Report - hentaiforce.net/view/4506

Report Overview

Submitted URL
hentaiforce.net/view/4506
IP
149.202.72.71
ASN
#16276 OVH SAS
Submitted
2024-05-08 19:04:45
Access
public
Website Title
Shizuka no Umi de | In The Peaceful Ocean - HentaiForce
Final URL
hentaiforce.net/view/4506
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
runative-syndicate.com	31587	2019-01-25	2019-03-19	2024-05-04	480 B	625 B	94.130.143.224
www.redditstatic.com	1440	2011-11-09	2012-06-30	2024-05-07	900 B	14 kB	151.101.65.140
experttrafficmonitor.com	unknown	2023-11-16	2023-11-23	2024-05-04	644 B	508 B	52.58.212.182
shticksyahuna.com	unknown	unknown	No data	No data	411 B	1.5 kB	23.109.170.0
yrhnw7h63.com	unknown	2024-04-27	2024-04-29	2024-04-30	1.9 kB	293 kB	212.117.190.201
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-08	466 B	678 B	139.45.195.8
m1.hentaiforce.net	unknown	2021-11-13	2023-01-30	2024-01-02	4.8 kB	868 kB	85.17.22.131
cdn.cloudfrale.com	55750	2019-02-04	2019-02-06	2024-05-04	501 B	358 kB	45.133.44.20
negxkj5ca.com	unknown	2024-04-27	2024-04-29	2024-05-07	1.2 kB	56 kB	212.117.190.201
tsyndicate.com	13042	2017-03-08	2017-03-16	2024-05-07	472 B	617 B	159.69.137.49
i.jads.co	46788	2012-05-17	2019-12-04	2024-05-07	1.2 kB	186 kB	185.76.9.22
p.hentaiforce.net	unknown	2021-11-13	2023-02-26	2023-11-11	476 B	348 B	149.202.72.71
hentaiforce.net	unknown	2021-11-13	2023-01-30	2023-11-09	12 kB	406 kB	149.202.72.71
poweredby.jads.co	30525	2012-05-17	2019-12-04	2024-05-04	2.7 kB	9.7 kB	185.94.236.244
twistconcept.com	unknown	2022-04-14	2020-08-23	2024-05-06	442 B	9.8 kB	172.67.215.17
qqjar.ru	143440	2023-11-27	2019-07-18	2024-04-18	466 B	0 B	0.0.0.0
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-07	338 B	942 B	143.204.53.97
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-08	465 B	769 B	52.58.212.182
bigstoreminigames.space	unknown	2024-02-21	2024-02-21	2024-04-22	475 B	77 kB	104.21.85.92
holdingholly.space	unknown	unknown	No data	No data	570 B	3.3 kB	104.21.47.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	shticksyahuna.com	Sinkholed
2024-05-08	medium	experttrafficmonitor.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	poweredby.jads.co/js/jads.js	3.8 kB	2023-03-07	2024-05-12
Pretty URL poweredby.jads.co/js/jads.js IP 185.94.236.244 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2024-05-12 13:26:19 Times Seen8550 Hash bc8141c4650030c41f6a98026b12ce80 af5618f7e467a207d4c64627be580283ab5640cd 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51 Loading...

	shticksyahuna.com/gvBr5cHatMu3X/80748	6 B	2023-03-07	2024-05-20
Pretty URL shticksyahuna.com/gvBr5cHatMu3X/80748 IP 23.109.170.0 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-05-20 01:32:03 Times Seen10118 Hash 4fc71bf68a1d477bd1523733e34d1e90 15119105cffbe108b6cf290146ab02c9aa8517ba 74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce Loading...

	unknown	9 B	2023-03-07	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-20 00:23:46 Times Seen16779 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

	negxkj5ca.com/lv/esnk/1988357/code.js	116 kB	2024-05-08	2024-05-08
Pretty URL negxkj5ca.com/lv/esnk/1988357/code.js IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:04:53 Last Seen2024-05-08 21:04:53 Times Seen1 Hash 8d6935fa312cd00c3f389c0ce40f17a5 089ec7d01bee317603a52ced1a40415f65911575 0f9487d229cad6d52511446580570924d493778a0012742d505e77386bcb343b Loading...

	poweredby.jads.co/adshow.php?adzone=1043620	0 B	2023-03-07	2024-05-20
Pretty URL poweredby.jads.co/adshow.php?adzone=1043620 IP 185.94.236.244 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 01:33:24 Times Seen37850234 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	twistconcept.com/index.min.js?pk=e39a6a46f15b8ccd52813778a058820a	653 B	2023-11-23	2024-05-19
Pretty URL twistconcept.com/index.min.js?pk=e39a6a46f15b8ccd52813778a058820a IP 172.67.215.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 14:59:07 Last Seen2024-05-19 22:07:47 Times Seen282 Hash 2058d53d084116ff3d36c8a630556710 8bcd226cf5ddb64be846ad645360638e82269097 6af3e3bd3016f5762e3dc3dbd8fc7bbf00f4ec9349bee71a23bbe5547dcffd1e Loading...

	holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net	381 B	2023-04-11	2024-05-19
Pretty URL holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net IP 104.21.47.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-11 01:22:26 Last Seen2024-05-19 17:01:21 Times Seen26 Hash 01ecb678459e699fd01750859e2e93df 3b90873c7d39da7bdd9e986fc9aed57ce5730a59 cb1b370d5b54c165edb7f76ee9dd183113a57e0ca4acb17cd5d5d1740f9a85f9 Loading...

	hentaiforce.net/js/hentaiforce-any-2021-04-18.js?p7om89sc978b7f8b	101 kB	2024-04-18	2024-05-08
Pretty URL hentaiforce.net/js/hentaiforce-any-2021-04-18.js?p7om89sc978b7f8b IP 149.202.72.71 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 13:23:36 Last Seen2024-05-08 21:04:54 Times Seen4 Hash 8fc0fb33a13067c2b55e8d61227f456f 38722c1a282a2625575920153b8147a7d807b51b 4d5a57f78e18dae3a513b45df60e5287ebcea58f2c5bba7df7c8049572db768c Loading...

	hentaiforce.net/js/hentaiforce-main-2021-05-119.js?p7om89sc978b7f8b	217 kB	2024-05-08	2024-05-08
Pretty URL hentaiforce.net/js/hentaiforce-main-2021-05-119.js?p7om89sc978b7f8b IP 149.202.72.71 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:04:53 Last Seen2024-05-08 21:04:53 Times Seen1 Hash 2095e57d3a3a018cb809912a16bbbcfb af4b6d94be6f35c464b624b2b6a58e715f3bd0ec 9b28da346c5052e3fd291c4822f4353efc2aabd460f8e9cdc8e0e1580bc885e4 Loading...

	unknown	64 B	2024-04-18	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 13:23:37 Last Seen2024-05-08 21:04:53 Times Seen2 Hash c67d68dd65ff5901d2c4f6ac4c916e01 8c0c83f7a3804891fdc153460c1d28ab067e973a cd8122ebc6d3a8bff51a2e9776deb765845f3c26ac50b2bb8df5464e27826107 Loading...

	www.redditstatic.com/ads/pixel.js	43 kB	2024-05-07	2024-05-19
Pretty URL www.redditstatic.com/ads/pixel.js IP 151.101.65.140 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 22:07:42 Last Seen2024-05-19 20:48:57 Times Seen352 Hash 9d7767c3fb6cfadcd8db56b8ac8ec4b6 611475c945b7196c9b241ecc1c760f03e813353c 5ccd2a2d0cfc8f7b36c238c935a36c751eb306a4f23788a0c6c33eec1a5a2071 Loading...

	hentaiforce.net/view/4506	1.4 kB	2024-04-18	2024-05-08
Pretty URL hentaiforce.net/view/4506 IP 149.202.72.71 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 13:23:36 Last Seen2024-05-08 21:04:53 Times Seen2 Hash 7f7a21ac9a5365795c5a7d3cd0afed44 53fd6a4cfc03588e55eebf5333d26f5826acf168 663684e1786e9d4a74a528c5de6ca57eaf642367f00bbe8b7ed490a5eee13a5d Loading...

	yrhnw7h63.com/t/9/fret/meow4/1988352/b8315dac.js	106 kB	2024-05-08	2024-05-08
Pretty URL yrhnw7h63.com/t/9/fret/meow4/1988352/b8315dac.js IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:04:53 Last Seen2024-05-08 21:04:54 Times Seen2 Hash c40d932aa745e689126da6572a4c0eee 2ba0a59b90c91980a51e68e7b0fcf0e389dd9956 57df8d418df3005545f01d96dd60197bb660bc0594b158e366159034544ffa5f Loading...

	yrhnw7h63.com/get/1988352?zoneid=1988352&jp=_clneu3yhzl4ov5pds9ovy4&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304856511028736&eclog=0&im=1&uf=0	2.9 kB	2024-05-08	2024-05-08
Pretty URL yrhnw7h63.com/get/1988352?zoneid=1988352&jp=_clneu3yhzl4ov5pds9ovy4&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304856511028736&eclog=0&im=1&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:04:53 Last Seen2024-05-08 21:04:53 Times Seen1 Hash 08b361bd36fc09c28fa48e09062836e2 9007d2bfe9be55b34359686e2ed1203bb28aaf52 791ceaa43b7d1c71d1374a5b419a300298313604253f0068cc6da41d850a65b4 Loading...

	negxkj5ca.com/get/1988357?zoneid=1988357&jp=_clthzl3gx5frz5nn013ymi&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801256883670528&eclog=0&im=1&freq=0&uf=0	4.2 kB	2024-05-08	2024-05-08
Pretty URL negxkj5ca.com/get/1988357?zoneid=1988357&jp=_clthzl3gx5frz5nn013ymi&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801256883670528&eclog=0&im=1&freq=0&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:04:53 Last Seen2024-05-08 21:04:53 Times Seen1 Hash 0028a11cdc7a4a68fcdfad45159bb38e 255eab123373cf8726e632d9dea2960e7cbbd8e0 a4f298366a45cfb6ab4cbd272a67f1041e100aec96d62465cdd3df01d9e669e2 Loading...

	hentaiforce.net/view/4506	33 B	2024-04-18	2024-05-08
Pretty URL hentaiforce.net/view/4506 IP 149.202.72.71 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 13:23:37 Last Seen2024-05-08 21:04:53 Times Seen3 Hash 04629d34c7f88ef5e9c60bc0cceaeb27 2cd56fd2bb295b5547bcb831e247511f7de88d3a 266e2152fbc686a91d97fc29e986bbd37685baa06b718336659460ceddd9fee2 Loading...

	unknown	64 B	2024-04-18	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 13:23:37 Last Seen2024-05-08 21:04:53 Times Seen2 Hash cfcb97b51bf96fe8f796e0bb700b81c4 4c79b9e4cc39d172be3ea85c62d7bec915ba97ab 7e31641738b127cedcc4fed44536cd44fced821e446cdda701a83326a385cfcb Loading...

HTTP Transactions (46)

URL IP Response Size

p.hentaiforce.net/api/event

149.202.72.71

202 Accepted

2 B

URL POST HTTP/2
p.hentaiforce.net/api/event
IP
149.202.72.71:443
ASN
#16276 OVH SAS

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectp.hentaiforce.net
FingerprintC5:F3:7C:25:D1:CE:61:44:A1:62:56:A1:C2:3C:2A:D0:CC:77:5E:37
ValiditySat, 06 Jan 2024 11:41:14 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /api/event HTTP/1.1
Host: p.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 83
Origin: https://hentaiforce.net
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 202 Accepted
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
x-request-id: F82Y0ZY22bGlZlimBVpB
X-Firefox-Spdy: h2

hentaiforce.net/css/hentaiforce-2022-01-114.css?p7om89sc978b7f8b

149.202.72.71

200 OK

26 kB

URL GET HTTP/2
hentaiforce.net/css/hentaiforce-2022-01-114.css?p7om89sc978b7f8b
IP
149.202.72.71:443
ASN
#16276 OVH SAS

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjecthentaiforce.net
Fingerprint6A:C9:B5:48:3E:D6:B5:C8:27:EE:71:9B:8A:4C:BA:5C:B1:02:DE:04
ValiditySat, 06 Jan 2024 11:37:28 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
gzip compressed data, from Unix
Size
26 kB (26019 bytes)
Hash
7a031f25dc73fd5ed9250fbf5975a337
fb28bcf02282f7fcb6e926775b7e5726d5658599
3d7ded3c14cba8ed0c04e8b38b0ba9f101a1851628eb12ff12e183091e2b7a63

HTTP Headers

GET /css/hentaiforce-2022-01-114.css?p7om89sc978b7f8b HTTP/1.1
Host: hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/view/4506
Cookie: XSRF-TOKEN=eyJpdiI6IlpveTRnemd4QzVuWU9FWEdyV05nQkE9PSIsInZhbHVlIjoiTkFrY0xtOE9WR2VubEVIVngwblVEUmppaW5iVlZhdFh0NTVpZm0yeDNlVWlYL3FVZWJWenhTTU1UR0d5UEFIZ2ZPV0c4VTQvY3RZTE44Sk5xM243a2FTWXhCY2drR29qaENkWjcvVXpVcXhkTXBSaGJnTldndU5vQmhGVVdudUkiLCJtYWMiOiJhZmY0YjdjMDJmNDhhOTk0NDFkZTE3ODZlZmQyNWUwNmQwZGNkNzM2Zjc1MDgzOThjZmI2ZDIyOWU3NGZmODk1IiwidGFnIjoiIn0%3D; hforce_sess=eyJpdiI6ImtQcDR5YlozVUtJMmxodmUrbU53N2c9PSIsInZhbHVlIjoiSENFei8zVFlIZ2pkOXc5QXpEanFIWE8rcXpzTVlra2lxaGxEL2M3SWlIdkNpZnZUS2xnaEJwQlk2bmlSNlJ4cThzcGlhNXV1clIxWFVpbElrZ1hnYjd1eVBWR2JuT3Ivcmo1bzdZYXQ5azJCYlpSa1NOcytjT1dnWG03UlozUGEiLCJtYWMiOiI5NWE4Zjc3Y2QyNmJmMjZkNDU4MmQxMjQ0M2RhNDhiYzE5NDg3YmY1NjZmMGE2YTg4ZGE4YjI3OTMwNWE3ZDlkIiwidGFnIjoiIn0%3D; GbEQEW4AECaaAzhLIZ6MZxSITROhwI1eSO1i9HHv=eyJpdiI6InVZL1IvT2V3ZHpSaWJpdGNNbHFqamc9PSIsInZhbHVlIjoiY29Uc0RlZUNJWVhvek9HSGhyV1ZMSU5IZWJVWllPQk1adW05TnhYK0Nhdk92OEx1OXYvTmdCa2F1NE90ZmxnQlZmV0NialRrZ3dTVlZtZ2t0cjBDRDR6TEltbGZTNnkvVGlUMkJIZUpMU1lpMFA4ZW9lTHc3a2pZa014VE5kYmlldGc0UkZMVHhtTHVDYWhzYXVPSldxZy9BZ2VPRkIyNDRoSjNhQ2hHWkpxVk51UXhHV1lOcTIxNlBNNjk0T3E0K3JpVUZVYmYwb2l6VndWeGdHMy9HdUczeTJ3bHQzaXo0c1h0SE1nQUp3RnQ1RWtMYmhUMzE0VDlLcHdHVTlCQnRyaU5selZ6OXJ0OUVLWENsa2pDekdyTTZoSkI1M1M2eGhXNnFCNlNJVnlPdVdGWjdXQ2pVTzNudkxwL0JHQ2cvNjEvVHNvTm5Wa1BBMEF0VnpYdWwzMEdlaVltbjVvNEFCNHJCRzZlVzUvUjBJaTliQ1U3Q25OL3RCSWJBczcrIiwibWFjIjoiYzMwODlhMDJjNGNmYzhmMTNkOTZmOGQwZjVjOTZkNDVkNjA0OGYzZjlhZGU2YzBkOTIyMmNjM2FlNGYxODQ1NiIsInRhZyI6IiJ9; show_popup_ads=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:18 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 11:27:25 GMT
vary: Accept-Encoding
etag: W/"65aa5c9d-2b2b4"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
content-encoding: gzip
X-Firefox-Spdy: h2

shticksyahuna.com/gvBr5cHatMu3X/80748

23.109.170.0

200 OK

26 B

URL GET HTTP/1.1
shticksyahuna.com/gvBr5cHatMu3X/80748
IP
23.109.170.0:443
ASN
#7979 SERVERS-COM

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerLet's Encrypt
Subjectshticksyahuna.com
Fingerprint4B:01:49:6F:25:41:64:3F:A5:8C:52:4B:B1:D5:71:D5:8C:40:87:EB
ValiditySat, 09 Mar 2024 10:55:10 GMT - Fri, 07 Jun 2024 10:55:09 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gvBr5cHatMu3X/80748 HTTP/1.1
Host: shticksyahuna.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 19:04:19 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hentaiforce.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 09-May-2024 19:04:19 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 09-May-2024 19:04:19 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

yrhnw7h63.com/solid.gif?z=1988352&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304856511028736&eclog=0&im=1

212.117.190.201

200 OK

43 B

URL POST HTTP/2
yrhnw7h63.com/solid.gif?z=1988352&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304856511028736&eclog=0&im=1
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint96:1A:C9:02:DA:91:EC:65:7E:9E:52:D6:20:FD:F1:B3:C5:23:ED:6C
ValiditySat, 27 Apr 2024 13:01:12 GMT - Wed, 23 Oct 2024 21:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=1988352&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304856511028736&eclog=0&im=1 HTTP/1.1
Host: yrhnw7h63.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hentaiforce.net
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 19:04:19 GMT; Secure; SameSite=None
UID=2405081404840882d1e3bc4fb8b584f91a82; Path=/; Expires=Wed, 11 Jun 2025 19:04:19 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

hentaiforce.net/apple-touch-icon.png

149.202.72.71

200 OK

11 kB

URL GET HTTP/2
hentaiforce.net/apple-touch-icon.png
IP
149.202.72.71:443
ASN
#16276 OVH SAS

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjecthentaiforce.net
Fingerprint6A:C9:B5:48:3E:D6:B5:C8:27:EE:71:9B:8A:4C:BA:5C:B1:02:DE:04
ValiditySat, 06 Jan 2024 11:37:28 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced
Size
11 kB (10736 bytes)
Hash
c75c961a90eea63bf38a32447fc863d4
8e60b1fc1209537399ce647ab7f5000799b28f8e
2b09f8e2a2fe0dd75d70c6d13564d8988e971ac71cd77defce1536f58727cf67

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/view/4506
Cookie: XSRF-TOKEN=eyJpdiI6IlpveTRnemd4QzVuWU9FWEdyV05nQkE9PSIsInZhbHVlIjoiTkFrY0xtOE9WR2VubEVIVngwblVEUmppaW5iVlZhdFh0NTVpZm0yeDNlVWlYL3FVZWJWenhTTU1UR0d5UEFIZ2ZPV0c4VTQvY3RZTE44Sk5xM243a2FTWXhCY2drR29qaENkWjcvVXpVcXhkTXBSaGJnTldndU5vQmhGVVdudUkiLCJtYWMiOiJhZmY0YjdjMDJmNDhhOTk0NDFkZTE3ODZlZmQyNWUwNmQwZGNkNzM2Zjc1MDgzOThjZmI2ZDIyOWU3NGZmODk1IiwidGFnIjoiIn0%3D; hforce_sess=eyJpdiI6ImtQcDR5YlozVUtJMmxodmUrbU53N2c9PSIsInZhbHVlIjoiSENFei8zVFlIZ2pkOXc5QXpEanFIWE8rcXpzTVlra2lxaGxEL2M3SWlIdkNpZnZUS2xnaEJwQlk2bmlSNlJ4cThzcGlhNXV1clIxWFVpbElrZ1hnYjd1eVBWR2JuT3Ivcmo1bzdZYXQ5azJCYlpSa1NOcytjT1dnWG03UlozUGEiLCJtYWMiOiI5NWE4Zjc3Y2QyNmJmMjZkNDU4MmQxMjQ0M2RhNDhiYzE5NDg3YmY1NjZmMGE2YTg4ZGE4YjI3OTMwNWE3ZDlkIiwidGFnIjoiIn0%3D; GbEQEW4AECaaAzhLIZ6MZxSITROhwI1eSO1i9HHv=eyJpdiI6InVZL1IvT2V3ZHpSaWJpdGNNbHFqamc9PSIsInZhbHVlIjoiY29Uc0RlZUNJWVhvek9HSGhyV1ZMSU5IZWJVWllPQk1adW05TnhYK0Nhdk92OEx1OXYvTmdCa2F1NE90ZmxnQlZmV0NialRrZ3dTVlZtZ2t0cjBDRDR6TEltbGZTNnkvVGlUMkJIZUpMU1lpMFA4ZW9lTHc3a2pZa014VE5kYmlldGc0UkZMVHhtTHVDYWhzYXVPSldxZy9BZ2VPRkIyNDRoSjNhQ2hHWkpxVk51UXhHV1lOcTIxNlBNNjk0T3E0K3JpVUZVYmYwb2l6VndWeGdHMy9HdUczeTJ3bHQzaXo0c1h0SE1nQUp3RnQ1RWtMYmhUMzE0VDlLcHdHVTlCQnRyaU5selZ6OXJ0OUVLWENsa2pDekdyTTZoSkI1M1M2eGhXNnFCNlNJVnlPdVdGWjdXQ2pVTzNudkxwL0JHQ2cvNjEvVHNvTm5Wa1BBMEF0VnpYdWwzMEdlaVltbjVvNEFCNHJCRzZlVzUvUjBJaTliQ1U3Q25OL3RCSWJBczcrIiwibWFjIjoiYzMwODlhMDJjNGNmYzhmMTNkOTZmOGQwZjVjOTZkNDVkNjA0OGYzZjlhZGU2YzBkOTIyMmNjM2FlNGYxODQ1NiIsInRhZyI6IiJ9; show_popup_ads=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/png
content-length: 10736
last-modified: Fri, 24 Feb 2023 09:11:41 GMT
etag: "63f87f4d-29f0"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
accept-ranges: bytes
X-Firefox-Spdy: h2

hentaiforce.net/favicon-16x16.png

149.202.72.71

200 OK

1.0 kB

URL GET HTTP/2
hentaiforce.net/favicon-16x16.png
IP
149.202.72.71:443
ASN
#16276 OVH SAS

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjecthentaiforce.net
Fingerprint6A:C9:B5:48:3E:D6:B5:C8:27:EE:71:9B:8A:4C:BA:5C:B1:02:DE:04
ValiditySat, 06 Jan 2024 11:37:28 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.0 kB (1047 bytes)
Hash
409ba8eefa43292bb25b9a3ccc0d9ac4
8ad82fa17cc120f9e682527fecbdb1f7f09ac2c8
7543f42a0235ad3dde015461212796d457e7a44f345d32b80b5cf4958b2a84a2

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/view/4506
Cookie: XSRF-TOKEN=eyJpdiI6IlpveTRnemd4QzVuWU9FWEdyV05nQkE9PSIsInZhbHVlIjoiTkFrY0xtOE9WR2VubEVIVngwblVEUmppaW5iVlZhdFh0NTVpZm0yeDNlVWlYL3FVZWJWenhTTU1UR0d5UEFIZ2ZPV0c4VTQvY3RZTE44Sk5xM243a2FTWXhCY2drR29qaENkWjcvVXpVcXhkTXBSaGJnTldndU5vQmhGVVdudUkiLCJtYWMiOiJhZmY0YjdjMDJmNDhhOTk0NDFkZTE3ODZlZmQyNWUwNmQwZGNkNzM2Zjc1MDgzOThjZmI2ZDIyOWU3NGZmODk1IiwidGFnIjoiIn0%3D; hforce_sess=eyJpdiI6ImtQcDR5YlozVUtJMmxodmUrbU53N2c9PSIsInZhbHVlIjoiSENFei8zVFlIZ2pkOXc5QXpEanFIWE8rcXpzTVlra2lxaGxEL2M3SWlIdkNpZnZUS2xnaEJwQlk2bmlSNlJ4cThzcGlhNXV1clIxWFVpbElrZ1hnYjd1eVBWR2JuT3Ivcmo1bzdZYXQ5azJCYlpSa1NOcytjT1dnWG03UlozUGEiLCJtYWMiOiI5NWE4Zjc3Y2QyNmJmMjZkNDU4MmQxMjQ0M2RhNDhiYzE5NDg3YmY1NjZmMGE2YTg4ZGE4YjI3OTMwNWE3ZDlkIiwidGFnIjoiIn0%3D; GbEQEW4AECaaAzhLIZ6MZxSITROhwI1eSO1i9HHv=eyJpdiI6InVZL1IvT2V3ZHpSaWJpdGNNbHFqamc9PSIsInZhbHVlIjoiY29Uc0RlZUNJWVhvek9HSGhyV1ZMSU5IZWJVWllPQk1adW05TnhYK0Nhdk92OEx1OXYvTmdCa2F1NE90ZmxnQlZmV0NialRrZ3dTVlZtZ2t0cjBDRDR6TEltbGZTNnkvVGlUMkJIZUpMU1lpMFA4ZW9lTHc3a2pZa014VE5kYmlldGc0UkZMVHhtTHVDYWhzYXVPSldxZy9BZ2VPRkIyNDRoSjNhQ2hHWkpxVk51UXhHV1lOcTIxNlBNNjk0T3E0K3JpVUZVYmYwb2l6VndWeGdHMy9HdUczeTJ3bHQzaXo0c1h0SE1nQUp3RnQ1RWtMYmhUMzE0VDlLcHdHVTlCQnRyaU5selZ6OXJ0OUVLWENsa2pDekdyTTZoSkI1M1M2eGhXNnFCNlNJVnlPdVdGWjdXQ2pVTzNudkxwL0JHQ2cvNjEvVHNvTm5Wa1BBMEF0VnpYdWwzMEdlaVltbjVvNEFCNHJCRzZlVzUvUjBJaTliQ1U3Q25OL3RCSWJBczcrIiwibWFjIjoiYzMwODlhMDJjNGNmYzhmMTNkOTZmOGQwZjVjOTZkNDVkNjA0OGYzZjlhZGU2YzBkOTIyMmNjM2FlNGYxODQ1NiIsInRhZyI6IiJ9; show_popup_ads=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/png
content-length: 1047
last-modified: Fri, 24 Feb 2023 09:11:41 GMT
etag: "63f87f4d-417"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
accept-ranges: bytes
X-Firefox-Spdy: h2

hentaiforce.net/images/loading-animated-small.svg?5006f99d94638701b9850505a8a530af

149.202.72.71

200 OK

827 B

URL GET HTTP/2
hentaiforce.net/images/loading-animated-small.svg?5006f99d94638701b9850505a8a530af
IP
149.202.72.71:443
ASN
#16276 OVH SAS

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjecthentaiforce.net
Fingerprint6A:C9:B5:48:3E:D6:B5:C8:27:EE:71:9B:8A:4C:BA:5C:B1:02:DE:04
ValiditySat, 06 Jan 2024 11:37:28 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
SVG Scalable Vector Graphics image
Size
827 B (827 bytes)
Hash
cb30c805d165943696c2c862852ffa30
a4be930b25656bcff180e19350f6b9fafe452180
d70880e554617c0ec7c88febed05bb8bf645e431070d6b09d7aa1a596da23785

HTTP Headers

GET /images/loading-animated-small.svg?5006f99d94638701b9850505a8a530af HTTP/1.1
Host: hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/css/hentaiforce-2022-01-114.css?p7om89sc978b7f8b
Cookie: XSRF-TOKEN=eyJpdiI6IlpveTRnemd4QzVuWU9FWEdyV05nQkE9PSIsInZhbHVlIjoiTkFrY0xtOE9WR2VubEVIVngwblVEUmppaW5iVlZhdFh0NTVpZm0yeDNlVWlYL3FVZWJWenhTTU1UR0d5UEFIZ2ZPV0c4VTQvY3RZTE44Sk5xM243a2FTWXhCY2drR29qaENkWjcvVXpVcXhkTXBSaGJnTldndU5vQmhGVVdudUkiLCJtYWMiOiJhZmY0YjdjMDJmNDhhOTk0NDFkZTE3ODZlZmQyNWUwNmQwZGNkNzM2Zjc1MDgzOThjZmI2ZDIyOWU3NGZmODk1IiwidGFnIjoiIn0%3D; hforce_sess=eyJpdiI6ImtQcDR5YlozVUtJMmxodmUrbU53N2c9PSIsInZhbHVlIjoiSENFei8zVFlIZ2pkOXc5QXpEanFIWE8rcXpzTVlra2lxaGxEL2M3SWlIdkNpZnZUS2xnaEJwQlk2bmlSNlJ4cThzcGlhNXV1clIxWFVpbElrZ1hnYjd1eVBWR2JuT3Ivcmo1bzdZYXQ5azJCYlpSa1NOcytjT1dnWG03UlozUGEiLCJtYWMiOiI5NWE4Zjc3Y2QyNmJmMjZkNDU4MmQxMjQ0M2RhNDhiYzE5NDg3YmY1NjZmMGE2YTg4ZGE4YjI3OTMwNWE3ZDlkIiwidGFnIjoiIn0%3D; GbEQEW4AECaaAzhLIZ6MZxSITROhwI1eSO1i9HHv=eyJpdiI6InVZL1IvT2V3ZHpSaWJpdGNNbHFqamc9PSIsInZhbHVlIjoiY29Uc0RlZUNJWVhvek9HSGhyV1ZMSU5IZWJVWllPQk1adW05TnhYK0Nhdk92OEx1OXYvTmdCa2F1NE90ZmxnQlZmV0NialRrZ3dTVlZtZ2t0cjBDRDR6TEltbGZTNnkvVGlUMkJIZUpMU1lpMFA4ZW9lTHc3a2pZa014VE5kYmlldGc0UkZMVHhtTHVDYWhzYXVPSldxZy9BZ2VPRkIyNDRoSjNhQ2hHWkpxVk51UXhHV1lOcTIxNlBNNjk0T3E0K3JpVUZVYmYwb2l6VndWeGdHMy9HdUczeTJ3bHQzaXo0c1h0SE1nQUp3RnQ1RWtMYmhUMzE0VDlLcHdHVTlCQnRyaU5selZ6OXJ0OUVLWENsa2pDekdyTTZoSkI1M1M2eGhXNnFCNlNJVnlPdVdGWjdXQ2pVTzNudkxwL0JHQ2cvNjEvVHNvTm5Wa1BBMEF0VnpYdWwzMEdlaVltbjVvNEFCNHJCRzZlVzUvUjBJaTliQ1U3Q25OL3RCSWJBczcrIiwibWFjIjoiYzMwODlhMDJjNGNmYzhmMTNkOTZmOGQwZjVjOTZkNDVkNjA0OGYzZjlhZGU2YzBkOTIyMmNjM2FlNGYxODQ1NiIsInRhZyI6IiJ9; show_popup_ads=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/svg+xml
content-length: 827
last-modified: Tue, 21 Mar 2023 14:42:11 GMT
etag: "6419c243-33b"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
accept-ranges: bytes
X-Firefox-Spdy: h2

poweredby.jads.co/js/jads.js

185.94.236.244

301 Moved Permanently

178 B

URL GET HTTP/1.1
poweredby.jads.co/js/jads.js
IP
185.94.236.244:443
ASN
#42567 Mojohost B.v.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38
ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 08 May 2024 19:04:19 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js

poweredby.jads.co/js/jads.js

185.94.236.244

301 Moved Permanently

178 B

URL GET HTTP/1.1
poweredby.jads.co/js/jads.js
IP
185.94.236.244:443
ASN
#42567 Mojohost B.v.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38
ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 08 May 2024 19:04:19 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js

m1.hentaiforce.net/img/293545-10t.jpg

85.17.22.131

200 OK

61 kB

URL GET HTTP/2
m1.hentaiforce.net/img/293545-10t.jpg
IP
85.17.22.131:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectm1.hentaiforce.net
FingerprintC2:3A:61:4C:DC:41:DB:93:93:18:2B:2E:84:8E:E2:6C:8F:A4:F1:D0
ValiditySat, 06 Jan 2024 11:30:33 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x590, Scaling: [none]x[none], YUV color, decoders should clamp
Size
61 kB (60642 bytes)
Hash
fceedc6b140e4430daaa3e450a5a4f9f
d886024c9a7933bfc561416c59a89728ecddf0ff
49c7cc7ac57014191aac440df4e691055b05ce730dcafac6e05f347dfc989634

HTTP Headers

GET /img/293545-10t.jpg HTTP/1.1
Host: m1.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/webp
content-length: 60642
last-modified: Mon, 21 Feb 2022 16:04:16 GMT
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

m1.hentaiforce.net/img/293545-3t.jpg

85.17.22.131

200 OK

62 kB

URL GET HTTP/2
m1.hentaiforce.net/img/293545-3t.jpg
IP
85.17.22.131:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectm1.hentaiforce.net
FingerprintC2:3A:61:4C:DC:41:DB:93:93:18:2B:2E:84:8E:E2:6C:8F:A4:F1:D0
ValiditySat, 06 Jan 2024 11:30:33 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x590, Scaling: [none]x[none], YUV color, decoders should clamp
Size
62 kB (62184 bytes)
Hash
f885424167cdf5143166a6fc4ae0c82d
f7e3f3e427b680ba60ba9b674a54133ecbcb16ac
72b2d03be05cab3b092aa530faa358f0b11a7993a742484f1e38854628436ee2

HTTP Headers

GET /img/293545-3t.jpg HTTP/1.1
Host: m1.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/webp
content-length: 62184
last-modified: Mon, 21 Feb 2022 16:04:14 GMT
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

m1.hentaiforce.net/img/293545-6t.jpg

85.17.22.131

200 OK

73 kB

URL GET HTTP/2
m1.hentaiforce.net/img/293545-6t.jpg
IP
85.17.22.131:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectm1.hentaiforce.net
FingerprintC2:3A:61:4C:DC:41:DB:93:93:18:2B:2E:84:8E:E2:6C:8F:A4:F1:D0
ValiditySat, 06 Jan 2024 11:30:33 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x590, Scaling: [none]x[none], YUV color, decoders should clamp
Size
73 kB (73144 bytes)
Hash
3aca1829971b28ffea5f58a4e44ea235
2a1b93b993d1a4c265c66bb0342acc6bb01e9851
7939f6638438326e16ab44cdbadd3ef4b53003d90f7a45f5ab5976a35c4069d9

HTTP Headers

GET /img/293545-6t.jpg HTTP/1.1
Host: m1.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/webp
content-length: 73144
last-modified: Mon, 21 Feb 2022 16:04:14 GMT
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

yrhnw7h63.com/get/1988352?zoneid=1988352&jp=_clneu3yhzl4ov5pds9ovy4&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304856511028736&eclog=0&im=1&uf=0

212.117.190.201

200 OK

184 kB

URL GET HTTP/2
yrhnw7h63.com/get/1988352?zoneid=1988352&jp=_clneu3yhzl4ov5pds9ovy4&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304856511028736&eclog=0&im=1&uf=0
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint96:1A:C9:02:DA:91:EC:65:7E:9E:52:D6:20:FD:F1:B3:C5:23:ED:6C
ValiditySat, 27 Apr 2024 13:01:12 GMT - Wed, 23 Oct 2024 21:59:00 GMT

File type
gzip compressed data, from Unix
Size
184 kB (183551 bytes)
Hash
ee528adf4e215c212910704ec0f88e69
0c2adc8559cf1460c51474369fe1eeedf6cb66f0
63663c450926583de2cd7455979813387f3eda94c8bce3eec322ae5e3f3ccdaa

HTTP Headers

GET /get/1988352?zoneid=1988352&jp=_clneu3yhzl4ov5pds9ovy4&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304856511028736&eclog=0&im=1&uf=0 HTTP/1.1
Host: yrhnw7h63.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 19:04:19 GMT; Secure; SameSite=None
UID=24050814040478c6aec06043e08988138395; Path=/; Expires=Wed, 11 Jun 2025 19:04:19 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

m1.hentaiforce.net/img/293545-7t.jpg

85.17.22.131

200 OK

74 kB

URL GET HTTP/2
m1.hentaiforce.net/img/293545-7t.jpg
IP
85.17.22.131:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectm1.hentaiforce.net
FingerprintC2:3A:61:4C:DC:41:DB:93:93:18:2B:2E:84:8E:E2:6C:8F:A4:F1:D0
ValiditySat, 06 Jan 2024 11:30:33 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x590, Scaling: [none]x[none], YUV color, decoders should clamp
Size
74 kB (74276 bytes)
Hash
ed6fe6ebbec1b0eb6d01af17fffbfc64
fdb430aa4b8ce9b37b350a4adf0e1b891119a47d
d06c13a8922ef12b650e2370935dd9ecddf237c1bd470c654adf6f5e6fad2d22

HTTP Headers

GET /img/293545-7t.jpg HTTP/1.1
Host: m1.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/webp
content-length: 74276
last-modified: Mon, 21 Feb 2022 16:04:14 GMT
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

m1.hentaiforce.net/img/293545-8t.jpg

85.17.22.131

200 OK

67 kB

URL GET HTTP/2
m1.hentaiforce.net/img/293545-8t.jpg
IP
85.17.22.131:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectm1.hentaiforce.net
FingerprintC2:3A:61:4C:DC:41:DB:93:93:18:2B:2E:84:8E:E2:6C:8F:A4:F1:D0
ValiditySat, 06 Jan 2024 11:30:33 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x590, Scaling: [none]x[none], YUV color, decoders should clamp
Size
67 kB (66900 bytes)
Hash
7d89f9dcf3b3cc57a7d4d6c712900567
4653b7604cece728853d874137c7d801617424c2
8fafa3e9530cfd9db596b33a724abd06996f0a4b1a04184037d286e7e81c5a78

HTTP Headers

GET /img/293545-8t.jpg HTTP/1.1
Host: m1.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/webp
content-length: 66900
last-modified: Mon, 21 Feb 2022 16:04:16 GMT
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

m1.hentaiforce.net/img/293545-9t.jpg

85.17.22.131

200 OK

66 kB

URL GET HTTP/2
m1.hentaiforce.net/img/293545-9t.jpg
IP
85.17.22.131:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectm1.hentaiforce.net
FingerprintC2:3A:61:4C:DC:41:DB:93:93:18:2B:2E:84:8E:E2:6C:8F:A4:F1:D0
ValiditySat, 06 Jan 2024 11:30:33 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x590, Scaling: [none]x[none], YUV color, decoders should clamp
Size
66 kB (65686 bytes)
Hash
39c44d4afcf51c7d9042cab9657480fc
722e51ab9b51b5804fe38e4ede908e93686a1be0
9e7ef9f281335de1b2e550fbe672af0833cc66bd35e59f3a31552a6da4e8f884

HTTP Headers

GET /img/293545-9t.jpg HTTP/1.1
Host: m1.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/webp
content-length: 65686
last-modified: Mon, 21 Feb 2022 16:04:16 GMT
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

m1.hentaiforce.net/img/293545-2t.jpg

85.17.22.131

200 OK

76 kB

URL GET HTTP/2
m1.hentaiforce.net/img/293545-2t.jpg
IP
85.17.22.131:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectm1.hentaiforce.net
FingerprintC2:3A:61:4C:DC:41:DB:93:93:18:2B:2E:84:8E:E2:6C:8F:A4:F1:D0
ValiditySat, 06 Jan 2024 11:30:33 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x590, Scaling: [none]x[none], YUV color, decoders should clamp
Size
76 kB (76098 bytes)
Hash
74a2607e6581b6f5812ea26aea7dea34
0de3fc1a5890fd7ab9b7c6a9cadff6de8ab5fbf7
3c1a2593d71e6535469e5916c2c6aae9fca179160ac31663f40bcdf598796e3b

HTTP Headers

GET /img/293545-2t.jpg HTTP/1.1
Host: m1.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/webp
content-length: 76098
last-modified: Mon, 21 Feb 2022 16:04:14 GMT
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

m1.hentaiforce.net/img/293545-1t.jpg

85.17.22.131

200 OK

66 kB

URL GET HTTP/2
m1.hentaiforce.net/img/293545-1t.jpg
IP
85.17.22.131:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectm1.hentaiforce.net
FingerprintC2:3A:61:4C:DC:41:DB:93:93:18:2B:2E:84:8E:E2:6C:8F:A4:F1:D0
ValiditySat, 06 Jan 2024 11:30:33 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x586, Scaling: [none]x[none], YUV color, decoders should clamp
Size
66 kB (66422 bytes)
Hash
1321fe1c5a4c398f9b6ca7556975eb34
f7285a533fd6080855db4b0061060a445476a867
f41df321d6829b8a6293f6fef0b05822231325ab3f59a78d9cea15cfbda64678

HTTP Headers

GET /img/293545-1t.jpg HTTP/1.1
Host: m1.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/webp
content-length: 66422
last-modified: Mon, 21 Feb 2022 16:04:14 GMT
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

m1.hentaiforce.net/img/293545-5t.jpg

85.17.22.131

200 OK

68 kB

URL GET HTTP/2
m1.hentaiforce.net/img/293545-5t.jpg
IP
85.17.22.131:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectm1.hentaiforce.net
FingerprintC2:3A:61:4C:DC:41:DB:93:93:18:2B:2E:84:8E:E2:6C:8F:A4:F1:D0
ValiditySat, 06 Jan 2024 11:30:33 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x590, Scaling: [none]x[none], YUV color, decoders should clamp
Size
68 kB (67588 bytes)
Hash
7b9c2b3ef7b402dafc76db2e10136a05
6b8385fad4b3079c6d8dec70106bf488cdabbc89
2d59e00f865e3bce50986d6715eaaa4c39bfaf61bc69a70f9d7c3fe67c94bf80

HTTP Headers

GET /img/293545-5t.jpg HTTP/1.1
Host: m1.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/webp
content-length: 67588
last-modified: Mon, 21 Feb 2022 16:04:14 GMT
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

m1.hentaiforce.net/img/293545-4t.jpg

85.17.22.131

200 OK

70 kB

URL GET HTTP/2
m1.hentaiforce.net/img/293545-4t.jpg
IP
85.17.22.131:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectm1.hentaiforce.net
FingerprintC2:3A:61:4C:DC:41:DB:93:93:18:2B:2E:84:8E:E2:6C:8F:A4:F1:D0
ValiditySat, 06 Jan 2024 11:30:33 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x590, Scaling: [none]x[none], YUV color, decoders should clamp
Size
70 kB (70188 bytes)
Hash
73620291f5b47277c5c43011b7e62eb3
6128414ca8f6355d0143934e8a822114f65c90d7
a38a8a3fadcb3f9d7bf3e410f1dad41ca897c00e9f9e2b4d229dcbff3c240921

HTTP Headers

GET /img/293545-4t.jpg HTTP/1.1
Host: m1.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/webp
content-length: 70188
last-modified: Mon, 21 Feb 2022 16:04:14 GMT
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

poweredby.jads.co/js/jads2.js

185.94.236.244

200 OK

1.7 kB

URL GET HTTP/1.1
poweredby.jads.co/js/jads2.js
IP
185.94.236.244:443
ASN
#42567 Mojohost B.v.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38
ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3758), with no line terminators
Size
1.7 kB (1719 bytes)
Hash
bc8141c4650030c41f6a98026b12ce80
af5618f7e467a207d4c64627be580283ab5640cd
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

HTTP Headers

GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentaiforce.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 19:04:19 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 22 Mar 2024 21:09:33 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"65fdf38d-eae"
Content-Encoding: gzip

poweredby.jads.co/js/jads2.js

185.94.236.244

200 OK

1.7 kB

URL GET HTTP/1.1
poweredby.jads.co/js/jads2.js
IP
185.94.236.244:443
ASN
#42567 Mojohost B.v.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38
ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3758), with no line terminators
Size
1.7 kB (1719 bytes)
Hash
bc8141c4650030c41f6a98026b12ce80
af5618f7e467a207d4c64627be580283ab5640cd
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

HTTP Headers

GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hentaiforce.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 19:04:19 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 22 Mar 2024 21:09:33 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"65fdf38d-eae"
Content-Encoding: gzip

cdn.cloudfrale.com/bn/db1/fc8/a8d/db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807.mp4

45.133.44.20

206 Partial Content

357 kB

URL GET HTTP/2
cdn.cloudfrale.com/bn/db1/fc8/a8d/db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807.mp4
IP
45.133.44.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint5F:02:E3:5B:0C:B7:FA:C1:27:2A:35:DA:29:17:01:A8:47:B5:F3:A8
ValidityWed, 10 Jan 2024 08:59:56 GMT - Sun, 07 Jul 2024 21:59:00 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
357 kB (357139 bytes)
Hash
d4938e1a3b06ac9ac6dd49f43af75fc2
db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807
6bfb40cb5c5f9367a399aa9804488db58012b397688884903eb7da571f53f5bb

HTTP Headers

GET /bn/db1/fc8/a8d/db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807.mp4 HTTP/1.1
Host: cdn.cloudfrale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Wed, 08 May 2024 19:04:20 GMT
content-type: video/mp4
content-length: 357139
server: nginx/1.24.0
etag: d4938e1a3b06ac9ac6dd49f43af75fc2
last-modified: Sun, 05 Nov 2023 16:31:37 GMT
x-timestamp: 1699201896.46460
x-trans-id: txecfe0990e95840dcb961c-0065ca48c0
x-openstack-request-id: txecfe0990e95840dcb961c-0065ca48c0
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Fri, 10 May 2024 19:04:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
access-control-allow-origin: *
content-range: bytes 0-357138/357139
X-Firefox-Spdy: h2

poweredby.jads.co/adshow.php?adzone=1043413

185.94.236.244

200 OK

1.8 kB

URL GET HTTP/1.1
poweredby.jads.co/adshow.php?adzone=1043413
IP
185.94.236.244:443
ASN
#42567 Mojohost B.v.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38
ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1639), with CRLF, LF line terminators
Size
1.8 kB (1767 bytes)
Hash
ddc1a6212a3b7cec9ac737144756867a
ae0ea5317cc3cc2f19cfec949f1fc8118c4362bc
3de382f3f4f0ea61d8522ed7d534a44ea8a6d1cfd79a4c37fd44e707f1373feb

HTTP Headers

GET /adshow.php?adzone=1043413 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 19:04:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=50a62adc5e224daef08b4f28a8c47794; expires=Thu, 08-May-2025 19:04:20 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Sat, 11-May-2024 19:04:20 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 11-May-2024 19:04:20 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

poweredby.jads.co/adshow.php?adzone=1043620

185.94.236.244

200 OK

1.7 kB

URL GET HTTP/1.1
poweredby.jads.co/adshow.php?adzone=1043620
IP
185.94.236.244:443
ASN
#42567 Mojohost B.v.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38
ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (413), with CRLF, LF line terminators
Size
1.7 kB (1660 bytes)
Hash
57a79cae634627db7ee0dca90ac1da89
19e4392175afa11fa3b551c498da50b4ada6aed7
0674898d82a4b912b627012066ae97f21afd8652e737c925adf7b04ffd981f2f

HTTP Headers

GET /adshow.php?adzone=1043620 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 19:04:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=50a62adc5e224daef08b4f28a8c47794; expires=Thu, 08-May-2025 19:04:20 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps60785=1; expires=Thu, 09-May-2024 19:04:20 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjE3MzA1ODQ7aToxNzE1NDU0MjYwO30%3D; expires=Sat, 11-May-2024 19:04:20 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 11-May-2024 19:04:20 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

negxkj5ca.com/lv/esnk/1988357/code.js

212.117.190.201

200 OK

50 kB

URL GET HTTP/2
negxkj5ca.com/lv/esnk/1988357/code.js
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subject
FingerprintD0:BA:0C:7B:A0:42:66:31:3F:12:EE:85:E1:1A:A8:3A:20:66:D5:FD
ValiditySat, 27 Apr 2024 18:51:17 GMT - Wed, 23 Oct 2024 21:59:00 GMT

File type
gzip compressed data, max speed, from Unix
Size
50 kB (50223 bytes)
Hash
b15abac8d5133af4bd1f11b8d285a50f
68fda87f1b20f8a6d67b66da81690c8d00984b6c
56261be34d19cb147a1c0533f73ad7531e970e28132d049935c5d81e3db43c9d

HTTP Headers

GET /lv/esnk/1988357/code.js HTTP/1.1
Host: negxkj5ca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1c437"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

tsyndicate.com/api/v1/retargeting/set/b5e023d7-d6ac-495d-8e3b-e65703a0f52a

159.69.137.49

200 OK

43 B

URL GET HTTP/2
tsyndicate.com/api/v1/retargeting/set/b5e023d7-d6ac-495d-8e3b-e65703a0f52a
IP
159.69.137.49:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintF5:9F:1F:89:8F:08:CD:46:43:4B:55:0A:42:66:52:21:16:57:43:31
ValidityFri, 12 Apr 2024 09:06:37 GMT - Thu, 11 Jul 2024 09:06:36 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ba036c43037cfe89320d1ef7b64cd43f
88c72d3e26047eb1e45e5564a76427734f120efe
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

HTTP Headers

GET /api/v1/retargeting/set/b5e023d7-d6ac-495d-8e3b-e65703a0f52a HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://holdingholly.space/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:21 GMT
content-type: image/gif
content-length: 43
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 269096435806b644
set-cookie: ts_rt_b5e023d7-d6ac-495d-8e3b-e65703a0f52a=AAMC; expires=Thu, 08 May 2025 19:04:21 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=306f137c13013ee4f568122355835e079f577844602bde9f161b0a61a23db502

139.45.195.8

200 OK

43 B

URL GET HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=306f137c13013ee4f568122355835e079f577844602bde9f161b0a61a23db502
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=306f137c13013ee4f568122355835e079f577844602bde9f161b0a61a23db502 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:21 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=088056078bea4c82fa48f38468465601; expires=Thu, 08 May 2025 19:04:21 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

i.jads.co/1x1.gif

185.76.9.22

200 OK

28 kB

URL GET HTTP/2
i.jads.co/1x1.gif
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
https://poweredby.jads.co/adshow.php?adzone=1043413
Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38
ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 250x250, components 3
Size
28 kB (27460 bytes)
Hash
2acfb73fd2df022a7dad5595adef5bda
939b803ea641bd427b7599f92a816262e7a5bf48
3d4610a2ab69d08e54685d0d3cfcf03ec663bacff8cc89a1e0a2904a7769e641

HTTP Headers

GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=50a62adc5e224daef08b4f28a8c47794; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 19:04:21 GMT
content-type: image/jpeg
content-length: 27460
last-modified: Thu, 03 Nov 2016 21:36:07 GMT
etag: "581badc7-6b44"
x-77-nzt: EwwBuUwJFAH30JMiAAwBuUwKCQH3Ci4GAAwBisclwQHXNjYDAA
x-77-nzt-ray: af5856309209f19db5cc3b6644a30802
x-accel-expires: @1715520995
x-accel-date: 1712928997
x-77-cache: HIT
x-77-age: 2266064
server: CDN77-Turbo
x-cache: HIT
x-age: 2266064
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

i.jads.co/network/user196580/60785-1711086801-0110903001711086801.gif

185.76.9.22

200 OK

157 kB

URL GET HTTP/2
i.jads.co/network/user196580/60785-1711086801-0110903001711086801.gif
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
https://poweredby.jads.co/adshow.php?adzone=1043620
Certificate
IssuerSectigo Limited
Subject*.jads.co
Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38
ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
GIF image data, version 89a, 300 x 100
Size
157 kB (157311 bytes)
Hash
0af70ed4be092ae68241c9962fae0a8d
5cce9af8dfed4e5c1862ac3e749f28f172634171
1f160454a1eeb3d780f5837f4846f13d82c383bfafd441e42d0c821e9ae4aeb7

HTTP Headers

GET /network/user196580/60785-1711086801-0110903001711086801.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=50a62adc5e224daef08b4f28a8c47794; juicy_data_1=YToxOntpOjE3MzA1ODQ7aToxNzE1NDU0MjYwO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps60785=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 19:04:21 GMT
content-type: image/gif
content-length: 157311
last-modified: Fri, 22 Mar 2024 05:53:21 GMT
etag: "65fd1cd1-2667f"
x-77-nzt: EwwBuUwJFAH3/XwWAAwBuUwKEwH3vAQAAAwBnJIhJwH3JAAAAA
x-77-nzt-ray: af5856309209f19db5cc3b668028ee01
x-accel-expires: @1716312894
x-accel-date: 1713721272
x-77-cache: HIT
x-77-age: 1473789
server: CDN77-Turbo
x-cache: HIT
x-age: 1473789
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

runative-syndicate.com/api/v1/retargeting/set/1a59e97d-a1c2-4718-89ea-5a19b9d400ea

94.130.143.224

200 OK

43 B

URL GET HTTP/2
runative-syndicate.com/api/v1/retargeting/set/1a59e97d-a1c2-4718-89ea-5a19b9d400ea
IP
94.130.143.224:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net
Certificate
IssuerLet's Encrypt
Subjectrunative-syndicate.com
Fingerprint7B:74:FE:3F:C1:1F:C3:21:65:A5:F5:CD:DD:1C:93:A5:3E:85:F0:A0
ValidityTue, 30 Apr 2024 23:06:33 GMT - Mon, 29 Jul 2024 23:06:32 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ba036c43037cfe89320d1ef7b64cd43f
88c72d3e26047eb1e45e5564a76427734f120efe
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

HTTP Headers

GET /api/v1/retargeting/set/1a59e97d-a1c2-4718-89ea-5a19b9d400ea HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://holdingholly.space/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:21 GMT
content-type: image/gif
content-length: 43
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 2035e961df959e00
set-cookie: ts_rt_1a59e97d-a1c2-4718-89ea-5a19b9d400ea=AAMC; expires=Thu, 08 May 2025 19:04:21 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
17d83a6a1ce5ec032b9d0be6c8c68106
9b412e1c9f9694753b73daa262811ec4c420e7d1
935af939ae598190c9c8175f1ac54241ab2614b3c7599a4c92e1be2ecd42ab23

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 19:04:21 GMT
Last-Modified: Wed, 08 May 2024 17:56:29 GMT
Server: ECAcc (ska/F7A2)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QbQqp0eL1-3Bm4FU9MHbpNiztSNnsM-YfyuqA5sn_zYcmCOA3iS2cQ==
Age: 4072

www.redditstatic.com/ads/pixel.js

151.101.65.140

200 OK

12 kB

URL GET HTTP/2
www.redditstatic.com/ads/pixel.js
IP
151.101.65.140:443
ASN
#54113 FASTLY

Requested by
https://holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net
Certificate
IssuerDigiCert Inc
Subjectwww.redditstatic.com
Fingerprint2F:CB:EB:6E:79:ED:BE:34:24:FF:A9:C2:0C:D1:07:8D:56:7F:2F:16
ValidityMon, 08 Jan 2024 00:00:00 GMT - Sat, 06 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (43235)
Size
12 kB (12083 bytes)
Hash
9d7767c3fb6cfadcd8db56b8ac8ec4b6
611475c945b7196c9b241ecc1c760f03e813353c
5ccd2a2d0cfc8f7b36c238c935a36c751eb306a4f23788a0c6c33eec1a5a2071

HTTP Headers

GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://holdingholly.space/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 07 May 2024 17:43:30 GMT
etag: "337f63427080a8d6a60316b759dab390"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 19:04:21 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 12083
X-Firefox-Spdy: h2

www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_a7co1m6o_telemetry

151.101.65.140

200 OK

98 B

URL GET HTTP/2
www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_a7co1m6o_telemetry
IP
151.101.65.140:443
ASN
#54113 FASTLY

Requested by
https://holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net
Certificate
IssuerDigiCert Inc
Subjectwww.redditstatic.com
Fingerprint2F:CB:EB:6E:79:ED:BE:34:24:FF:A9:C2:0C:D1:07:8D:56:7F:2F:16
ValidityMon, 08 Jan 2024 00:00:00 GMT - Sat, 06 Jul 2024 23:59:59 GMT

File type
JSON text data
Size
98 B (98 bytes)
Hash
5143820daeb644938735d6b28c0059e7
22316bb57b4fa755662fd6f5fb7f749b21ac32a1
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

HTTP Headers

GET /ads/conversions-config/v1/pixel/config/t2_a7co1m6o_telemetry HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://holdingholly.space
DNT: 1
Connection: keep-alive
Referer: https://holdingholly.space/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=300
content-type: application/json
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 May 2024 19:04:21 GMT
via: 1.1 varnish
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 98
X-Firefox-Spdy: h2

proftrafficcounter.com/px.gif?akey=e39a6a46f15b8ccd52813778a058820a

52.58.212.182

307 Temporary Redirect

0 B

URL GET HTTP/2
proftrafficcounter.com/px.gif?akey=e39a6a46f15b8ccd52813778a058820a
IP
52.58.212.182:443
ASN
#16509 AMAZON-02

Requested by
https://holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px.gif?akey=e39a6a46f15b8ccd52813778a058820a HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://holdingholly.space/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Wed, 08 May 2024 19:04:22 GMT
content-type: image/gif
content-length: 0
location: https://experttrafficmonitor.com/dbs?uuid=fd5668a1-fb8b-4be5-b28f-5eb09444927a&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsiMjMiOjE3MTUxOTUwNjJ9LCJhY2NsIjp7IjIwLDEiOjE3MTUxOTUwNjJ9fQ.eFIW7Td97eejw06IVR_hHbdXCGGpkJ9lUq9zMVDI8iU
server: nginx/1.21.6
set-cookie: uid_id2=fd5668a1-fb8b-4be5-b28f-5eb09444927a:1:1; expires=Sat, 06 May 2034 19:04:22 GMT; secure; SameSite=None
ak=23,1715195062; expires=Tue, 06 Aug 2024 19:04:22 GMT; secure; SameSite=None
acl=20,1,1715195062; expires=Tue, 06 Aug 2024 19:04:22 GMT; secure; SameSite=None
expires: Wed, 08 May 2024 19:04:22 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2

experttrafficmonitor.com/dbs?uuid=fd5668a1-fb8b-4be5-b28f-5eb09444927a&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsiMjMiOjE3MTUxOTUwNjJ9LCJhY2NsIjp7IjIwLDEiOjE3MTUxOTUwNjJ9fQ.eFIW7Td97eejw06IVR_hHbdXCGGpkJ9lUq9zMVDI8iU

52.58.212.182

200 OK

7 B

URL GET HTTP/2
experttrafficmonitor.com/dbs?uuid=fd5668a1-fb8b-4be5-b28f-5eb09444927a&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsiMjMiOjE3MTUxOTUwNjJ9LCJhY2NsIjp7IjIwLDEiOjE3MTUxOTUwNjJ9fQ.eFIW7Td97eejw06IVR_hHbdXCGGpkJ9lUq9zMVDI8iU
IP
52.58.212.182:443
ASN
#16509 AMAZON-02

Requested by
https://holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dbs?uuid=fd5668a1-fb8b-4be5-b28f-5eb09444927a&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsiMjMiOjE3MTUxOTUwNjJ9LCJhY2NsIjp7IjIwLDEiOjE3MTUxOTUwNjJ9fQ.eFIW7Td97eejw06IVR_hHbdXCGGpkJ9lUq9zMVDI8iU HTTP/1.1
Host: experttrafficmonitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holdingholly.space/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 19:04:22 GMT
content-type: image/gif
content-length: 7
server: nginx/1.21.6
set-cookie: uid_id2=fd5668a1-fb8b-4be5-b28f-5eb09444927a:1:1; expires=Sat, 06 May 2034 19:04:22 GMT; secure; SameSite=None
ak=23,1715195062; expires=Tue, 06 Aug 2024 19:04:22 GMT; secure; SameSite=None
acl=20,1,1715195062; expires=Tue, 06 Aug 2024 19:04:22 GMT; secure; SameSite=None
expires: Wed, 08 May 2024 19:04:22 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2

bigstoreminigames.space/bnr/4/71e/65bdc8/71e65bdc88b0da9ca931791135d5ef75.jpg

104.21.85.92

76 kB

URL GET
bigstoreminigames.space/bnr/4/71e/65bdc8/71e65bdc88b0da9ca931791135d5ef75.jpg
IP
104.21.85.92:0
ASN
#13335 CLOUDFLARENET

Requested by
https://holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net
Certificate
IssuerLet's Encrypt
Subjectbigstoreminigames.space
Fingerprint95:FE:47:6D:B5:53:60:39:97:F1:99:25:7C:50:80:7E:BD:62:59:8B
ValiditySat, 20 Apr 2024 16:24:19 GMT - Fri, 19 Jul 2024 16:24:18 GMT

File type
JPEG image data, baseline, precision 8, 728x90, components 3
Size
76 kB (76179 bytes)
Hash
354368cec8329d42477fc4336b54d80f
ecf74de17c259bc1d63e904996f63178b17f74b4
14c49a8d87a5956d61712ffd956c129b4ee74112501175f2b1b23ea79d66675f

HTTP Headers

GET /bnr/4/71e/65bdc8/71e65bdc88b0da9ca931791135d5ef75.jpg HTTP/1.1
Host: bigstoreminigames.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://holdingholly.space/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 19:04:20 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 82081
last-modified: Tue, 07 May 2024 20:16:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GStbtprUFSVyEdU6XHKEki3HE95LQQgfLsWNHe1fxgmVIOI5dl58cHCMUJQwUpYQK4R90GW0q5PeQ7SYFbzuPmf1VcVItzqMvlKH7XrGJjmneq62K9U3E84y6FKz%2F71MU%2FeDMrFJSxfMtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bb70af97e5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

twistconcept.com/index.min.js?pk=e39a6a46f15b8ccd52813778a058820a

172.67.215.17

200 OK

9.1 kB

URL GET HTTP/2
twistconcept.com/index.min.js?pk=e39a6a46f15b8ccd52813778a058820a
IP
172.67.215.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net
Certificate
IssuerGoogle Trust Services LLC
Subjecttwistconcept.com
Fingerprint73:11:A2:75:AF:3F:76:30:B1:19:9F:59:CD:02:5E:98:3C:A1:12:6B
ValiditySat, 23 Mar 2024 03:02:17 GMT - Fri, 21 Jun 2024 03:02:16 GMT

