu1uah.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 827
date: Fri, 03 Feb 2023 20:16:07 GMT
X-Firefox-Spdy: h2

eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate

94.75.250.120

200 OK

110 kB

URL HTTP/2
eggs-ext.kinkoid.com/authentication/start_authentication?product_id=1&language=en&purpose=authenticate
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (23247), with CRLF, LF, NEL line terminators
Size
110 kB (110216 bytes)
Hash
06ab7c28b91f09b48a7f8a0175d1b369
eeaf36bfcbec71c1060999fdcd078dc54b7681cd
4886f38d07eca0b7ecd9fff4f19c8d0f556d43f2a63c2118c1b537936120f99e

HTTP Headers

GET /authentication/start_authentication?product_id=1&language=en&purpose=authenticate HTTP/1.1
Host: eggs-ext.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST, GET
access-control-max-age: 2592000
access-control-allow-headers: protocol
content-type: text/html; charset=utf-8
date: Fri, 03 Feb 2023 20:16:07 GMT
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hide.svg

94.75.250.120

200 OK

748 B

URL HTTP/2
eggs-content.kinkoid.com/authentication/hide.svg
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (748), with no line terminators
Size
748 B (748 bytes)
Hash
cad59edc70e2ae6387ab04e4f961528f
c7bb66aa521e859f4d8a35b6b8da847862e24413
51bdb6a686feff9b34838a4e975c4ed30fb665543036b1f8adc6036be0764192

HTTP Headers

GET /authentication/hide.svg HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Fri, 03 Feb 2023 20:16:07 GMT
content-type: image/svg+xml
content-length: 748
last-modified: Tue, 14 Jul 2020 06:31:25 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hentai/logo.png

94.75.250.120

200 OK

3.4 kB

URL HTTP/2
eggs-content.kinkoid.com/authentication/hentai/logo.png
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 270 x 123, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3379 bytes)
Hash
646617323d6d9e7cc959c516687af6d2
692b46ea8a5edbe527788e6b4e497363699cad5d
c95f6a0e76f202044aaf647ad9894d5822b322adf586f3b656c99aabcab6ee4e

HTTP Headers

GET /authentication/hentai/logo.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Fri, 03 Feb 2023 20:16:07 GMT
content-type: image/png
content-length: 3379
last-modified: Tue, 14 Jul 2020 06:31:34 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hentai/forgotten_password.png

94.75.250.120

200 OK

223 kB

URL HTTP/2
eggs-content.kinkoid.com/authentication/hentai/forgotten_password.png
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size
223 kB (222857 bytes)
Hash
8ca851d27cfc171809a2df1bcda0d298
4195c1ea0fe0be41c6611f7ac2d3ad04d0c0496f
cb7c3470a20fb0ca125356f550da9f2404aabcba21b595be4b0a147ff8dc542e

HTTP Headers

GET /authentication/hentai/forgotten_password.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Fri, 03 Feb 2023 20:16:07 GMT
content-type: image/png
content-length: 222857
last-modified: Tue, 14 Jul 2020 04:40:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css

23.36.76.186

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Thu, 28 Jul 2022 22:24:50 GMT
etag: "62e30cb2-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Fri, 03 Feb 2023 20:16:07 GMT
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hentai/authenticate.png

94.75.250.120

200 OK

376 kB

URL HTTP/2
eggs-content.kinkoid.com/authentication/hentai/authenticate.png
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size
376 kB (375725 bytes)
Hash
aab6e513d0b432bdcf6dad47cd4bc8ed
fddf92ae7fc344fb7840184cd4f754b41a6adf6c
b6880722169342e566a36393a92ceefac70f35020bb5193f9872e1e0dd8a905b

HTTP Headers

GET /authentication/hentai/authenticate.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Fri, 03 Feb 2023 20:16:07 GMT
content-type: image/png
content-length: 375725
last-modified: Tue, 14 Jul 2020 04:40:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

eggs-content.kinkoid.com/authentication/hentai/register.png

94.75.250.120

200 OK

657 kB

URL HTTP/2
eggs-content.kinkoid.com/authentication/hentai/register.png
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size
657 kB (657088 bytes)
Hash
94e78471d96928c94b8a02a81744ac8d
eed3da5bce576f851fdc86811a9c02f68757ae87
9df1ddbf2d792fc3c08ab0313cb55f85d9206d897e0030d39f1ab5dcb2fa8fb6

HTTP Headers

GET /authentication/hentai/register.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Fri, 03 Feb 2023 20:16:07 GMT
content-type: image/png
content-length: 657088
last-modified: Tue, 14 Jul 2020 04:40:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hentaiheroes.com/js/chat.js?v=67522962

94.75.250.120

200 OK

0 B

URL HTTP/2
www.hentaiheroes.com/js/chat.js?v=67522962
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/chat.js?v=67522962 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/?ref_id=1962391&tc1=wlg20gjcbstjsccm2fd4hdlq&tc2=AdsterraChX-David&tc3=NO&source=83bb8f10-7b18-4488-94b2-c1f5634a15fc&campaign=728615&tc5=18136462
Cookie: HH_SESS_13=dj3isvmie2kp5ve19kc4pa7s9r; lang=en; ref_id=1962391; tc1=wlg20gjcbstjsccm2fd4hdlq; tc2=AdsterraChX-David; tc3=NO; tc5=18136462; source=83bb8f10-7b18-4488-94b2-c1f5634a15fc; campaign=728615; HAPBK=web10|Y91ri
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Wed, 01 Feb 2023 05:33:47 GMT
etag: "65cda-5f39ccae058f7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

www.hentaiheroes.com/css/default.css?v=67522960

94.75.250.120

200 OK

0 B

URL HTTP/2
www.hentaiheroes.com/css/default.css?v=67522960
IP
94.75.250.120:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/default.css?v=67522960 HTTP/1.1
Host: www.hentaiheroes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hentaiheroes.com/home.html
Cookie: HH_SESS_13=dj3isvmie2kp5ve19kc4pa7s9r; lang=en; ref_id=1962391; tc1=wlg20gjcbstjsccm2fd4hdlq; tc2=AdsterraChX-David; tc3=NO; tc5=18136462; source=83bb8f10-7b18-4488-94b2-c1f5634a15fc; campaign=728615; HAPBK=web10|Y91ri
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:16:06 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Wed, 01 Feb 2023 05:33:25 GMT
etag: "1aa92e-5f39cc9890687-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL