urlscan.io logo urlscan.io
SecurityTrails logo

hentaifap.land Open in urlscan Pro
2606:4700:30::681f:4a88  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.sharebutton.co/
Effective URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=...
Submission: On May 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 54 HTTP transactions. The main IP is 2606:4700:30::681f:4a88, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is hentaifap.land.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 12th 2018. Valid for: a year.
This is the only time hentaifap.land was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.224.182.250 133618 (TRELLIAN-...)
1 6 199.59.242.151 395082 (BODIS-NJ)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.175.21.193 14618 (AMAZON-AES)
1 3.92.103.120 14618 (AMAZON-AES)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
32 2606:4700:30:... 13335 (CLOUDFLAR...)
1 204.155.147.176 40824 (WZCOM-US)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 5 2a02:6b8::1:119 13238 (YANDEX)
54 11
1    103.224.182.250 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-250.above.com
www.sharebutton.co
6    199.59.242.151 (United States)

ASN395082 (BODIS-NJ - Bodis, LLC, US)
ww25.sharebutton.co
1    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    35.175.21.193 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-175-21-193.compute-1.amazonaws.com
usa.odysseus-nua.com
1    3.92.103.120 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-92-103-120.compute-1.amazonaws.com
usa.dauid-iep.com
1    2606:4700:30::681c:1275 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
gamescarousel.com
32    2606:4700:30::681f:4a88 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hentaifap.land
1    204.155.147.176 (United States)

ASN40824 (WZCOM-US - WZ Communications Inc., US)
PTR: c-n120-u3000-176.webazilla.com
ln.gamesrevenue.com
4    2606:4700::6810:cda5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
onesignal.com
5    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
Domain Requested by
32 hentaifap.land usa.dauid-iep.com
hentaifap.land
6 ww25.sharebutton.co 1 redirects ww25.sharebutton.co
5 mc.yandex.ru 1 redirects hentaifap.land
2 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com hentaifap.land
cdn.onesignal.com
2 fonts.gstatic.com
2 www.google-analytics.com
1 ln.gamesrevenue.com hentaifap.land
1 gamescarousel.com 1 redirects
1 usa.dauid-iep.com usa.odysseus-nua.com
1 usa.odysseus-nua.com ww25.sharebutton.co
1 fonts.googleapis.com ww25.sharebutton.co
1 www.google.com ww25.sharebutton.co
1 www.sharebutton.co 1 redirects
54 14

This site contains links to these domains. Also see Links.

Domain
cuntwars.com
Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-11-12 -
2019-11-12		 a year crt.sh
*.gamesrevenue.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-29 -
2019-06-28		 a year crt.sh
ssl473492.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-01-22 -
2019-07-31		 6 months crt.sh
bs.yandex.ru
Yandex CA		 2018-10-03 -
2019-10-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Frame ID: 24C855C144F202B91EFF44D5F77E1897
Requests: 53 HTTP requests in this frame

Frame: https://onesignal.com/webPushAnalytics
Frame ID: 8475FC48132B060250853A05387D87A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.sharebutton.co/ HTTP 302
    http://ww25.sharebutton.co/ Page URL
  2. http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcvisitor%2Fb216ce40-7b2b-11e9-9808... HTTP 302
    http://usa.odysseus-nua.com/zcvisitor/b216ce40-7b2b-11e9-9808-0a5e0e0d76d6?campaignid=8d47ec10-7582-11e9... Page URL
  3. http://usa.dauid-iep.com/zcredirect?visitid=b216ce40-7b2b-11e9-9808-0a5e0e0d76d6&type=js&browserWidth... Page URL
  4. https://gamescarousel.com/?5cd97077aef&ag_custom_domain=russet-lark-lima-due-1hD3D7g9 HTTP 302
    https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_r... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

54
Requests

85 %
HTTPS

62 %
IPv6

12
Domains

14
Subdomains

11
IPs

4
Countries

1211 kB
Transfer

1845 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.sharebutton.co/ HTTP 302
    http://ww25.sharebutton.co/ Page URL
  2. http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcvisitor%2Fb216ce40-7b2b-11e9-9808-0a5e0e0d76d6%3Fcampaignid%3D8d47ec10-7582-11e9-ac85-12077332b422&notadsafe HTTP 302
    http://usa.odysseus-nua.com/zcvisitor/b216ce40-7b2b-11e9-9808-0a5e0e0d76d6?campaignid=8d47ec10-7582-11e9-ac85-12077332b422 Page URL
  3. http://usa.dauid-iep.com/zcredirect?visitid=b216ce40-7b2b-11e9-9808-0a5e0e0d76d6&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  4. https://gamescarousel.com/?5cd97077aef&ag_custom_domain=russet-lark-lima-due-1hD3D7g9 HTTP 302
    https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.sharebutton.co/ HTTP 302
  • http://ww25.sharebutton.co/
Request Chain 7
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 8
  • http://www.google-analytics.com/r/collect?v=1&_v=j75&a=1440552026&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1100120642&gjid=1916394956&cid=1204012321.1558376321&tid=UA-89467400-1&_gid=1059884679.1558376321&_r=1&z=974473358 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=1440552026&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1100120642&gjid=1916394956&cid=1204012321.1558376321&tid=UA-89467400-1&_gid=1059884679.1558376321&_r=1&z=974473358
Request Chain 11
  • http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcvisitor%2Fb216ce40-7b2b-11e9-9808-0a5e0e0d76d6%3Fcampaignid%3D8d47ec10-7582-11e9-ac85-12077332b422&notadsafe HTTP 302
  • http://usa.odysseus-nua.com/zcvisitor/b216ce40-7b2b-11e9-9808-0a5e0e0d76d6?campaignid=8d47ec10-7582-11e9-ac85-12077332b422
Request Chain 49
  • https://mc.yandex.ru/watch/47880065?wmode=7&page-ref=http%3A%2F%2Fusa.dauid-iep.com%2Fzcredirect%3Fvisitid%3Db216ce40-7b2b-11e9-9808-0a5e0e0d76d6%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&page-url=https%3A%2F%2Fhentaifap.land%2Fcw%2Fcw_0319%2Fland_cw_180319_en%2Findex.html%3Fp%3D1%26utm_campaign%3Dpu_zeropark_nutra_ron_tier1%26utm_medium%3Dclick%26utm_source%3Dpu%26utm_content%3Drusset-lark-lima-due-1hD3D7g9%26bnid%3Dland_cw_180319_en%26crID%3D255458%26zID%3D9306&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558376323227%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190520181844%3Aet%3A1558376324%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A818114375%3Ahid%3A530650336%3Ads%3A13%2C32%2C144%2C0%2C192%2C0%2C0%2C449%2C1%2C%2C%2C%2C837%3Afp%3A837%3Awn%3A5832%3Ahl%3A3%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558376324%3Au%3A1558376324372677686%3At%3ACuntWars HTTP 302
  • https://mc.yandex.ru/watch/47880065/1?wmode=7&page-ref=http%3A%2F%2Fusa.dauid-iep.com%2Fzcredirect%3Fvisitid%3Db216ce40-7b2b-11e9-9808-0a5e0e0d76d6%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&page-url=https%3A%2F%2Fhentaifap.land%2Fcw%2Fcw_0319%2Fland_cw_180319_en%2Findex.html%3Fp%3D1%26utm_campaign%3Dpu_zeropark_nutra_ron_tier1%26utm_medium%3Dclick%26utm_source%3Dpu%26utm_content%3Drusset-lark-lima-due-1hD3D7g9%26bnid%3Dland_cw_180319_en%26crID%3D255458%26zID%3D9306&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558376323227%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190520181844%3Aet%3A1558376324%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A818114375%3Ahid%3A530650336%3Ads%3A13%2C32%2C144%2C0%2C192%2C0%2C0%2C449%2C1%2C%2C%2C%2C837%3Afp%3A837%3Awn%3A5832%3Ahl%3A3%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558376324%3Au%3A1558376324372677686%3At%3ACuntWars

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ww25.sharebutton.co/
Redirect Chain
  • https://www.sharebutton.co/
  • http://ww25.sharebutton.co/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww25.sharebutton.co/
Protocol
HTTP/1.1
Server
199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
9f36cd3352e86d4959f7c69198039b9b3d5775b88b28ccac8205c8370bd151c8

Request headers

Host
ww25.sharebutton.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
openresty
Date
Mon, 20 May 2019 18:18:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_pJKsZ/ueqxcBgT4lCD2B7PPl7/A9afmXGUB/Qr/rJ6VFDOY0ddRT6uJW4ovyxZu0PwPdNF/FJsBU74TjoBQagA==

Redirect headers

Date
Mon, 20 May 2019 18:18:40 GMT
Server
Apache/2.4.25 (Debian)
Set-Cookie
__tad=1558376320.8522806; expires=Thu, 17-May-2029 18:18:40 GMT; Max-Age=315360000
Location
http://ww25.sharebutton.co/
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
caf.js
www.google.com/adsense/domains/ 		157 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
26cc41c8b8b945615feb96476d3c673e72ab10c66a0ab0902c9e9819cc9373a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 20 May 2019 18:18:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"3347526808435612985"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
0
Expires
Mon, 20 May 2019 18:18:40 GMT
px.gif
ww25.sharebutton.co/ 		42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ww25.sharebutton.co/px.gif?ch=1&rn=0.5589997067310564
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/
Protocol
HTTP/1.1
Server
199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 20 May 2019 18:18:40 GMT
Last-Modified
Fri, 10 May 2019 10:12:58 GMT
Server
openresty
ETag
"5cd54eaa-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
px.gif
ww25.sharebutton.co/ 		42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ww25.sharebutton.co/px.gif?ch=2&rn=0.5589997067310564
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/
Protocol
HTTP/1.1
Server
199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 20 May 2019 18:18:41 GMT
Last-Modified
Fri, 10 May 2019 10:12:58 GMT
Server
openresty
ETag
"5cd54eaa-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
glp
ww25.sharebutton.co/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/
Protocol
HTTP/1.1
Server
199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
906b9380fef0de7a62db28538f3994ad3dc8ddecc6e32500f19d3ed8bc8bd83c

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 May 2019 18:18:41 GMT
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ 		5 KB
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
88848d68fac5206dbbc23232c03bdd42c4978a0acfd5f10e1c72ce3ef2c5a28a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 20 May 2019 18:18:41 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 20 May 2019 18:18:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 20 May 2019 18:18:41 GMT
gzb
ww25.sharebutton.co/ 		200 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww25.sharebutton.co/gzb
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Server
199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
http://ww25.sharebutton.co/
Origin
http://ww25.sharebutton.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 20 May 2019 18:18:42 GMT
Server
openresty
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
200
Expires
Mon, 26 Jul 1997 05:00:00 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
1905
date
Mon, 20 May 2019 17:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Mon, 20 May 2019 19:46:56 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j75&a=1440552026&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0...
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=1440552026&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=...
35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=1440552026&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1100120642&gjid=1916394956&cid=1204012321.1558376321&tid=UA-89467400-1&_gid=1059884679.1558376321&_r=1&z=974473358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 May 2019 18:18:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=1440552026&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1100120642&gjid=1916394956&cid=1204012321.1558376321&tid=UA-89467400-1&_gid=1059884679.1558376321&_r=1&z=974473358
Non-Authoritative-Reason
HSTS
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://ww25.sharebutton.co

Response headers

date
Thu, 09 May 2019 13:53:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:11:28 GMT
server
sffe
age
966297
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9016
x-xss-protection
0
expires
Fri, 08 May 2020 13:53:44 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://ww25.sharebutton.co

Response headers

date
Mon, 25 Mar 2019 20:19:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:10:29 GMT
server
sffe
age
4831148
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:33 GMT
b216ce40-7b2b-11e9-9808-0a5e0e0d76d6
usa.odysseus-nua.com/zcvisitor/
Redirect Chain
  • http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusa.odysseus-nua.com%2Fzcvisitor%2Fb216ce40-7b2b-11e9-9808-0a5e0e0d76d6%3Fcampaignid%3D8d47ec10-7582-11e9-ac85-12077332b422&notadsafe
  • http://usa.odysseus-nua.com/zcvisitor/b216ce40-7b2b-11e9-9808-0a5e0e0d76d6?campaignid=8d47ec10-7582-11e9-ac85-12077332b422
1004 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usa.odysseus-nua.com/zcvisitor/b216ce40-7b2b-11e9-9808-0a5e0e0d76d6?campaignid=8d47ec10-7582-11e9-ac85-12077332b422
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Server
35.175.21.193 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-35-175-21-193.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
91e83e5e0936de3e742208324f032bdcbe8e0fbbfb0b998b7f99ea5ab540cc29
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usa.odysseus-nua.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ww25.sharebutton.co/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://ww25.sharebutton.co/

Response headers

Date
Mon, 20 May 2019 18:18:42 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server
ZeroPark-Traffic

Redirect headers

Server
openresty
Date
Mon, 20 May 2019 18:18:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Location
http://usa.odysseus-nua.com/zcvisitor/b216ce40-7b2b-11e9-9808-0a5e0e0d76d6?campaignid=8d47ec10-7582-11e9-ac85-12077332b422
zcredirect
usa.dauid-iep.com/ 		352 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usa.dauid-iep.com/zcredirect?visitid=b216ce40-7b2b-11e9-9808-0a5e0e0d76d6&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: usa.odysseus-nua.com
URL: http://usa.odysseus-nua.com/zcvisitor/b216ce40-7b2b-11e9-9808-0a5e0e0d76d6?campaignid=8d47ec10-7582-11e9-ac85-12077332b422
Protocol
HTTP/1.1
Server
3.92.103.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-92-103-120.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usa.dauid-iep.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://usa.odysseus-nua.com/zcvisitor/b216ce40-7b2b-11e9-9808-0a5e0e0d76d6?campaignid=8d47ec10-7582-11e9-ac85-12077332b422
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://usa.odysseus-nua.com/zcvisitor/b216ce40-7b2b-11e9-9808-0a5e0e0d76d6?campaignid=8d47ec10-7582-11e9-ac85-12077332b422

Response headers

Date
Mon, 20 May 2019 18:18:43 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected
JS
Server
ZeroPark-Traffic
Primary Request index.html
hentaifap.land/cw/cw_0319/land_cw_180319_en/
Redirect Chain
  • https://gamescarousel.com/?5cd97077aef&ag_custom_domain=russet-lark-lima-due-1hD3D7g9
  • https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Requested by
Host: usa.dauid-iep.com
URL: http://usa.dauid-iep.com/zcredirect?visitid=b216ce40-7b2b-11e9-9808-0a5e0e0d76d6&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e05998743a82d03a8a7a814feafcf994cb02e707adcf2bb945013074b1119e

Request headers

:method
GET
:authority
hentaifap.land
:scheme
https
:path
/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://usa.dauid-iep.com/zcredirect?visitid=b216ce40-7b2b-11e9-9808-0a5e0e0d76d6&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://usa.dauid-iep.com/zcredirect?visitid=b216ce40-7b2b-11e9-9808-0a5e0e0d76d6&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status
200
date
Mon, 20 May 2019 18:18:43 GMT
content-type
text/html
set-cookie
__cfduid=d4a305bcb85e6ff23a7cbbb9d84927b951558376323; expires=Tue, 19-May-20 18:18:43 GMT; path=/; domain=.hentaifap.land; HttpOnly
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4da05095a977d705-FRA
content-encoding
br

Redirect headers

status
302
date
Mon, 20 May 2019 18:18:43 GMT
content-type
text/html
set-cookie
__cfduid=daa109d8dca86f5966a5b1462a21e42f91558376323; expires=Tue, 19-May-20 18:18:43 GMT; path=/; domain=.gamescarousel.com; HttpOnly c_e4507e3ccd48e0ee86357d140cebaa57=1; Expires=Tue, 21-May-19 18:18:43 GMT; Domain=gamescarousel.com; Path=/ z_a09220abdbb52f04aafbeb7666d9a588=1; Expires=Tue, 21-May-19 18:18:43 GMT; Domain=gamescarousel.com; Path=/
location
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4da05094bd236419-FRA
main.css
hentaifap.land/cw/cw_0319/land_cw_180319_en/css/ 		3 KB
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/css/main.css
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16bfe9d3cb084c9427fbf8500d5c02f30fbefcc4c1d16f7d48e0dff0218f353

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:48 GMT
server
cloudflare
etag
W/"5c8f9be4-ab3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4da05096ad48d705-FRA
expires
Mon, 20 May 2019 22:18:43 GMT
jquery.min.js
hentaifap.land/cw/cw_0319/land_cw_180319_en/libs/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/libs/jquery.min.js
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:24:06 GMT
server
cloudflare
etag
W/"5c8f9bf6-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4da05096ad4ad705-FRA
expires
Mon, 20 May 2019 22:18:43 GMT
px1.js
ln.gamesrevenue.com/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ln.gamesrevenue.com/px1.js
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.147.176 , United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
c-n120-u3000-176.webazilla.com
Software
nginx /
Resource Hash
0445c6b1a000db234b9183fb0adb76a313c7bad6572dcabaab58deb78a8faee6

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 20 May 2019 18:18:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Mar 2018 12:25:25 GMT
Server
nginx
ETag
W/"5abcdb35-9263"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
close
awpx_click.js
hentaifap.land/ 		1 KB
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hentaifap.land/awpx_click.js?v=005
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7c47edcd7ed481dee6d5b703221f4fee9c34bc23a133bb70fb7876d6946f870

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Nov 2018 15:45:46 GMT
server
cloudflare
etag
W/"5bec432a-5f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4da05096ad4cd705-FRA
expires
Mon, 20 May 2019 22:18:43 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a23cb228a3b6e6a33e3a12e6c5bcdf13fe0b28346ccdadca36097a4b13ac50

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
etag
W/"a5067802576549b3e0627521f03ee508"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
4da050972b2f63b9-FRA
expires
Tue, 21 May 2019 06:18:43 GMT
notice.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/notice.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c4d9a7db00c0a0c59951a5b2c7beaafd4332179d5cdac6a428d978719fa4218

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:24:02 GMT
server
cloudflare
etag
"5c8f9bf2-1a4d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da05096ad4dd705-FRA
content-length
6733
expires
Mon, 20 May 2019 22:18:43 GMT
header.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/header.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6a314a823521be05c252a2a2c61b354a40a53086ebffb20a67d0173cba87ca

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:58 GMT
server
cloudflare
etag
"5c8f9bee-2985"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050975808d705-FRA
content-length
10629
expires
Mon, 20 May 2019 22:18:43 GMT
c4b.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c4b.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
99aba0ed57d1d80176a850beabf180fe65725914c1727cfbab8f9cf4b0509432

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:56 GMT
server
cloudflare
etag
"5c8f9bec-86b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050975816d705-FRA
content-length
34487
expires
Mon, 20 May 2019 22:18:43 GMT
c4bl.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c4bl.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d616bf1c2374eb5c657201ceb94cdc9d77321460d78fd7c36bf077e21c8d5386

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:57 GMT
server
cloudflare
etag
"5c8f9bed-8c2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da05097784ed705-FRA
content-length
35885
expires
Mon, 20 May 2019 22:18:43 GMT
c4n.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c4n.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
be166dc859ea2a849f5bb3ffdb2c5fb182b007a1bc4f6da8878cb91b02680b16

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:57 GMT
server
cloudflare
etag
"5c8f9bed-bd89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050977869d705-FRA
content-length
48521
expires
Mon, 20 May 2019 22:18:43 GMT
c4a.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c4a.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b32fc1325f91f8aa9b848447f3487c8484350cd392a1e327fb3032de690c7d6c

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:56 GMT
server
cloudflare
etag
"5c8f9bec-e1d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da0509788aad705-FRA
content-length
57808
expires
Mon, 20 May 2019 22:18:43 GMT
lvl1.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/lvl1.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
059ca797cbecc2f45bcc7a4d376941b23bffaced8415d1be1e53c400a431d651

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:59 GMT
server
cloudflare
etag
"5c8f9bef-1288"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da0509798e7d705-FRA
content-length
4744
expires
Mon, 20 May 2019 22:18:43 GMT
n-acolyte.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/n-acolyte.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bea27922bf9d81061257a0f31154fb853f3064994fb4c8d1f08bc48293eafef1

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:24:00 GMT
server
cloudflare
etag
"5c8f9bf0-13c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da05097c973d705-FRA
content-length
5065
expires
Mon, 20 May 2019 22:18:43 GMT
c3b.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c3b.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc82d3e7224d34b39da4b46cd0a2ee4de4789be78f65c3983de90ab132f02fc5

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:55 GMT
server
cloudflare
etag
"5c8f9beb-7d5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da05097c98bd705-FRA
content-length
32092
expires
Mon, 20 May 2019 22:18:43 GMT
c3bl.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c3bl.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8616c513138316d16857e0720a4490eeef5161758e3b3670e285265469a16bb4

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:56 GMT
server
cloudflare
etag
"5c8f9bec-835c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da05097d9d5d705-FRA
content-length
33628
expires
Mon, 20 May 2019 22:18:43 GMT
c3n.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c3n.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b47fb11865657aa0dd7d35c81b104269ac82d35177d164d935e7aca04fd9f2d

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:56 GMT
server
cloudflare
etag
"5c8f9bec-ad02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da05097ea48d705-FRA
content-length
44290
expires
Mon, 20 May 2019 22:18:43 GMT
c3a.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c3a.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
15940d9bedcfd817374b2d4c37ec63365d285c24fb2d3388d21fe640007543b6

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:55 GMT
server
cloudflare
etag
"5c8f9beb-cae0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da05097fa52d705-FRA
content-length
51936
expires
Mon, 20 May 2019 22:18:43 GMT
lvl2.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/lvl2.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ea021471ff432e604524ac873635571e0a0c3f335f956209f2b5b1086803c2

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:59 GMT
server
cloudflare
etag
"5c8f9bef-1548"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050980ab0d705-FRA
content-length
5448
expires
Mon, 20 May 2019 22:18:43 GMT
n-vestal.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/n-vestal.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a5c0664197f9c945af089ed1a5bec83c97d615260cfd492d73c8c94ccc1b1c

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:24:01 GMT
server
cloudflare
etag
"5c8f9bf1-12eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050980ab2d705-FRA
content-length
4843
expires
Mon, 20 May 2019 22:18:43 GMT
c1b.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c1b.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
680554b769d9aaca1bc21c8cc190fbaa0bbe19d880f7857633a55e39fa86ad37

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:52 GMT
server
cloudflare
etag
"5c8f9be8-74c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050982b05d705-FRA
content-length
29889
expires
Mon, 20 May 2019 22:18:43 GMT
c1bl.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c1bl.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6737a4e4dce37a5a1a84718143ef6045a60136f811b76347986b10dbc58aa5

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:53 GMT
server
cloudflare
etag
"5c8f9be9-7558"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050982b06d705-FRA
content-length
30040
expires
Mon, 20 May 2019 22:18:43 GMT
c1n.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c1n.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f4c69f1f21f0a734e0f3ab9331e036294a36a0c75bb3443e308feb83726081

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:53 GMT
server
cloudflare
etag
"5c8f9be9-9ba5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050983b4ad705-FRA
content-length
39845
expires
Mon, 20 May 2019 22:18:43 GMT
c1a.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c1a.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51f98498b5b41ee215addc17ddd093a66f81e224326e243a075bb5677176b6e

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:51 GMT
server
cloudflare
etag
"5c8f9be7-a848"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050983b4ed705-FRA
content-length
43080
expires
Mon, 20 May 2019 22:18:43 GMT
lvl3.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/lvl3.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
15970049ea867b1c39a7a6fd041998af487ea1b752072e1aa5ccffd844e9efc8

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:59 GMT
server
cloudflare
etag
"5c8f9bef-25d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050985b9cd705-FRA
content-length
9688
expires
Mon, 20 May 2019 22:18:43 GMT
n-paladin.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/n-paladin.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c47c3f8178f7c8c54f977859f0c0cfba95a3e850eb4a51c7d05c7aeca1013ac

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:24:00 GMT
server
cloudflare
etag
"5c8f9bf0-12f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050985ba6d705-FRA
content-length
4850
expires
Mon, 20 May 2019 22:18:43 GMT
c2b.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c2b.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c0dfe3d823fa1f7d451513ffe1438ee2b149e807391f289ce2dc08afed59335

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:54 GMT
server
cloudflare
etag
"5c8f9bea-8211"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050986bfbd705-FRA
content-length
33297
expires
Mon, 20 May 2019 22:18:43 GMT
c2bl.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c2bl.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b882c7e5ea0ae9354fc93b0d3a6cae91c6087830e9d9e8536ef1bd40867f58d7

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:54 GMT
server
cloudflare
etag
"5c8f9bea-8425"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050986c06d705-FRA
content-length
33829
expires
Mon, 20 May 2019 22:18:43 GMT
c2n.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c2n.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0dedc9bf1f582614a8a9bdbb71e010c0778552b7e0d4e01e744fbd157dc1bba

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:54 GMT
server
cloudflare
etag
"5c8f9bea-af1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050987c42d705-FRA
content-length
44828
expires
Mon, 20 May 2019 22:18:43 GMT
c2a.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/c2a.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c066f1f6283a89c89446b4a0d5d64d6ae1d59006efb4c0f074174233ac0d90ba

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:53 GMT
server
cloudflare
etag
"5c8f9be9-cca6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050988c79d705-FRA
content-length
52390
expires
Mon, 20 May 2019 22:18:43 GMT
lvl4.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/lvl4.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f55274c1eb560fafe66f83071dcd7ff2ce0176ebf5c8147c65d4e393c55c498e

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:24:00 GMT
server
cloudflare
etag
"5c8f9bf0-24da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da05098acddd705-FRA
content-length
9434
expires
Mon, 20 May 2019 22:18:43 GMT
n-prophet.png
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/n-prophet.png
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
828508398e91f2412c6a4110de082b033585a0ca3af54b5a11ce7fc88fdf55fa

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:24:01 GMT
server
cloudflare
etag
"5c8f9bf1-139c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da05098ace7d705-FRA
content-length
5020
expires
Mon, 20 May 2019 22:18:43 GMT
main.js
hentaifap.land/cw/cw_0319/land_cw_180319_en/scripts/ 		570 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/scripts/main.js
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f013a676d5439ca8cb07dc293105e9ae5326a85309fd2475ccbde27d7724526

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:24:09 GMT
server
cloudflare
etag
W/"5c8f9bf9-23a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4da05096cdd2d705-FRA
expires
Mon, 20 May 2019 22:18:43 GMT
bg.jpg
hentaifap.land/cw/cw_0319/land_cw_180319_en/image/ 		216 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/image/bg.jpg
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4a88 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e934b05ea328a5e99bab019333985d2c65d1c18c716da3d6ce5f717e8208085

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:44 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2019 13:23:52 GMT
server
cloudflare
etag
"5c8f9be8-3600c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4da050996f53d705-FRA
content-length
221196
expires
Mon, 20 May 2019 22:18:44 GMT
tag.js
mc.yandex.ru/metrika/ 		332 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: hentaifap.land
URL: https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b40168390afd721c2c0effd9b3b132b6d5334aff57106389b1aafa37a0a7af33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 20 May 2019 18:18:44 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Apr 2019 09:34:44 GMT
Server
nginx/1.12.2
ETag
"5cc6c534-1555e"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
87390
Expires
Mon, 20 May 2019 19:18:44 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		212 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e10b6e9c0b5b9586c6cdf307466474b438989e57732c2b41ec69b03b363533b

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:44 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
etag
W/"c855e8eb5fbdafddfa15bc848b662c44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
4da050997d4563b9-FRA
expires
Thu, 23 May 2019 18:18:44 GMT
web
onesignal.com/api/v1/sync/bdf5338c-b86f-44c9-bc77-e946a73d020e/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/bdf5338c-b86f-44c9-bc77-e946a73d020e/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger 5.3.2
Resource Hash
e28b912cec2fa401a53136859fed32aa55ce07cead39b8763e2b871ccefaa457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 May 2019 18:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
Phusion Passenger 5.3.2
status
200, 200 OK
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
80dbb7a8-6631-4c33-9dff-47e658c99833
x-runtime
0.085331
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-polished
origSize=3308
cf-ray
4da05099cd8c63b9-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 20 May 2019 18:23:44 GMT
1
mc.yandex.ru/watch/47880065/
Redirect Chain
  • https://mc.yandex.ru/watch/47880065?wmode=7&page-ref=http%3A%2F%2Fusa.dauid-iep.com%2Fzcredirect%3Fvisitid%3Db216ce40-7b2b-11e9-9808-0a5e0e0d76d6%26type%3Djs%26browserWidth%3D1600%26browserHeight%3...
  • https://mc.yandex.ru/watch/47880065/1?wmode=7&page-ref=http%3A%2F%2Fusa.dauid-iep.com%2Fzcredirect%3Fvisitid%3Db216ce40-7b2b-11e9-9808-0a5e0e0d76d6%26type%3Djs%26browserWidth%3D1600%26browserHeight...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/47880065/1?wmode=7&page-ref=http%3A%2F%2Fusa.dauid-iep.com%2Fzcredirect%3Fvisitid%3Db216ce40-7b2b-11e9-9808-0a5e0e0d76d6%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&page-url=https%3A%2F%2Fhentaifap.land%2Fcw%2Fcw_0319%2Fland_cw_180319_en%2Findex.html%3Fp%3D1%26utm_campaign%3Dpu_zeropark_nutra_ron_tier1%26utm_medium%3Dclick%26utm_source%3Dpu%26utm_content%3Drusset-lark-lima-due-1hD3D7g9%26bnid%3Dland_cw_180319_en%26crID%3D255458%26zID%3D9306&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558376323227%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190520181844%3Aet%3A1558376324%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A818114375%3Ahid%3A530650336%3Ads%3A13%2C32%2C144%2C0%2C192%2C0%2C0%2C449%2C1%2C%2C%2C%2C837%3Afp%3A837%3Awn%3A5832%3Ahl%3A3%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558376324%3Au%3A1558376324372677686%3At%3ACuntWars
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 May 2019 18:18:44 GMT
Last-Modified
Mon, 20-May-2019 18:18:44 GMT
Server
nginx/1.12.2
Location
/watch/47880065/1?wmode=7&page-ref=http%3A%2F%2Fusa.dauid-iep.com%2Fzcredirect%3Fvisitid%3Db216ce40-7b2b-11e9-9808-0a5e0e0d76d6%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&page-url=https%3A%2F%2Fhentaifap.land%2Fcw%2Fcw_0319%2Fland_cw_180319_en%2Findex.html%3Fp%3D1%26utm_campaign%3Dpu_zeropark_nutra_ron_tier1%26utm_medium%3Dclick%26utm_source%3Dpu%26utm_content%3Drusset-lark-lima-due-1hD3D7g9%26bnid%3Dland_cw_180319_en%26crID%3D255458%26zID%3D9306&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558376323227%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190520181844%3Aet%3A1558376324%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A818114375%3Ahid%3A530650336%3Ads%3A13%2C32%2C144%2C0%2C192%2C0%2C0%2C449%2C1%2C%2C%2C%2C837%3Afp%3A837%3Awn%3A5832%3Ahl%3A3%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558376324%3Au%3A1558376324372677686%3At%3ACuntWars
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://hentaifap.land
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 20-May-2019 18:18:44 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 20 May 2019 18:18:44 GMT
Last-Modified
Mon, 20-May-2019 18:18:44 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
https://hentaifap.land
Strict-Transport-Security
max-age=31536000
Location
/watch/47880065/1?wmode=7&page-ref=http%3A%2F%2Fusa.dauid-iep.com%2Fzcredirect%3Fvisitid%3Db216ce40-7b2b-11e9-9808-0a5e0e0d76d6%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&page-url=https%3A%2F%2Fhentaifap.land%2Fcw%2Fcw_0319%2Fland_cw_180319_en%2Findex.html%3Fp%3D1%26utm_campaign%3Dpu_zeropark_nutra_ron_tier1%26utm_medium%3Dclick%26utm_source%3Dpu%26utm_content%3Drusset-lark-lima-due-1hD3D7g9%26bnid%3Dland_cw_180319_en%26crID%3D255458%26zID%3D9306&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558376323227%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190520181844%3Aet%3A1558376324%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A818114375%3Ahid%3A530650336%3Ads%3A13%2C32%2C144%2C0%2C192%2C0%2C0%2C449%2C1%2C%2C%2C%2C837%3Afp%3A837%3Awn%3A5832%3Ahl%3A3%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558376324%3Au%3A1558376324372677686%3At%3ACuntWars
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 20-May-2019 18:18:44 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 20 May 2019 18:18:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Mon, 20 May 2019 19:18:44 GMT
1
mc.yandex.ru/watch/47880065/ 		152 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/47880065/1?wmode=7&page-ref=http%3A%2F%2Fusa.dauid-iep.com%2Fzcredirect%3Fvisitid%3Db216ce40-7b2b-11e9-9808-0a5e0e0d76d6%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&page-url=https%3A%2F%2Fhentaifap.land%2Fcw%2Fcw_0319%2Fland_cw_180319_en%2Findex.html%3Fp%3D1%26utm_campaign%3Dpu_zeropark_nutra_ron_tier1%26utm_medium%3Dclick%26utm_source%3Dpu%26utm_content%3Drusset-lark-lima-due-1hD3D7g9%26bnid%3Dland_cw_180319_en%26crID%3D255458%26zID%3D9306&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558376323227%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190520181844%3Aet%3A1558376324%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A818114375%3Ahid%3A530650336%3Ads%3A13%2C32%2C144%2C0%2C192%2C0%2C0%2C449%2C1%2C%2C%2C%2C837%3Afp%3A837%3Awn%3A5832%3Ahl%3A3%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558376324%3Au%3A1558376324372677686%3At%3ACuntWars
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
34b10650317a38e0a5d7c4008b314a6f4a7e3a4d4cb8285c494df67b7678ce3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
Origin
https://hentaifap.land
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 20 May 2019 18:18:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 20-May-2019 18:18:44 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://hentaifap.land
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Mon, 20-May-2019 18:18:44 GMT
webPushAnalytics
onesignal.com/ Frame 8475 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/webPushAnalytics
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
onesignal.com
:scheme
https
:path
/webPushAnalytics
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://hentaifap.land/cw/cw_0319/land_cw_180319_en/index.html?p=1&utm_campaign=pu_zeropark_nutra_ron_tier1&utm_medium=click&utm_source=pu&utm_content=russet-lark-lima-due-1hD3D7g9&bnid=land_cw_180319_en&crID=255458&zID=9306

Response headers

status
200
date
Mon, 20 May 2019 18:18:46 GMT
content-type
text/html
set-cookie
__cfduid=dc72fe4a60f0fcb9deb17aefc8ed188921558376326; expires=Tue, 19-May-20 18:18:46 GMT; path=/; domain=.onesignal.com; HttpOnly
last-modified
Fri, 17 May 2019 01:03:51 GMT
cf-cache-status
HIT
expires
Mon, 20 May 2019 19:18:46 GMT
cache-control
public, max-age=3600
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4da050a7cb0c63b9-FRA
content-encoding
gzip

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| adfunc function| getSearchParameters function| transformToAssocArray object| params function| OneSignal number| __oneSignalSdkLoadCount function| __jp0 object| Ya object| yaCounter47880065

3 Cookies

Domain/Path Name / Value
.hentaifap.land/ Name: _ym_d
Value: 1558376324
.hentaifap.land/ Name: _ym_uid
Value: 1558376324372677686
.hentaifap.land/ Name: __cfduid
Value: dc7597a93fa00a37312bdaf087308f7131558376324

2 Console Messages

Source Level URL
Text
console-api error URL: https://mc.yandex.ru/metrika/tag.js(Line 236)
Message:
FATAL [init-failed]:
console-api error URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703(Line 1)
Message:
TypeError: Cannot read property 'permission' of undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
gamescarousel.com
hentaifap.land
ln.gamesrevenue.com
mc.yandex.ru
onesignal.com
usa.dauid-iep.com
usa.odysseus-nua.com
ww25.sharebutton.co
www.google-analytics.com
www.google.com
www.sharebutton.co
103.224.182.250
199.59.242.151
204.155.147.176
2606:4700:30::681c:1275
2606:4700:30::681f:4a88
2606:4700::6810:cda5
2a00:1450:4001:817::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2004
2a00:1450:4001:824::200a
2a02:6b8::1:119
3.92.103.120
35.175.21.193
0445c6b1a000db234b9183fb0adb76a313c7bad6572dcabaab58deb78a8faee6
059ca797cbecc2f45bcc7a4d376941b23bffaced8415d1be1e53c400a431d651
0e10b6e9c0b5b9586c6cdf307466474b438989e57732c2b41ec69b03b363533b
0f013a676d5439ca8cb07dc293105e9ae5326a85309fd2475ccbde27d7724526
13f4c69f1f21f0a734e0f3ab9331e036294a36a0c75bb3443e308feb83726081
15940d9bedcfd817374b2d4c37ec63365d285c24fb2d3388d21fe640007543b6
15970049ea867b1c39a7a6fd041998af487ea1b752072e1aa5ccffd844e9efc8
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
26a5c0664197f9c945af089ed1a5bec83c97d615260cfd492d73c8c94ccc1b1c
26cc41c8b8b945615feb96476d3c673e72ab10c66a0ab0902c9e9819cc9373a6
34b10650317a38e0a5d7c4008b314a6f4a7e3a4d4cb8285c494df67b7678ce3b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57ea021471ff432e604524ac873635571e0a0c3f335f956209f2b5b1086803c2
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
63a23cb228a3b6e6a33e3a12e6c5bcdf13fe0b28346ccdadca36097a4b13ac50
680554b769d9aaca1bc21c8cc190fbaa0bbe19d880f7857633a55e39fa86ad37
6c0dfe3d823fa1f7d451513ffe1438ee2b149e807391f289ce2dc08afed59335
6c4d9a7db00c0a0c59951a5b2c7beaafd4332179d5cdac6a428d978719fa4218
7b47fb11865657aa0dd7d35c81b104269ac82d35177d164d935e7aca04fd9f2d
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
7e6a314a823521be05c252a2a2c61b354a40a53086ebffb20a67d0173cba87ca
828508398e91f2412c6a4110de082b033585a0ca3af54b5a11ce7fc88fdf55fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8616c513138316d16857e0720a4490eeef5161758e3b3670e285265469a16bb4
88848d68fac5206dbbc23232c03bdd42c4978a0acfd5f10e1c72ce3ef2c5a28a
906b9380fef0de7a62db28538f3994ad3dc8ddecc6e32500f19d3ed8bc8bd83c
91e83e5e0936de3e742208324f032bdcbe8e0fbbfb0b998b7f99ea5ab540cc29
99aba0ed57d1d80176a850beabf180fe65725914c1727cfbab8f9cf4b0509432
9c47c3f8178f7c8c54f977859f0c0cfba95a3e850eb4a51c7d05c7aeca1013ac
9e934b05ea328a5e99bab019333985d2c65d1c18c716da3d6ce5f717e8208085
9f36cd3352e86d4959f7c69198039b9b3d5775b88b28ccac8205c8370bd151c8
a0dedc9bf1f582614a8a9bdbb71e010c0778552b7e0d4e01e744fbd157dc1bba
a51f98498b5b41ee215addc17ddd093a66f81e224326e243a075bb5677176b6e
b32fc1325f91f8aa9b848447f3487c8484350cd392a1e327fb3032de690c7d6c
b3e05998743a82d03a8a7a814feafcf994cb02e707adcf2bb945013074b1119e
b40168390afd721c2c0effd9b3b132b6d5334aff57106389b1aafa37a0a7af33
b882c7e5ea0ae9354fc93b0d3a6cae91c6087830e9d9e8536ef1bd40867f58d7
be166dc859ea2a849f5bb3ffdb2c5fb182b007a1bc4f6da8878cb91b02680b16
bea27922bf9d81061257a0f31154fb853f3064994fb4c8d1f08bc48293eafef1
c066f1f6283a89c89446b4a0d5d64d6ae1d59006efb4c0f074174233ac0d90ba
d616bf1c2374eb5c657201ceb94cdc9d77321460d78fd7c36bf077e21c8d5386
e28b912cec2fa401a53136859fed32aa55ce07cead39b8763e2b871ccefaa457
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c47edcd7ed481dee6d5b703221f4fee9c34bc23a133bb70fb7876d6946f870
ee6737a4e4dce37a5a1a84718143ef6045a60136f811b76347986b10dbc58aa5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16bfe9d3cb084c9427fbf8500d5c02f30fbefcc4c1d16f7d48e0dff0218f353
f55274c1eb560fafe66f83071dcd7ff2ce0176ebf5c8147c65d4e393c55c498e
fc82d3e7224d34b39da4b46cd0a2ee4de4789be78f65c3983de90ab132f02fc5