File type
JavaScript source, ASCII text, with very long lines (652)
Size
9.1 kB (9112 bytes)
Hash
2058d53d084116ff3d36c8a630556710
8bcd226cf5ddb64be846ad645360638e82269097
6af3e3bd3016f5762e3dc3dbd8fc7bbf00f4ec9349bee71a23bbe5547dcffd1e

HTTP Headers

GET /index.min.js?pk=e39a6a46f15b8ccd52813778a058820a HTTP/1.1
Host: twistconcept.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://holdingholly.space/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 19:04:21 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 13:06:26 GMT
etag: W/"655f4e52-28d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4857
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbGAY61h%2BHN1ub1lgkMam%2B1H%2BxNtD86MwpWUzWYXHjjBFCHzzCYgssduu144M0s8IAxcO33H3bjEHsyOFP9XkNS7AV6TE2RFAfSjJiPkKTxaa15IsrCYzUcy92mF%2FPVpOwiv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bb70b3ea6712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hentaiforce.net/js/hentaiforce-any-2021-04-18.js?p7om89sc978b7f8b

149.202.72.71

200 OK

101 kB

URL GET HTTP/2
hentaiforce.net/js/hentaiforce-any-2021-04-18.js?p7om89sc978b7f8b
IP
149.202.72.71:443
ASN
#16276 OVH SAS

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjecthentaiforce.net
Fingerprint6A:C9:B5:48:3E:D6:B5:C8:27:EE:71:9B:8A:4C:BA:5C:B1:02:DE:04
ValiditySat, 06 Jan 2024 11:37:28 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
101 kB (101375 bytes)
Hash
8fc0fb33a13067c2b55e8d61227f456f
38722c1a282a2625575920153b8147a7d807b51b
4d5a57f78e18dae3a513b45df60e5287ebcea58f2c5bba7df7c8049572db768c

HTTP Headers

GET /js/hentaiforce-any-2021-04-18.js?p7om89sc978b7f8b HTTP/1.1
Host: hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/view/4506
Cookie: XSRF-TOKEN=eyJpdiI6IlpveTRnemd4QzVuWU9FWEdyV05nQkE9PSIsInZhbHVlIjoiTkFrY0xtOE9WR2VubEVIVngwblVEUmppaW5iVlZhdFh0NTVpZm0yeDNlVWlYL3FVZWJWenhTTU1UR0d5UEFIZ2ZPV0c4VTQvY3RZTE44Sk5xM243a2FTWXhCY2drR29qaENkWjcvVXpVcXhkTXBSaGJnTldndU5vQmhGVVdudUkiLCJtYWMiOiJhZmY0YjdjMDJmNDhhOTk0NDFkZTE3ODZlZmQyNWUwNmQwZGNkNzM2Zjc1MDgzOThjZmI2ZDIyOWU3NGZmODk1IiwidGFnIjoiIn0%3D; hforce_sess=eyJpdiI6ImtQcDR5YlozVUtJMmxodmUrbU53N2c9PSIsInZhbHVlIjoiSENFei8zVFlIZ2pkOXc5QXpEanFIWE8rcXpzTVlra2lxaGxEL2M3SWlIdkNpZnZUS2xnaEJwQlk2bmlSNlJ4cThzcGlhNXV1clIxWFVpbElrZ1hnYjd1eVBWR2JuT3Ivcmo1bzdZYXQ5azJCYlpSa1NOcytjT1dnWG03UlozUGEiLCJtYWMiOiI5NWE4Zjc3Y2QyNmJmMjZkNDU4MmQxMjQ0M2RhNDhiYzE5NDg3YmY1NjZmMGE2YTg4ZGE4YjI3OTMwNWE3ZDlkIiwidGFnIjoiIn0%3D; GbEQEW4AECaaAzhLIZ6MZxSITROhwI1eSO1i9HHv=eyJpdiI6InVZL1IvT2V3ZHpSaWJpdGNNbHFqamc9PSIsInZhbHVlIjoiY29Uc0RlZUNJWVhvek9HSGhyV1ZMSU5IZWJVWllPQk1adW05TnhYK0Nhdk92OEx1OXYvTmdCa2F1NE90ZmxnQlZmV0NialRrZ3dTVlZtZ2t0cjBDRDR6TEltbGZTNnkvVGlUMkJIZUpMU1lpMFA4ZW9lTHc3a2pZa014VE5kYmlldGc0UkZMVHhtTHVDYWhzYXVPSldxZy9BZ2VPRkIyNDRoSjNhQ2hHWkpxVk51UXhHV1lOcTIxNlBNNjk0T3E0K3JpVUZVYmYwb2l6VndWeGdHMy9HdUczeTJ3bHQzaXo0c1h0SE1nQUp3RnQ1RWtMYmhUMzE0VDlLcHdHVTlCQnRyaU5selZ6OXJ0OUVLWENsa2pDekdyTTZoSkI1M1M2eGhXNnFCNlNJVnlPdVdGWjdXQ2pVTzNudkxwL0JHQ2cvNjEvVHNvTm5Wa1BBMEF0VnpYdWwzMEdlaVltbjVvNEFCNHJCRzZlVzUvUjBJaTliQ1U3Q25OL3RCSWJBczcrIiwibWFjIjoiYzMwODlhMDJjNGNmYzhmMTNkOTZmOGQwZjVjOTZkNDVkNjA0OGYzZjlhZGU2YzBkOTIyMmNjM2FlNGYxODQ1NiIsInRhZyI6IiJ9; show_popup_ads=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:18 GMT
content-type: application/javascript
last-modified: Fri, 08 Mar 2024 10:52:37 GMT
vary: Accept-Encoding
etag: W/"65eaedf5-18bff"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
content-encoding: gzip
X-Firefox-Spdy: h2

qqjar.ru/retarget/add?retargeting_code=1&add=1&retargeting_id=3958

0.0.0.0

0 B

URL GET
qqjar.ru/retarget/add?retargeting_code=1&add=1&retargeting_id=3958
IP
0.0.0.0:0
ASN
#0

Requested by
https://holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /retarget/add?retargeting_code=1&add=1&retargeting_id=3958 HTTP/1.1
Host: qqjar.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://holdingholly.space/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

hentaiforce.net/view/4506

149.202.72.71

200 OK

45 kB

URL User Request GET HTTP/2
hentaiforce.net/view/4506
IP
149.202.72.71:443
ASN
#16276 OVH SAS

Certificate
IssuerBuypass AS-983163327
Subjecthentaiforce.net
Fingerprint6A:C9:B5:48:3E:D6:B5:C8:27:EE:71:9B:8A:4C:BA:5C:B1:02:DE:04
ValiditySat, 06 Jan 2024 11:37:28 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type

Size
45 kB (45406 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /view/4506 HTTP/1.1
Host: hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Wed, 08 May 2024 19:04:18 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IlpveTRnemd4QzVuWU9FWEdyV05nQkE9PSIsInZhbHVlIjoiTkFrY0xtOE9WR2VubEVIVngwblVEUmppaW5iVlZhdFh0NTVpZm0yeDNlVWlYL3FVZWJWenhTTU1UR0d5UEFIZ2ZPV0c4VTQvY3RZTE44Sk5xM243a2FTWXhCY2drR29qaENkWjcvVXpVcXhkTXBSaGJnTldndU5vQmhGVVdudUkiLCJtYWMiOiJhZmY0YjdjMDJmNDhhOTk0NDFkZTE3ODZlZmQyNWUwNmQwZGNkNzM2Zjc1MDgzOThjZmI2ZDIyOWU3NGZmODk1IiwidGFnIjoiIn0%3D; expires=Wed, 02-Jul-2025 19:04:18 GMT; Max-Age=36288000; path=/; secure; samesite=lax
hforce_sess=eyJpdiI6ImtQcDR5YlozVUtJMmxodmUrbU53N2c9PSIsInZhbHVlIjoiSENFei8zVFlIZ2pkOXc5QXpEanFIWE8rcXpzTVlra2lxaGxEL2M3SWlIdkNpZnZUS2xnaEJwQlk2bmlSNlJ4cThzcGlhNXV1clIxWFVpbElrZ1hnYjd1eVBWR2JuT3Ivcmo1bzdZYXQ5azJCYlpSa1NOcytjT1dnWG03UlozUGEiLCJtYWMiOiI5NWE4Zjc3Y2QyNmJmMjZkNDU4MmQxMjQ0M2RhNDhiYzE5NDg3YmY1NjZmMGE2YTg4ZGE4YjI3OTMwNWE3ZDlkIiwidGFnIjoiIn0%3D; expires=Wed, 02-Jul-2025 19:04:18 GMT; Max-Age=36288000; path=/; secure; httponly; samesite=lax
GbEQEW4AECaaAzhLIZ6MZxSITROhwI1eSO1i9HHv=eyJpdiI6InVZL1IvT2V3ZHpSaWJpdGNNbHFqamc9PSIsInZhbHVlIjoiY29Uc0RlZUNJWVhvek9HSGhyV1ZMSU5IZWJVWllPQk1adW05TnhYK0Nhdk92OEx1OXYvTmdCa2F1NE90ZmxnQlZmV0NialRrZ3dTVlZtZ2t0cjBDRDR6TEltbGZTNnkvVGlUMkJIZUpMU1lpMFA4ZW9lTHc3a2pZa014VE5kYmlldGc0UkZMVHhtTHVDYWhzYXVPSldxZy9BZ2VPRkIyNDRoSjNhQ2hHWkpxVk51UXhHV1lOcTIxNlBNNjk0T3E0K3JpVUZVYmYwb2l6VndWeGdHMy9HdUczeTJ3bHQzaXo0c1h0SE1nQUp3RnQ1RWtMYmhUMzE0VDlLcHdHVTlCQnRyaU5selZ6OXJ0OUVLWENsa2pDekdyTTZoSkI1M1M2eGhXNnFCNlNJVnlPdVdGWjdXQ2pVTzNudkxwL0JHQ2cvNjEvVHNvTm5Wa1BBMEF0VnpYdWwzMEdlaVltbjVvNEFCNHJCRzZlVzUvUjBJaTliQ1U3Q25OL3RCSWJBczcrIiwibWFjIjoiYzMwODlhMDJjNGNmYzhmMTNkOTZmOGQwZjVjOTZkNDVkNjA0OGYzZjlhZGU2YzBkOTIyMmNjM2FlNGYxODQ1NiIsInRhZyI6IiJ9; expires=Wed, 02-Jul-2025 19:04:18 GMT; Max-Age=36288000; path=/; secure; httponly; samesite=lax
show_popup_ads=1; expires=Wed, 08-May-2024 19:14:18 GMT; Max-Age=600; path=/; secure; samesite=lax
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
content-encoding: gzip
X-Firefox-Spdy: h2

holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net

104.21.47.35

200 OK

2.4 kB

URL GET HTTP/2
holdingholly.space/iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net
IP
104.21.47.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poweredby.jads.co/adshow.php?adzone=1043413
Certificate
IssuerGoogle Trust Services LLC
Subjectholdingholly.space
Fingerprint2C:23:ED:2F:3C:37:2A:C2:66:CD:10:0E:25:C4:F2:FC:1D:D1:64:17
ValiditySat, 20 Apr 2024 21:11:23 GMT - Fri, 19 Jul 2024 21:11:22 GMT

File type
HTML document, ASCII text, with very long lines (2423), with no line terminators
Size
2.4 kB (2362 bytes)
Hash
238097ef134b6a9283497caa2d776fd5
aa49dc1a186fa64cab9aa2fb8ad0c8370ec13894
7146148bfb79fd9f27bff7ed990a525e2488c8f503a8749aa259c0d11efe114f

HTTP Headers

GET /iframe/663b87b371086?iframe&ag_custom_domain=hentaiforce.net HTTP/1.1
Host: holdingholly.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 19:04:20 GMT
content-type: text/html
set-cookie: showed_15490_100193=[2502988]; Expires=Thu, 09-May-24 19:04:20 GMT; Domain=holdingholly.space; Path=/; Secure; SameSite=None
c_5aaee819a472863ce0f58d1b1c1a2686=1; Expires=Thu, 09-May-24 19:04:20 GMT; Domain=holdingholly.space; Path=/; Secure; SameSite=None
z_4c3a1ddad89fbb6bed834de15eaf0772=1; Expires=Thu, 09-May-24 19:04:20 GMT; Domain=holdingholly.space; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PinhC3tNenjkvP3wSzmFFTvhwdFcUNvJSoa6J1Or%2B3Eu1uAIM4ugq6BVDiYQIn8Ss3AmaPRMz33ywT%2BiwMDRpj85eBOrt6Kqa34m5ETX4mCokNxuwWgyHaZaAFACU5VQSEmVpLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bb7097ec656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hentaiforce.net/js/hentaiforce-main-2021-05-119.js?p7om89sc978b7f8b

149.202.72.71

200 OK

217 kB

URL GET HTTP/2
hentaiforce.net/js/hentaiforce-main-2021-05-119.js?p7om89sc978b7f8b
IP
149.202.72.71:443
ASN
#16276 OVH SAS

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjecthentaiforce.net
Fingerprint6A:C9:B5:48:3E:D6:B5:C8:27:EE:71:9B:8A:4C:BA:5C:B1:02:DE:04
ValiditySat, 06 Jan 2024 11:37:28 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type

Size
217 kB (217070 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/hentaiforce-main-2021-05-119.js?p7om89sc978b7f8b HTTP/1.1
Host: hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/view/4506
Cookie: XSRF-TOKEN=eyJpdiI6IlpveTRnemd4QzVuWU9FWEdyV05nQkE9PSIsInZhbHVlIjoiTkFrY0xtOE9WR2VubEVIVngwblVEUmppaW5iVlZhdFh0NTVpZm0yeDNlVWlYL3FVZWJWenhTTU1UR0d5UEFIZ2ZPV0c4VTQvY3RZTE44Sk5xM243a2FTWXhCY2drR29qaENkWjcvVXpVcXhkTXBSaGJnTldndU5vQmhGVVdudUkiLCJtYWMiOiJhZmY0YjdjMDJmNDhhOTk0NDFkZTE3ODZlZmQyNWUwNmQwZGNkNzM2Zjc1MDgzOThjZmI2ZDIyOWU3NGZmODk1IiwidGFnIjoiIn0%3D; hforce_sess=eyJpdiI6ImtQcDR5YlozVUtJMmxodmUrbU53N2c9PSIsInZhbHVlIjoiSENFei8zVFlIZ2pkOXc5QXpEanFIWE8rcXpzTVlra2lxaGxEL2M3SWlIdkNpZnZUS2xnaEJwQlk2bmlSNlJ4cThzcGlhNXV1clIxWFVpbElrZ1hnYjd1eVBWR2JuT3Ivcmo1bzdZYXQ5azJCYlpSa1NOcytjT1dnWG03UlozUGEiLCJtYWMiOiI5NWE4Zjc3Y2QyNmJmMjZkNDU4MmQxMjQ0M2RhNDhiYzE5NDg3YmY1NjZmMGE2YTg4ZGE4YjI3OTMwNWE3ZDlkIiwidGFnIjoiIn0%3D; GbEQEW4AECaaAzhLIZ6MZxSITROhwI1eSO1i9HHv=eyJpdiI6InVZL1IvT2V3ZHpSaWJpdGNNbHFqamc9PSIsInZhbHVlIjoiY29Uc0RlZUNJWVhvek9HSGhyV1ZMSU5IZWJVWllPQk1adW05TnhYK0Nhdk92OEx1OXYvTmdCa2F1NE90ZmxnQlZmV0NialRrZ3dTVlZtZ2t0cjBDRDR6TEltbGZTNnkvVGlUMkJIZUpMU1lpMFA4ZW9lTHc3a2pZa014VE5kYmlldGc0UkZMVHhtTHVDYWhzYXVPSldxZy9BZ2VPRkIyNDRoSjNhQ2hHWkpxVk51UXhHV1lOcTIxNlBNNjk0T3E0K3JpVUZVYmYwb2l6VndWeGdHMy9HdUczeTJ3bHQzaXo0c1h0SE1nQUp3RnQ1RWtMYmhUMzE0VDlLcHdHVTlCQnRyaU5selZ6OXJ0OUVLWENsa2pDekdyTTZoSkI1M1M2eGhXNnFCNlNJVnlPdVdGWjdXQ2pVTzNudkxwL0JHQ2cvNjEvVHNvTm5Wa1BBMEF0VnpYdWwzMEdlaVltbjVvNEFCNHJCRzZlVzUvUjBJaTliQ1U3Q25OL3RCSWJBczcrIiwibWFjIjoiYzMwODlhMDJjNGNmYzhmMTNkOTZmOGQwZjVjOTZkNDVkNjA0OGYzZjlhZGU2YzBkOTIyMmNjM2FlNGYxODQ1NiIsInRhZyI6IiJ9; show_popup_ads=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:18 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2024 12:37:39 GMT
vary: Accept-Encoding
etag: W/"662f9493-34fee"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
content-encoding: gzip
X-Firefox-Spdy: h2

yrhnw7h63.com/t/9/fret/meow4/1988352/b8315dac.js

212.117.190.201

200 OK

106 kB

URL GET HTTP/2
yrhnw7h63.com/t/9/fret/meow4/1988352/b8315dac.js
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint96:1A:C9:02:DA:91:EC:65:7E:9E:52:D6:20:FD:F1:B3:C5:23:ED:6C
ValiditySat, 27 Apr 2024 13:01:12 GMT - Wed, 23 Oct 2024 21:59:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65106)
Size
106 kB (106460 bytes)
Hash
c40d932aa745e689126da6572a4c0eee
2ba0a59b90c91980a51e68e7b0fcf0e389dd9956
57df8d418df3005545f01d96dd60197bb660bc0594b158e366159034544ffa5f

HTTP Headers

GET /t/9/fret/meow4/1988352/b8315dac.js HTTP/1.1
Host: yrhnw7h63.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

m1.hentaiforce.net/img/293545-cover.jpg

85.17.22.131

200 OK

182 kB

URL GET HTTP/2
m1.hentaiforce.net/img/293545-cover.jpg
IP
85.17.22.131:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subjectm1.hentaiforce.net
FingerprintC2:3A:61:4C:DC:41:DB:93:93:18:2B:2E:84:8E:E2:6C:8F:A4:F1:D0
ValiditySat, 06 Jan 2024 11:30:33 GMT - Wed, 03 Jul 2024 21:59:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 700x1026, Scaling: [none]x[none], YUV color, decoders should clamp
Size
182 kB (181956 bytes)
Hash
0c471ced387dead3afc234013b8e175b
5904faffd100dc26b9de58bb38f015537533febf
1b186533c1c884def8c4fc1f9a19e7cd548ba4cc23d328c5c25e52c34c7ded53

HTTP Headers

GET /img/293545-cover.jpg HTTP/1.1
Host: m1.hentaiforce.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: image/webp
content-length: 181956
last-modified: Mon, 21 Feb 2022 16:04:12 GMT
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

negxkj5ca.com/get/1988357?zoneid=1988357&jp=_clthzl3gx5frz5nn013ymi&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801256883670528&eclog=0&im=1&freq=0&uf=0

212.117.190.201

200 OK

4.2 kB

URL GET HTTP/2
negxkj5ca.com/get/1988357?zoneid=1988357&jp=_clthzl3gx5frz5nn013ymi&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801256883670528&eclog=0&im=1&freq=0&uf=0
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://hentaiforce.net/view/4506
Certificate
IssuerBuypass AS-983163327
Subject
FingerprintD0:BA:0C:7B:A0:42:66:31:3F:12:EE:85:E1:1A:A8:3A:20:66:D5:FD
ValiditySat, 27 Apr 2024 18:51:17 GMT - Wed, 23 Oct 2024 21:59:00 GMT

File type
ASCII text, with very long lines (4303), with no line terminators
Size
4.2 kB (4227 bytes)
Hash
072bad057936e6d12fa7778f4f30afb6
151b3303f9ed5633024a261150d130b82a7cd924
bc27d049b2e58dae77f9782fdd2100fa0db77a29a687f9e10187a4eea0debc8c

HTTP Headers

GET /get/1988357?zoneid=1988357&jp=_clthzl3gx5frz5nn013ymi&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801256883670528&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: negxkj5ca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hentaiforce.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:04:19 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=24050814044f8ed972b9ad4695a89743f887; Path=/; Expires=Wed, 11 Jun 2025 19:04:19 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 19:04:19 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL