www.googletagmanager.com/gtag/js?id=G-0NJH4KSC7E
200 OK 86 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-0NJH4KSC7E
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3034)
Hash 3db12ee58a569cfbb3c12e21300c9afa
fa96a3ed21c9406eb9a2e6d2e676ac623d5dcbae
3141c7905aaa5db86cac9cee017297272c4a2f89c2c982ea4b6737beebe60d79
GET /gtag/js?id=G-0NJH4KSC7E HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 08:31:04 GMT
expires: Thu, 30 Nov 2023 08:31:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85788
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay/assets/css/front.crollbar.css
200 OK 1.7 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/css/front.crollbar.css
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (7898), with no line terminators
Hash 3ab465cc8630739a550d9a01e89da345
a5da49bcc9493ab18acef886d73fb2519c944477
71f34b962b76fe3e1a18f5576687ad13bbbdd932f4b3bfb2609cd3d20856c5a4
GET /wp-content/themes/dooplay/assets/css/front.crollbar.css HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
age: 588791
cf-bgj: minify
cf-polished: origSize=9183
etag: W/"5f7b0dc4-23df"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 80
x-varnish: 541259812 542530003
cache-control: max-age=14400
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb656cbb56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/idtabs.js
200 OK 17 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/idtabs.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (1541), with no line terminators
Hash d96d08755c4c573440104e2854602307
4f29944141ddf1ac30eabc29f654b6e93a972116
b24ccde4c9432756c63f7d5d4a2cc183ce5cb95df68ea8ea36fb6dd80c237107
GET /wp-content/themes/dooplay/assets/js/lib/idtabs.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
age: 588791
cf-bgj: minify
cf-polished: origSize=1543
etag: W/"5f7b0dc4-607"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 11
x-varnish: 541259798 537314786
cache-control: max-age=14400
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb657cd456c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 12811
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/starstruck.raty.js
200 OK 19 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/starstruck.raty.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (10362), with no line terminators
Hash a7e47ff99390516c36541dbed153ba61
1774d0b5e43454c67da3389e2aba827213f239eb
52578f80b0bde06ec3f6808dd9703a5d778b72b6dbb80b462ef113ae217cc15c
GET /wp-content/themes/dooplay/assets/js/lib/starstruck.raty.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
age: 452038
cf-bgj: minify
cf-polished: origSize=10364
etag: W/"5f7b0dc4-287c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 1
x-varnish: 593265711 586558142
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb65bd1556c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay/assets/js/min/front.ajax.js
200 OK 19 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/js/min/front.ajax.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (13241), with no line terminators
Hash d3a240199a446002247def9f8a1dba2c
0742d116ec9ec4410af3ed539fcb3908be794ef3
02a43c6e1ba06dbeb3ae05e129508da4c3a693af7e93237a1b07e467b4d4d444
GET /wp-content/themes/dooplay/assets/js/min/front.ajax.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
age: 354119
cf-bgj: minify
cf-polished: origSize=13242
etag: W/"5f7b0dc4-33ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 1
x-varnish: 618897584 615656904
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb657cdc56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay/assets/css/fonts/icomoon.ttf?k4wkth
21 kB URL www1.verhentai.top/wp-content/themes/dooplay/assets/css/fonts/icomoon.ttf?k4wkth
IP
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash 14295f67edc73c8347d68095bae61600
d22548eafa28fb00605e26878c56178baa2687fb
0833e6c75b1caf281d32e8a8aaa4e97bb814b603296828245b2bd7d2dec43aff
GET /wp-content/themes/dooplay/assets/css/fonts/icomoon.ttf?k4wkth HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/wp-content/themes/dooplay/assets/css/front.icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: application/octet-stream
content-length: 20596
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
etag: "5f7b0dc4-5074"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
x-varnish: 548931015 547359544
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 97
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb681f4056c5-OSL
X-Firefox-Spdy: h2
ads.adxadserv.com/ad?spotid=5f6f78cf61d6e26c9f742e1f&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069429&screen=1280x1024&tags=
1.5 kB URL ads.adxadserv.com/ad?spotid=5f6f78cf61d6e26c9f742e1f&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069429&screen=1280x1024&tags=
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (579)
Hash 1ace9e2296cf92dfb05a26415d288bb8
74c34e75e0c355d439342f6f58cb6066aa2b217e
9d9e95dae12e8b7515b43431f8a9e3dd37f911fe794c9e68e7e4fd223c9e1c0f
GET /ad?spotid=5f6f78cf61d6e26c9f742e1f&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069429&screen=1280x1024&tags= HTTP/1.1
Host: ads.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: text/html; charset=utf-8
content-length: 1479
cache-control: no-cache
X-Firefox-Spdy: h2
ads.adxadserv.com/ad?spotid=5f6f756561d6e250352ccfa0&type=300x250&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069451&screen=1280x1024&tags=
200 OK 1.5 kB URL GET HTTP/2 ads.adxadserv.com/ad?spotid=5f6f756561d6e250352ccfa0&type=300x250&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069451&screen=1280x1024&tags=
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectads.adxadserv.com
Fingerprint70:CD:DE:2A:A2:EF:09:F0:B6:28:0D:89:0D:62:5D:45:FA:43:AF:0D
ValidityFri, 13 Oct 2023 20:21:22 GMT - Thu, 11 Jan 2024 20:21:21 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (581)
Hash 8e364e2861a36c629da3a08789736454
7421a66f37f4279c871a03319b2a091906523582
e046624f741e1663492e5a433f960af19edcbdbe62cbc6e8316ff5d6309941e8
GET /ad?spotid=5f6f756561d6e250352ccfa0&type=300x250&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069451&screen=1280x1024&tags= HTTP/1.1
Host: ads.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: text/html; charset=utf-8
content-length: 1520
cache-control: no-cache
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay/assets/css/front.mobile.css
200 OK 11 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/css/front.mobile.css
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (7404), with no line terminators
Hash da2c67d53392fb428536b7297232abce
bfe305891f5589ccb1f8aebc9748f792c5e392bb
0c9985d792a9bcf20b44e21414ea6c95b2bd1ccf7b8a70ea474b6b8ff32d0be7
GET /wp-content/themes/dooplay/assets/css/front.mobile.css HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
age: 437661
cf-bgj: minify
cf-polished: origSize=11882
etag: W/"5f7b0f2c-2e6a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:18:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: MISS
x-cache-hits: 0
x-varnish: 595561058
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb657cc756c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.adxadserv.com/ad?spotid=5f6f78e361d6e216493b2fc4&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069448&screen=1280x1024&tags=
1.5 kB URL ads.adxadserv.com/ad?spotid=5f6f78e361d6e216493b2fc4&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069448&screen=1280x1024&tags=
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (579)
Hash f10eff7b34d43aaf7517142da46d3254
400dd0946434205ed0a89dc58d536bec0e9279a5
d7f0f2f06fc5da978fcd046591b09877ab80228cd6a5372a0080595b2c39d36b
GET /ad?spotid=5f6f78e361d6e216493b2fc4&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069448&screen=1280x1024&tags= HTTP/1.1
Host: ads.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: text/html; charset=utf-8
content-length: 1479
cache-control: no-cache
X-Firefox-Spdy: h2
www1.verhentai.top/wp-includes/js/comment-reply.min.js
200 OK 2.0 kB URL GET HTTP/2 www1.verhentai.top/wp-includes/js/comment-reply.min.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (2946)
Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2
db36a77f6aaa2063bfbec02c2c0e967438c5a245
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
GET /wp-includes/js/comment-reply.min.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
last-modified: Sun, 19 Mar 2023 15:40:56 GMT
etag: W/"64172d08-ba5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 547979928 543276641
age: 585967
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 1
cache-control: max-age=14400
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb65cd2d56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.adxadserv.com/js/adb.js
200 OK 2.8 kB URL GET HTTP/2 static.adxadserv.com/js/adb.js
IP
ASN #60068 Datacamp Limited
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subject1585977359.rsc.cdn77.org
Fingerprint11:4C:DC:15:D3:66:0C:E4:77:6D:B8:F8:DE:49:6F:09:2A:C9:1F:CB
ValidityWed, 22 Nov 2023 23:05:55 GMT - Tue, 20 Feb 2024 23:05:54 GMT
File type gzip compressed data, from Unix\012- data
Hash 02455f7530bbbb831c4f830ea0af084b
bc191e48f684e4e9e90b8a7d0624e174329a3d63
2b838102cb5aca0ae25ed0f75a379c72d0a19784a92d9cb91763b8c71bfeb85f
GET /js/adb.js HTTP/1.1
Host: static.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 05 Sep 2023 14:53:26 GMT
etag: W/"64f740e6-510"
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3SV8CAA
x-77-nzt-ray: c0a4cc2841c5757f48486865cf252d2b
x-accel-expires: @1702116655
x-accel-date: 1701177599
x-cache-lb: HIT
x-age-lb: 155465
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 155465
content-encoding: gzip
X-Firefox-Spdy: h2
banneradsday.com/banner300nxe6xydtgy45.js
200 OK 36 kB URL GET HTTP/2 banneradsday.com/banner300nxe6xydtgy45.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGlobalSign nv-sa
Subjectwww.banneradsday.com
Fingerprint64:D2:4F:B0:7F:50:0C:A1:68:6C:40:78:6F:4F:C0:05:B7:2D:89:CF
ValidityTue, 16 May 2023 05:24:22 GMT - Sun, 16 Jun 2024 05:24:21 GMT
File type gzip compressed data, from Unix\012- data
Hash 3176807957df2435b5f1b6f49c42aee0
1e2518a096cabd359b2cc8fcbd801923af8e3cbc
52c2290c899c3f85b19170ce5fb7be793b97b8bddc41319e5078fd416bc10ad5
GET /banner300nxe6xydtgy45.js HTTP/1.1
Host: banneradsday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 20:14:41 GMT
vary: Accept-Encoding
etag: W/"637e7f31-1006"
expires: Sun, 14 Jan 2024 08:31:04 GMT
cache-control: max-age=3888000
content-encoding: gzip
X-Firefox-Spdy: h2
verhentai.top/wp-content/uploads/2019/09/Gaki-ni-Modotte-Yarinaoshi.jpg
301 Moved Permanently 31 kB URL GET HTTP/2 verhentai.top/wp-content/uploads/2019/09/Gaki-ni-Modotte-Yarinaoshi.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 297x525, components 3\012- data
Hash 2007453b2652550d57494e46845551d3
4138518f63dfcc40776ec8d5e2b3612de26cac9a
3204b79a36e8baf38395c1715fe73bb65871c44d7b1a5f752a959c3cfd8bdacb
GET /wp-content/uploads/2019/09/Gaki-ni-Modotte-Yarinaoshi.jpg HTTP/1.1
Host: verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 08:31:05 GMT
location: https://www1.verhentai.top/wp-content/uploads/2019/09/Gaki-ni-Modotte-Yarinaoshi.jpg
cache-control: max-age=3600
expires: Thu, 30 Nov 2023 09:31:05 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6bd89bb523-OSL
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/uploads/2019/06/hzSRvOhinlN9AMkSKDySQU8a0Jf.jpg
200 OK 71 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2019/06/hzSRvOhinlN9AMkSKDySQU8a0Jf.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x750, components 3\012- data
Hash ebe977152faaecae046d679a7d424ed0
79a1cecd16ac2549645ca6edf8a482b93e14b95d
112d11a2219518b53461cd48966ba415f545e4528294c94f1161777d0be75040
GET /wp-content/uploads/2019/06/hzSRvOhinlN9AMkSKDySQU8a0Jf.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: image/jpeg
content-length: 71045
last-modified: Fri, 20 Sep 2019 18:37:02 GMT
etag: "5d851c4e-11585"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 539229198 546903352
age: 585967
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 6
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6cbc7856c5-OSL
X-Firefox-Spdy: h2
verhentai.top/wp-content/uploads/2019/06/xbWpcuM529DZglBi4VApxkuWlaF.jpg
66 kB URL verhentai.top/wp-content/uploads/2019/06/xbWpcuM529DZglBi4VApxkuWlaF.jpg
IP
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x750, components 3\012- data
Hash 6f3e7dc5b71fc64f2c5da05fc8508b4a
05e9b01f6659ff30a511aa4fe249cea83b0504f3
d36d64b25214fdd90d28f5205932dbcfb6e33a66db24c5e0c4214b9d2477ac22
GET /wp-content/uploads/2019/06/xbWpcuM529DZglBi4VApxkuWlaF.jpg HTTP/1.1
Host: verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 08:31:05 GMT
location: https://www1.verhentai.top/wp-content/uploads/2019/06/xbWpcuM529DZglBi4VApxkuWlaF.jpg
cache-control: max-age=3600
expires: Thu, 30 Nov 2023 09:31:05 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6bd8a6b523-OSL
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/uploads/2019/06/hafrfK8pPtApWE34h2wJdpLWHOO.jpg
200 OK 55 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2019/06/hafrfK8pPtApWE34h2wJdpLWHOO.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x800, components 3\012- data
Hash e89869f729593e4f85fbc5a95b35f139
992db6e1ca95ec1c03c530958f170ac2448cc3da
37051037185430710baf89db71604295e11b2012c3bfc39f504a47db5a050c76
GET /wp-content/uploads/2019/06/hafrfK8pPtApWE34h2wJdpLWHOO.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: image/jpeg
content-length: 54857
last-modified: Fri, 20 Sep 2019 18:32:28 GMT
etag: "5d851b3c-d649"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 544945335 543507529
age: 585967
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 46
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6cbc7f56c5-OSL
X-Firefox-Spdy: h2
verhentai.top/wp-content/uploads/2019/06/Shoujo-Ramune-1.jpg
301 Moved Permanently 102 kB URL GET HTTP/2 verhentai.top/wp-content/uploads/2019/06/Shoujo-Ramune-1.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 715x1000, components 3\012- data
Size 102 kB (102407 bytes)
Hash c6d85a94d2dd45fbb426083b359d9969
3cdb7e0f604bba7b082898c86c40f5d7bf2ca249
32e0c1560e0126b96a54b3bd004f02a20e4d08d76f9c942b91da7e4014d39d1d
GET /wp-content/uploads/2019/06/Shoujo-Ramune-1.jpg HTTP/1.1
Host: verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 08:31:05 GMT
location: https://www1.verhentai.top/wp-content/uploads/2019/06/Shoujo-Ramune-1.jpg
cache-control: max-age=3600
expires: Thu, 30 Nov 2023 09:31:05 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6be8aeb523-OSL
X-Firefox-Spdy: h2
verhentai.top/wp-content/uploads/2019/06/Gaki-ni-Modotte-Yarinaoshi-jav-live-action-1.jpg
301 Moved Permanently 63 kB URL GET HTTP/2 verhentai.top/wp-content/uploads/2019/06/Gaki-ni-Modotte-Yarinaoshi-jav-live-action-1.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 380x536, components 3\012- data
Hash 53b727f5f5324cce23eb2ff64a8d1760
c9b97decf0367039340c53dc38770f90243c6a8f
7a7de2f19d354d4a7187428df516601a13d36ac9402166bc985310d5130f4465
GET /wp-content/uploads/2019/06/Gaki-ni-Modotte-Yarinaoshi-jav-live-action-1.jpg HTTP/1.1
Host: verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 08:31:05 GMT
location: https://www1.verhentai.top/wp-content/uploads/2019/06/Gaki-ni-Modotte-Yarinaoshi-jav-live-action-1.jpg
cache-control: max-age=3600
expires: Thu, 30 Nov 2023 09:31:05 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6be8b9b523-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
200 OK 35 kB URL GET HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
Requested by https://ads.adxadserv.com/ad?spotid=5f6f78e361d6e216493b2fc4&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069448&screen=1280x1024&tags=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.adxadserv.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:57 GMT
expires: Fri, 22 Nov 2024 23:21:57 GMT
cache-control: public, max-age=31536000
age: 551348
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
200 OK 35 kB URL GET HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
Requested by https://ads.adxadserv.com/ad?spotid=5f6f78e361d6e216493b2fc4&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069448&screen=1280x1024&tags=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.adxadserv.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:57 GMT
expires: Fri, 22 Nov 2024 23:21:57 GMT
cache-control: public, max-age=31536000
age: 551348
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
200 OK 35 kB URL GET HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
Requested by https://ads.adxadserv.com/ad?spotid=5f6f78e361d6e216493b2fc4&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069448&screen=1280x1024&tags=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.adxadserv.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:57 GMT
expires: Fri, 22 Nov 2024 23:21:57 GMT
cache-control: public, max-age=31536000
age: 551348
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
verhentai.top/wp-content/uploads/2019/06/hafrfK8pPtApWE34h2wJdpLWHOO.jpg
301 Moved Permanently 35 kB URL GET HTTP/2 verhentai.top/wp-content/uploads/2019/06/hafrfK8pPtApWE34h2wJdpLWHOO.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /wp-content/uploads/2019/06/hafrfK8pPtApWE34h2wJdpLWHOO.jpg HTTP/1.1
Host: verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 08:31:05 GMT
location: https://www1.verhentai.top/wp-content/uploads/2019/06/hafrfK8pPtApWE34h2wJdpLWHOO.jpg
cache-control: max-age=3600
expires: Thu, 30 Nov 2023 09:31:05 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6be8b0b523-OSL
X-Firefox-Spdy: h2
r.trackwilltrk.com/s1/a07e547b-49b9-41f3-9d4b-f6343c4a8d0b?externalId=c8feea6e-30e6-49aa-9933-55de5cf98271&cv1=c8feea6e-30e6-49aa-9933-55de5cf98271&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d89ca61d6e210ac324fb9&cv5=623d896b61d6e210ac324fb7&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f78cf61d6e26c9f742e1f&cv10=exim_adxad_stub2_300x100_
200 OK 1.3 kB URL GET HTTP/1.1 r.trackwilltrk.com/s1/a07e547b-49b9-41f3-9d4b-f6343c4a8d0b?externalId=c8feea6e-30e6-49aa-9933-55de5cf98271&cv1=c8feea6e-30e6-49aa-9933-55de5cf98271&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d89ca61d6e210ac324fb9&cv5=623d896b61d6e210ac324fb7&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f78cf61d6e26c9f742e1f&cv10=exim_adxad_stub2_300x100_
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://ads.adxadserv.com/ad?spotid=5f6f78cf61d6e26c9f742e1f&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069429&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subjectr.trackwilltrk.com
FingerprintA8:53:A6:ED:2C:DE:1B:AD:FC:D4:34:DD:83:A1:60:B4:8F:B1:28:DC
ValidityMon, 30 Oct 2023 07:27:38 GMT - Sun, 28 Jan 2024 07:27:37 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (698)
Hash ce11864f26f3a0010e042bae51418fe9
1d65b53d513727de7425b89596b6aa0c2411e4ca
3cb77e24944aa129878ffaa84268034bd4b426c273bf2526b744aa32cb671c17
GET /s1/a07e547b-49b9-41f3-9d4b-f6343c4a8d0b?externalId=c8feea6e-30e6-49aa-9933-55de5cf98271&cv1=c8feea6e-30e6-49aa-9933-55de5cf98271&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d89ca61d6e210ac324fb9&cv5=623d896b61d6e210ac324fb7&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f78cf61d6e26c9f742e1f&cv10=exim_adxad_stub2_300x100_ HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: uid=vDMLi5r-pf; Path=/; Domain=trackwilltrk.com; Expires=Fri, 01 Dec 2023 08:31:05 GMT; HttpOnly
X-Request-Id: f6bd53ed-f0c6-4be7-9d4a-c7c6ff804bdf
Content-Encoding: gzip
js.wpadmngr.com/static/adManager.js
200 OK 2.1 kB URL GET HTTP/2 js.wpadmngr.com/static/adManager.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintAC:C2:DC:B6:95:8A:52:42:68:CB:0F:19:3F:56:A9:E9:1F:E6:04:8C
ValiditySun, 12 Nov 2023 03:01:15 GMT - Sat, 10 Feb 2024 03:01:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1671)
Hash 12b07aeb28eba1802c019b946a4b6e8a
2dbbac8f0c9b63baae2094480a595b8f9771771a
184035a379230c9d796a4a9f7434edd4640fbede5fcf776d0fe3fbdff64035ef
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 28 Nov 2023 12:19:41 GMT
etag: W/"6565dadd-681"
content-encoding: gzip
expires: Thu, 30 Nov 2023 08:36:05 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r.trackwilltrk.com/s1/e766d629-8aa2-4f64-800f-7458117d07a9?externalId=82507f88-09ca-4b33-9b51-43b4f8ae8a3f&cv1=82507f88-09ca-4b33-9b51-43b4f8ae8a3f&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d833161d6e27cf559bde1&cv5=623d831361d6e2739a0c4ca4&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f756561d6e250352ccfa0&cv10=exim_adxad_stub1_300x250_
200 OK 1.2 kB URL GET HTTP/1.1 r.trackwilltrk.com/s1/e766d629-8aa2-4f64-800f-7458117d07a9?externalId=82507f88-09ca-4b33-9b51-43b4f8ae8a3f&cv1=82507f88-09ca-4b33-9b51-43b4f8ae8a3f&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d833161d6e27cf559bde1&cv5=623d831361d6e2739a0c4ca4&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f756561d6e250352ccfa0&cv10=exim_adxad_stub1_300x250_
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://ads.adxadserv.com/ad?spotid=5f6f756561d6e250352ccfa0&type=300x250&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069451&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subjectr.trackwilltrk.com
FingerprintA8:53:A6:ED:2C:DE:1B:AD:FC:D4:34:DD:83:A1:60:B4:8F:B1:28:DC
ValidityMon, 30 Oct 2023 07:27:38 GMT - Sun, 28 Jan 2024 07:27:37 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (441)
Hash 306d7cb4ce6126503fd98b58b2d37874
62ed4b1fc96db656cb000c1e9aa0cb5069665732
8b1c9f3a1f7639ebec0f964341876d885991265726dbc378c9d2918fbf9df10c
GET /s1/e766d629-8aa2-4f64-800f-7458117d07a9?externalId=82507f88-09ca-4b33-9b51-43b4f8ae8a3f&cv1=82507f88-09ca-4b33-9b51-43b4f8ae8a3f&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d833161d6e27cf559bde1&cv5=623d831361d6e2739a0c4ca4&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f756561d6e250352ccfa0&cv10=exim_adxad_stub1_300x250_ HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: uid=_YpLW89zpH; Path=/; Domain=trackwilltrk.com; Expires=Fri, 01 Dec 2023 08:31:05 GMT; HttpOnly
X-Request-Id: 9a773a74-31d8-427b-ba54-b2c2a001e1b8
Content-Encoding: gzip
r.trackwilltrk.com/s1/a07e547b-49b9-41f3-9d4b-f6343c4a8d0b?externalId=a8ddeb34-e23d-4d85-ad78-98292f4c8d38&cv1=a8ddeb34-e23d-4d85-ad78-98292f4c8d38&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d89ca61d6e210ac324fb9&cv5=623d896b61d6e210ac324fb7&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f78e361d6e216493b2fc4&cv10=exim_adxad_stub2_300x100_
200 OK 1.3 kB URL GET HTTP/1.1 r.trackwilltrk.com/s1/a07e547b-49b9-41f3-9d4b-f6343c4a8d0b?externalId=a8ddeb34-e23d-4d85-ad78-98292f4c8d38&cv1=a8ddeb34-e23d-4d85-ad78-98292f4c8d38&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d89ca61d6e210ac324fb9&cv5=623d896b61d6e210ac324fb7&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f78e361d6e216493b2fc4&cv10=exim_adxad_stub2_300x100_
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://ads.adxadserv.com/ad?spotid=5f6f78e361d6e216493b2fc4&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069448&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subjectr.trackwilltrk.com
FingerprintA8:53:A6:ED:2C:DE:1B:AD:FC:D4:34:DD:83:A1:60:B4:8F:B1:28:DC
ValidityMon, 30 Oct 2023 07:27:38 GMT - Sun, 28 Jan 2024 07:27:37 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (711)
Hash ebb538e2b8a3229a1f3bac50a73eb4a5
d82d2173ef9209cc8456c834ad7ad1d46ef8cce2
779eb1cd45735dcfbca18b41f4cacb8ebc90f392b62ee05766c5288d6ad4876a
GET /s1/a07e547b-49b9-41f3-9d4b-f6343c4a8d0b?externalId=a8ddeb34-e23d-4d85-ad78-98292f4c8d38&cv1=a8ddeb34-e23d-4d85-ad78-98292f4c8d38&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d89ca61d6e210ac324fb9&cv5=623d896b61d6e210ac324fb7&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f78e361d6e216493b2fc4&cv10=exim_adxad_stub2_300x100_ HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: uid=6YMRi8r-M; Path=/; Domain=trackwilltrk.com; Expires=Fri, 01 Dec 2023 08:31:05 GMT; HttpOnly
X-Request-Id: 9de704bd-7b21-4385-bb5d-f0bc9c90b57a
Content-Encoding: gzip
www1.verhentai.top/wp-content/uploads/2020/08/isekai-harem-monogatari.jpg
200 OK 40 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2020/08/isekai-harem-monogatari.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x560, components 3\012- data
Hash 47c55fe10ecd4c5cb0e76816b7a4fb55
77e70506390739df0bf1ebb80d046c98211d47c1
b8f1bad260b595f152d71cea9046ce85647ded4886a5bbf16118916ce9dfdce7
GET /wp-content/uploads/2020/08/isekai-harem-monogatari.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: image/jpeg
content-length: 39829
last-modified: Sun, 02 Aug 2020 07:55:40 GMT
etag: "5f26717c-9b95"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 557865093 554390364
age: 524383
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 4
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6efea256c5-OSL
X-Firefox-Spdy: h2
verhentai.top/wp-content/uploads/2019/09/vNoWpn2aosCAU7Rowg5rSC3qn3d.jpg
71 kB URL verhentai.top/wp-content/uploads/2019/09/vNoWpn2aosCAU7Rowg5rSC3qn3d.jpg
IP
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x704, components 3\012- data
Hash 54dd88acd40718464881393cf4dfa32c
96ef5a7422568ef5831bb7b2e9857c961126a9f5
8cc8075765e226f0db881bbec0940fa59046a255812cf585fc47c089e2ce17a0
GET /wp-content/uploads/2019/09/vNoWpn2aosCAU7Rowg5rSC3qn3d.jpg HTTP/1.1
Host: verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 08:31:06 GMT
location: https://www1.verhentai.top/wp-content/uploads/2019/09/vNoWpn2aosCAU7Rowg5rSC3qn3d.jpg
cache-control: max-age=3600
expires: Thu, 30 Nov 2023 09:31:06 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6e9c13b523-OSL
X-Firefox-Spdy: h2
verhentai.top/wp-content/uploads/2019/06/Toshi-densetsu-Series.jpg
301 Moved Permanently 34 kB URL GET HTTP/2 verhentai.top/wp-content/uploads/2019/06/Toshi-densetsu-Series.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 357x500, components 3\012- data
Hash 04291cb208bc99811ea81683ed7cc4e5
8731f6513b6043cec444112a963d2d342adab3bb
85d586324a20caf45fb721f110221bd82eefd1339dbaaae2b9f09d9d8cd3a939
GET /wp-content/uploads/2019/06/Toshi-densetsu-Series.jpg HTTP/1.1
Host: verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 08:31:06 GMT
location: https://www1.verhentai.top/wp-content/uploads/2019/06/Toshi-densetsu-Series.jpg
cache-control: max-age=3600
expires: Thu, 30 Nov 2023 09:31:06 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6e9c12b523-OSL
X-Firefox-Spdy: h2
adxadserv.com/ascripts/pxl.js
24 kB URL adxadserv.com/ascripts/pxl.js
IP
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (36114)
Hash 8348b78d100940ba1808a8e9b93f2e94
c2aa612dc3256c9f235dcfc6e330d0ecaf957768
9c983adf86ebc949957bdf55d524dfa278a79bea8d13f2efa9512c6dd37b86f5
GET /ascripts/pxl.js HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 25 Sep 2020 09:55:25 GMT
ETag: W/"5f6dbe8d-12fee"
Expires: Fri, 01 Dec 2023 07:59:17 GMT
Cache-Control: max-age=86400, public
X-77-NZT: EwwBj/QqHwH3dQcAAAwBuUwKAQH3AAAAAAgB1GY4EQFB
X-77-NZT-Ray: 1317b72c7f76c15f4a48686515bb6003
X-77-Cache: HIT
Content-Encoding: gzip
X-Accel-Date: 1701331157
X-77-Age: 1909
X-Cache-LB: HIT, HIT
X-Age-LB: 0, 1909
X-77-POP: amsterdamNL
adxadserv.com/ascripts/pxl.js
24 kB URL adxadserv.com/ascripts/pxl.js
IP
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (36114)
Hash 8348b78d100940ba1808a8e9b93f2e94
c2aa612dc3256c9f235dcfc6e330d0ecaf957768
9c983adf86ebc949957bdf55d524dfa278a79bea8d13f2efa9512c6dd37b86f5
GET /ascripts/pxl.js HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 25 Sep 2020 09:55:25 GMT
ETag: W/"5f6dbe8d-12fee"
Expires: Fri, 01 Dec 2023 07:59:17 GMT
Cache-Control: max-age=86400, public
X-77-NZT: EwwBj/QqHwH3dQcAAAwBuUwKAQH3AAAAAAgB1GY4EQFB
X-77-NZT-Ray: 1317b72c3772c45f4a486865d2b47403
X-77-Cache: HIT
Content-Encoding: gzip
X-Accel-Date: 1701331157
X-77-Age: 1909
X-Cache-LB: HIT, HIT
X-Age-LB: 0, 1909
X-77-POP: amsterdamNL
adxadserv.com/ascripts/pxl.js
24 kB URL adxadserv.com/ascripts/pxl.js
IP
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (36114)
Hash 8348b78d100940ba1808a8e9b93f2e94
c2aa612dc3256c9f235dcfc6e330d0ecaf957768
9c983adf86ebc949957bdf55d524dfa278a79bea8d13f2efa9512c6dd37b86f5
GET /ascripts/pxl.js HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 25 Sep 2020 09:55:25 GMT
ETag: W/"5f6dbe8d-12fee"
Expires: Fri, 01 Dec 2023 07:59:17 GMT
Cache-Control: max-age=86400, public
X-77-NZT: EwwBj/QqHwH3dQcAAAwBuUwKAQH3AAAAAAgB1GY4EQFB
X-77-NZT-Ray: 1317b72c6f7cea5f4a4868657d702904
X-77-Cache: HIT
Content-Encoding: gzip
X-Accel-Date: 1701331157
X-77-Age: 1909
X-Cache-LB: HIT, HIT
X-Age-LB: 0, 1909
X-77-POP: amsterdamNL
adxadserv.com/ascripts/pxl.js
24 kB URL adxadserv.com/ascripts/pxl.js
IP
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (36114)
Hash 8348b78d100940ba1808a8e9b93f2e94
c2aa612dc3256c9f235dcfc6e330d0ecaf957768
9c983adf86ebc949957bdf55d524dfa278a79bea8d13f2efa9512c6dd37b86f5
GET /ascripts/pxl.js HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 25 Sep 2020 09:55:25 GMT
ETag: W/"5f6dbe8d-12fee"
Expires: Fri, 01 Dec 2023 07:59:17 GMT
Cache-Control: max-age=86400, public
X-77-NZT: EwwBj/QqHwH3dQcAAAwBuUwKAQH3AAAAAAgB1GY4EQFB
X-77-NZT-Ray: 1317b72c5064f85f4a486865666f5a04
X-77-Cache: HIT
Content-Encoding: gzip
X-Accel-Date: 1701331157
X-77-Age: 1909
X-Cache-LB: HIT, HIT
X-Age-LB: 0, 1909
X-77-POP: amsterdamNL
go.bbrdbr.com/i?campaignId=100cps2girl&creativeId=100cps2girl&tag=girls&sourceId=100cps2girl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=0&thumbSizeKey=small&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&memberId={clickid}&action=sbSignupWithModel&landing=WidgetV4Universal
302 Found 0 B URL GET HTTP/2 go.bbrdbr.com/i?campaignId=100cps2girl&creativeId=100cps2girl&tag=girls&sourceId=100cps2girl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=0&thumbSizeKey=small&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&memberId={clickid}&action=sbSignupWithModel&landing=WidgetV4Universal
IP
Requested by https://r.trackwilltrk.com/s1/a07e547b-49b9-41f3-9d4b-f6343c4a8d0b?externalId=a8ddeb34-e23d-4d85-ad78-98292f4c8d38&cv1=a8ddeb34-e23d-4d85-ad78-98292f4c8d38&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d89ca61d6e210ac324fb9&cv5=623d896b61d6e210ac324fb7&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f78e361d6e216493b2fc4&cv10=exim_adxad_stub2_300x100_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i?campaignId=100cps2girl&creativeId=100cps2girl&tag=girls&sourceId=100cps2girl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=0&thumbSizeKey=small&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&memberId={clickid}&action=sbSignupWithModel&landing=WidgetV4Universal HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 30 Nov 2023 08:31:06 GMT
content-length: 0
location: https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVDEEFVkNrzLraWxWqqjzssCck3W; SameSite=None; Secure; path=/; expires=Fri, 01-Dec-23 08:31:06 GMT; HttpOnly
server: cloudflare
cf-ray: 82e1bb7038d80b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.bbrdbr.com/i?campaignId=100cps2asgirl&creativeId=100cps2asgirl&tag=girls/asian&sourceId=100cps2asgirl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=0&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&memberId={clickid}&showModal=signup&landing=WidgetV4Universal
0 B URL go.bbrdbr.com/i?campaignId=100cps2asgirl&creativeId=100cps2asgirl&tag=girls/asian&sourceId=100cps2asgirl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=0&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&memberId={clickid}&showModal=signup&landing=WidgetV4Universal
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i?campaignId=100cps2asgirl&creativeId=100cps2asgirl&tag=girls/asian&sourceId=100cps2asgirl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=0&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&memberId={clickid}&showModal=signup&landing=WidgetV4Universal HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 30 Nov 2023 08:31:06 GMT
content-length: 0
location: https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVDxnWfPhahVbGaKH8fUKVvfHA4L; SameSite=None; Secure; path=/; expires=Fri, 01-Dec-23 08:31:06 GMT; HttpOnly
server: cloudflare
cf-ray: 82e1bb7048d90b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/uploads/2019/09/cropped-animejodas3-32x32.jpg
200 OK 709 B URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2019/09/cropped-animejodas3-32x32.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3\012- data
Hash ea0acd8fece5f35cec772bd05f39da08
a4827a26b232194e824c5679e2bcf33cdeba6a1a
757030d9e482910e13b5f2182b6f62a91aee84bdff8fd87559cbc205c352439b
GET /wp-content/uploads/2019/09/cropped-animejodas3-32x32.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: image/jpeg
content-length: 709
last-modified: Tue, 24 Sep 2019 11:31:58 GMT
etag: "5d89feae-2c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 547264736 543080365
age: 585967
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 22
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb70d80956c5-OSL
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/uploads/2019/09/cropped-animejodas3-192x192.jpg
200 OK 7.0 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2019/09/cropped-animejodas3-192x192.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 101a3bd711b56b64236b0b7c946a47c5
a97de696d54378985f2071e0d37bbe53ac08969d
b8f0e5ddaca5b5260e3853ccf0e965dc11dace3df98e579269a946e9f7040fde
GET /wp-content/uploads/2019/09/cropped-animejodas3-192x192.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: image/jpeg
content-length: 7039
last-modified: Tue, 24 Sep 2019 11:31:58 GMT
etag: "5d89feae-1b7f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 579063856 589543932
age: 440133
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 1
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb70d80556c5-OSL
X-Firefox-Spdy: h2
adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f78e361d6e216493b2fc4%2526type%253D300x100%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069448%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070121&t_i=1701333070300&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=618927d5-651f-4526-ab8f-1eaf57c84b52&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cda03c75-8f5a-11ee-ab60-52ca5d2668e1&spid=5f6f78e361d6e216493b2fc4&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.454
200 OK 0 B URL GET HTTP/1.1 adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f78e361d6e216493b2fc4%2526type%253D300x100%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069448%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070121&t_i=1701333070300&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=618927d5-651f-4526-ab8f-1eaf57c84b52&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cda03c75-8f5a-11ee-ab60-52ca5d2668e1&spid=5f6f78e361d6e216493b2fc4&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.454
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://ads.adxadserv.com/ad?spotid=5f6f78e361d6e216493b2fc4&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069448&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subjectadxadserv.com
FingerprintF8:88:80:7F:5B:DB:FA:2D:82:38:B4:B0:63:00:5E:F2:59:44:94:52
ValiditySun, 01 Oct 2023 21:03:03 GMT - Sat, 30 Dec 2023 21:03:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f78e361d6e216493b2fc4%2526type%253D300x100%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069448%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070121&t_i=1701333070300&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=618927d5-651f-4526-ab8f-1eaf57c84b52&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cda03c75-8f5a-11ee-ab60-52ca5d2668e1&spid=5f6f78e361d6e216493b2fc4&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.454 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:06 GMT
Content-Length: 0
Connection: keep-alive
static.tumblr.com/ftv85bp/MIXmud4tx/search-icon.png
200 OK 850 B URL GET HTTP/2 static.tumblr.com/ftv85bp/MIXmud4tx/search-icon.png
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerSectigo Limited
Subject*.tumblr.com
Fingerprint88:AF:6C:69:3A:47:58:F3:97:25:CD:9D:82:23:FC:8D:88:68:92:59
ValidityWed, 15 Nov 2023 00:00:00 GMT - Sun, 15 Dec 2024 23:59:59 GMT
File type PNG image data, 18 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash eb6e4dd954c97644c6f29c59d72a9181
a20de89922265981ab67952330a755ef82e1b99a
20f3ea6786d16edfa8d6c3020aa3fc3cb7651612014df44a10d1108cddcfbcdb
GET /ftv85bp/MIXmud4tx/search-icon.png HTTP/1.1
Host: static.tumblr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: image/png
content-length: 850
last-modified: Tue, 08 Oct 2013 18:32:22 GMT
etag: "eb6e4dd954c97644c6f29c59d72a9181"
age: 8
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-nc: HIT arn 2
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f78cf61d6e26c9f742e1f%2526type%253D300x100%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069429%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070055&t_i=1701333070295&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=9fc20882-fdad-4ad2-a957-a020625b5000&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cd9ef6fa-8f5a-11ee-ab60-52ca5d2668e1&spid=5f6f78cf61d6e26c9f742e1f&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&e_d=%7B%7D&t_op=0.702
200 OK 0 B URL GET HTTP/1.1 adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f78cf61d6e26c9f742e1f%2526type%253D300x100%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069429%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070055&t_i=1701333070295&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=9fc20882-fdad-4ad2-a957-a020625b5000&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cd9ef6fa-8f5a-11ee-ab60-52ca5d2668e1&spid=5f6f78cf61d6e26c9f742e1f&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&e_d=%7B%7D&t_op=0.702
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://ads.adxadserv.com/ad?spotid=5f6f78cf61d6e26c9f742e1f&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069429&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subjectadxadserv.com
FingerprintF8:88:80:7F:5B:DB:FA:2D:82:38:B4:B0:63:00:5E:F2:59:44:94:52
ValiditySun, 01 Oct 2023 21:03:03 GMT - Sat, 30 Dec 2023 21:03:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f78cf61d6e26c9f742e1f%2526type%253D300x100%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069429%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070055&t_i=1701333070295&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=9fc20882-fdad-4ad2-a957-a020625b5000&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cd9ef6fa-8f5a-11ee-ab60-52ca5d2668e1&spid=5f6f78cf61d6e26c9f742e1f&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&e_d=%7B%7D&t_op=0.702 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:06 GMT
Content-Length: 0
Connection: keep-alive
adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f756f61d6e26c9f742e1d%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069454%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070101&t_i=1701333070298&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=eb8c4057-55c8-4741-9f5b-997663dc06d5&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cda29bbd-8f5a-11ee-853c-e25a5bb9767f&spid=5f6f756f61d6e26c9f742e1d&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&e_d=%7B%7D&t_op=0.77
200 OK 0 B URL GET HTTP/1.1 adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f756f61d6e26c9f742e1d%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069454%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070101&t_i=1701333070298&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=eb8c4057-55c8-4741-9f5b-997663dc06d5&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cda29bbd-8f5a-11ee-853c-e25a5bb9767f&spid=5f6f756f61d6e26c9f742e1d&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&e_d=%7B%7D&t_op=0.77
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://ads.adxadserv.com/ad?spotid=5f6f756f61d6e26c9f742e1d&type=300x250&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069454&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subjectadxadserv.com
FingerprintF8:88:80:7F:5B:DB:FA:2D:82:38:B4:B0:63:00:5E:F2:59:44:94:52
ValiditySun, 01 Oct 2023 21:03:03 GMT - Sat, 30 Dec 2023 21:03:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f756f61d6e26c9f742e1d%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069454%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070101&t_i=1701333070298&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=eb8c4057-55c8-4741-9f5b-997663dc06d5&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cda29bbd-8f5a-11ee-853c-e25a5bb9767f&spid=5f6f756f61d6e26c9f742e1d&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&e_d=%7B%7D&t_op=0.77 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:06 GMT
Content-Length: 0
Connection: keep-alive
adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f756561d6e250352ccfa0%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069451%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070084&t_i=1701333070297&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=1b696a75-5b5d-4dfb-849e-fefb5920b57f&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cd9f8c6b-8f5a-11ee-853c-e25a5bb9767f&spid=5f6f756561d6e250352ccfa0&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&e_d=%7B%7D&t_op=0.84
200 OK 0 B URL GET HTTP/1.1 adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f756561d6e250352ccfa0%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069451%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070084&t_i=1701333070297&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=1b696a75-5b5d-4dfb-849e-fefb5920b57f&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cd9f8c6b-8f5a-11ee-853c-e25a5bb9767f&spid=5f6f756561d6e250352ccfa0&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&e_d=%7B%7D&t_op=0.84
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://ads.adxadserv.com/ad?spotid=5f6f756561d6e250352ccfa0&type=300x250&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069451&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subjectadxadserv.com
FingerprintF8:88:80:7F:5B:DB:FA:2D:82:38:B4:B0:63:00:5E:F2:59:44:94:52
ValiditySun, 01 Oct 2023 21:03:03 GMT - Sat, 30 Dec 2023 21:03:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5f6f756561d6e250352ccfa0%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%2526dt%253D1701333069451%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww1.verhentai.top%252F&d_r=1&d_s=1280x1024&d_w=0x0&t_s=1701333070084&t_i=1701333070297&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=1b696a75-5b5d-4dfb-849e-fefb5920b57f&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=cd9f8c6b-8f5a-11ee-853c-e25a5bb9767f&spid=5f6f756561d6e250352ccfa0&fpid_sa=1701333070300&fpid=&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&e_d=%7B%7D&t_op=0.84 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:06 GMT
Content-Length: 0
Connection: keep-alive
video.ktkjmp.com/adsbygoogle.js
200 OK 16 B URL GET HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectvideo.ktkjmp.com
Fingerprint02:C1:75:9D:DD:6A:66:20:9E:A3:46:1B:5E:A4:87:83:5A:09:92:93
ValiditySun, 02 Jul 2023 00:00:00 GMT - Mon, 01 Jul 2024 23:59:59 GMT
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: Uy+BI0f9xi3njNOl7P4PsULkPp0g6ssxBGHnYb4mQe+eet3x2+C470ZEAYzLvRraWhXf8LMEGWU=
x-amz-request-id: WWWZDEMQD0DJ51HX
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 1606
expires: Thu, 30 Nov 2023 12:31:06 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb736effb509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video.ktkjmp.com/adsbygoogle.js
200 OK 16 B URL GET HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectvideo.ktkjmp.com
Fingerprint02:C1:75:9D:DD:6A:66:20:9E:A3:46:1B:5E:A4:87:83:5A:09:92:93
ValiditySun, 02 Jul 2023 00:00:00 GMT - Mon, 01 Jul 2024 23:59:59 GMT
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: Uy+BI0f9xi3njNOl7P4PsULkPp0g6ssxBGHnYb4mQe+eet3x2+C470ZEAYzLvRraWhXf8LMEGWU=
x-amz-request-id: WWWZDEMQD0DJ51HX
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 1606
expires: Thu, 30 Nov 2023 12:31:06 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb737f14b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video.ktkjmp.com/adsbygoogle.js
200 OK 16 B URL GET HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectvideo.ktkjmp.com
Fingerprint02:C1:75:9D:DD:6A:66:20:9E:A3:46:1B:5E:A4:87:83:5A:09:92:93
ValiditySun, 02 Jul 2023 00:00:00 GMT - Mon, 01 Jul 2024 23:59:59 GMT
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: Uy+BI0f9xi3njNOl7P4PsULkPp0g6ssxBGHnYb4mQe+eet3x2+C470ZEAYzLvRraWhXf8LMEGWU=
x-amz-request-id: WWWZDEMQD0DJ51HX
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 1606
expires: Thu, 30 Nov 2023 12:31:06 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb73cf68b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
creative.bbrdbr.com/widgets/v4/Universal/lang/en.json
200 OK 3.5 kB URL GET HTTP/3 creative.bbrdbr.com/widgets/v4/Universal/lang/en.json
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash 69a54638b649d7ce4748bd42c4b6dade
a2dfe9f8791952fbc5cc44d4757b031a6cee1731
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: application/json
last-modified: Thu, 23 Nov 2023 14:37:17 GMT
etag: W/"655f639d-ac"
expires: Thu, 30 Nov 2023 08:31:06 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb72d82a5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.bbrdbr.com/abc.gif?sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&modelsLimit=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fr.trackwilltrk.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A615%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A295%2C%22duration%22%3A146%2C%22transferSize%22%3A80725%7D%5D&mh=1150376231
200 OK 103 B URL GET HTTP/3 go.bbrdbr.com/abc.gif?sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&modelsLimit=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fr.trackwilltrk.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A615%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A295%2C%22duration%22%3A146%2C%22transferSize%22%3A80725%7D%5D&mh=1150376231
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
Hash 8c99886486b9a004383cb4df29011c43
d79ca4754481fc59598bc08fcdf354900918bffe
bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c
GET /abc.gif?sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&modelsLimit=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fr.trackwilltrk.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A615%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A295%2C%22duration%22%3A146%2C%22transferSize%22%3A80725%7D%5D&mh=1150376231 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Cookie: __cflb=0H28upDCGznfDm9XVDxnWfPhahVbGaKH8fUKVvfHA4L
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: image/gif
content-length: 103
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82e1bb754a525687-OSL
alt-svc: h3=":443"; ma=86400
creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js
200 OK 99 kB URL GET HTTP/3 creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (32011), with LF, NEL line terminators
Hash 149fd3a87101adfb731800f02f11e73b
9a9a0f6f14028d913e63fc012a80378a5c4d5896
420332e58487b55b58db2c2edbe69162c5d23170061d16addce87762ef224f4b
GET /widgets/v4/Universal/main.672e6e87c69b0c60653e.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-44bd4"
expires: Thu, 30 Nov 2023 08:31:05 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 2
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb71def85687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.bbrdbr.com/abc.gif?sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&modelsLimit=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fr.trackwilltrk.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A623%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A288%2C%22duration%22%3A154%2C%22transferSize%22%3A80725%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A288%2C%22duration%22%3A136%2C%22transferSize%22%3A4625%7D%5D&mh=580297451
200 OK 103 B URL GET HTTP/3 go.bbrdbr.com/abc.gif?sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&modelsLimit=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fr.trackwilltrk.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A623%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A288%2C%22duration%22%3A154%2C%22transferSize%22%3A80725%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A288%2C%22duration%22%3A136%2C%22transferSize%22%3A4625%7D%5D&mh=580297451
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
Hash 8c99886486b9a004383cb4df29011c43
d79ca4754481fc59598bc08fcdf354900918bffe
bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c
GET /abc.gif?sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&modelsLimit=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fr.trackwilltrk.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A623%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A288%2C%22duration%22%3A154%2C%22transferSize%22%3A80725%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A288%2C%22duration%22%3A136%2C%22transferSize%22%3A4625%7D%5D&mh=580297451 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Cookie: __cflb=0H28upDCGznfDm9XVDxnWfPhahVbGaKH8fUKVvfHA4L
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: image/gif
content-length: 103
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82e1bb75eadf5687-OSL
alt-svc: h3=":443"; ma=86400
img.strpst.com/thumbs/1701333030/85253216_webp
200 OK 4.1 kB URL GET HTTP/3 img.strpst.com/thumbs/1701333030/85253216_webp
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 559e5816e71612a5b97325c6178a7ff6
021a6213d3d13824b18975e19edb98e0a0112584
525868570984780a463ff42fe693fdffb66f00c6ea026c3014cd3a3c70059275
GET /thumbs/1701333030/85253216_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: image/webp
content-length: 4140
etag: "559e5816e71612a5b97325c6178a7ff6"
last-modified: Thu, 30 Nov 2023 08:28:30 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 19
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb76193c5696-OSL
alt-svc: h3=":443"; ma=86400
img.strpst.com/thumbs/1701333030/23938902_webp
200 OK 7.5 kB URL GET HTTP/3 img.strpst.com/thumbs/1701333030/23938902_webp
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 06daa0ee61633b8e51e2056830dfa384
3a220bebb9c378664b602fc65e9c2cea56888483
12fb8c065476866c3aec00d9490549a61481932e0000802e2864590299757465
GET /thumbs/1701333030/23938902_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: image/webp
content-length: 7490
etag: "06daa0ee61633b8e51e2056830dfa384"
last-modified: Thu, 30 Nov 2023 08:29:42 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 38
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb76193e5696-OSL
alt-svc: h3=":443"; ma=86400
go.bbrdbr.com/api/models?tag=girls%2Fasian&forceClient=1&stripcashR=0&limit=2&usePreroll&webp=1
200 OK 806 B URL GET HTTP/3 go.bbrdbr.com/api/models?tag=girls%2Fasian&forceClient=1&stripcashR=0&limit=2&usePreroll&webp=1
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2898), with no line terminators
Hash a5fa1a348bc5b14e8cca86c98e4b1c9b
b108ebe676463afc554d67cd07524182e3636684
500453b0e0a4e5edf92161e3ed7a27ea565624517d337334a104e5be0c5ef165
GET /api/models?tag=girls%2Fasian&forceClient=1&stripcashR=0&limit=2&usePreroll&webp=1 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Cookie: __cflb=0H28upDCGznfDm9XVDxnWfPhahVbGaKH8fUKVvfHA4L
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Thu, 30 Nov 2023 08:30:28 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 82e1bb752a435687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
creative.bbrdbr.com/widgets/v4/Universal/lang/en.json
200 OK 94 B URL GET HTTP/3 creative.bbrdbr.com/widgets/v4/Universal/lang/en.json
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash 69a54638b649d7ce4748bd42c4b6dade
a2dfe9f8791952fbc5cc44d4757b031a6cee1731
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: application/json
last-modified: Thu, 23 Nov 2023 14:37:17 GMT
etag: W/"655f639d-ac"
expires: Thu, 30 Nov 2023 08:31:06 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7489865687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fp.metricswpsh.com/fp?tag_id=124465
200 OK 0 B URL POST HTTP/1.1 fp.metricswpsh.com/fp?tag_id=124465
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint0D:7A:7C:53:DB:15:35:28:E9:E6:2B:90:43:BB:EF:E5:AB:BE:DA:E3
ValidityThu, 09 Nov 2023 09:29:43 GMT - Wed, 07 Feb 2024 09:29:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=124465 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www1.verhentai.top/
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:07 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www1.verhentai.top
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
xlivesex.com/checkUrl
200 OK 15 B IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectxlivesex.com
Fingerprint41:AE:80:0B:F2:EF:54:C7:BA:5D:B6:E0:3C:30:C3:E8:32:2A:4F:26
ValidityMon, 06 Mar 2023 00:00:00 GMT - Mon, 04 Mar 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5
GET /checkUrl HTTP/1.1
Host: xlivesex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/json
content-length: 15
access-control-allow-origin: https://creative.bbrdbr.com
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuFLvK1H1SdXppSyY6rTJEJXw68nPRtcVSvDpm1oTA; SameSite=None; Secure; path=/; expires=Fri, 01-Dec-23 07:31:07 GMT; HttpOnly
_cfuvid=42nNyos.88yYAVAp5kpcqcUp1aasMCJNSBY0NjuL0KM-1701333067332-0-604800000; path=/; domain=.xlivesex.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 82e1bb764ad50b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
verhentai.top/wp-content/uploads/2020/10/tsuma-no-haha-sayuri.jpg
301 Moved Permanently 25 kB URL GET HTTP/2 verhentai.top/wp-content/uploads/2020/10/tsuma-no-haha-sayuri.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x460, components 3\012- data
Hash bd9dffa614383352a7aff6bce8142dc2
7758c7ac76ee1ddd2914a7c115121446f05da6f2
34fbfe179145d44802fba9ec9d125b8c5b70ab369c63f0715b915b275b1959dd
GET /wp-content/uploads/2020/10/tsuma-no-haha-sayuri.jpg HTTP/1.1
Host: verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 08:31:07 GMT
location: https://www1.verhentai.top/wp-content/uploads/2020/10/tsuma-no-haha-sayuri.jpg
cache-control: max-age=3600
expires: Thu, 30 Nov 2023 09:31:07 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb757a63b523-OSL
X-Firefox-Spdy: h2
creative.bbrdbr.com/widgets/v4/Universal/lang/en.json
200 OK 94 B URL GET HTTP/3 creative.bbrdbr.com/widgets/v4/Universal/lang/en.json
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash 69a54638b649d7ce4748bd42c4b6dade
a2dfe9f8791952fbc5cc44d4757b031a6cee1731
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: application/json
last-modified: Thu, 23 Nov 2023 14:37:17 GMT
etag: W/"655f639d-ac"
expires: Thu, 30 Nov 2023 08:31:06 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7388a15687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cambaddies.com/checkUrl
200 OK 15 B IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerLet's Encrypt
Subjectcambaddies.com
Fingerprint42:57:E2:C5:89:F5:D5:B5:3E:C4:4A:4C:58:1F:0B:D6:BB:69:81:01
ValidityFri, 20 Oct 2023 09:52:08 GMT - Thu, 18 Jan 2024 09:52:07 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5
GET /checkUrl HTTP/1.1
Host: cambaddies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://creative.bbrdbr.com
alt-svc: h3=":443"; ma=2592000
content-type: application/json
date: Thu, 30 Nov 2023 08:31:07 GMT
content-length: 15
X-Firefox-Spdy: h2
ntvpforever.com/keywords
204 No Content 23 B IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint0D:7A:7C:53:DB:15:35:28:E9:E6:2B:90:43:BB:EF:E5:AB:BE:DA:E3
ValidityThu, 09 Nov 2023 09:29:43 GMT - Wed, 07 Feb 2024 09:29:42 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 65d0afba0bead34449208b194a9b46d5
60f8d00f2c07a39ab577920353b8746ea57aca82
2cc97755cb4083122228167f0b24643331f580dee787a4ad73c152f365cbf34b
POST /keywords HTTP/1.1
Host: ntvpforever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 333
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/json
content-length: 23
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
stripchat.ooo/checkUrl
200 OK 15 B IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectstripchat.ooo
Fingerprint5B:8E:D1:E7:D7:97:C5:21:F2:12:B5:53:F5:82:28:FF:E1:6C:D9:B2
ValidityWed, 10 May 2023 00:00:00 GMT - Wed, 08 May 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5
GET /checkUrl HTTP/1.1
Host: stripchat.ooo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/json
content-length: 15
access-control-allow-origin: https://creative.bbrdbr.com
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuGyDLPvii6XBe57uvaatbeAd9JAUymJQi5ZyzZgNx; SameSite=None; Secure; path=/; expires=Fri, 01-Dec-23 08:31:07 GMT; HttpOnly
server: cloudflare
cf-ray: 82e1bb77ddf50b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.bbrdbr.com/app/domain-checker/check-result
204 No Content 0 B URL POST HTTP/3 go.bbrdbr.com/app/domain-checker/check-result
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /app/domain-checker/check-result HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 30 Nov 2023 08:31:07 GMT
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVDQgYY38nUsBbmdNeEr9QZqqC6Q; SameSite=None; Secure; path=/; expires=Fri, 01-Dec-23 08:31:07 GMT; HttpOnly
server: cloudflare
cf-ray: 82e1bb77fd495687-OSL
alt-svc: h3=":443"; ma=86400
go.bbrdbr.com/app/domain-checker/check-result
204 No Content 0 B URL POST HTTP/3 go.bbrdbr.com/app/domain-checker/check-result
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /app/domain-checker/check-result HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 173
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 30 Nov 2023 08:31:07 GMT
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtsgHAjogiG8Ahr7ZyPBvWdyhSGcL; SameSite=None; Secure; path=/; expires=Fri, 01-Dec-23 08:31:07 GMT; HttpOnly
server: cloudflare
cf-ray: 82e1bb77ed355687-OSL
alt-svc: h3=":443"; ma=86400
creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js
200 OK 53 B URL GET HTTP/3 creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 22f22b49cc901aa95826401f7ce0930c
6471abdd35ab6d511b67d73ad1375f1ee0f255de
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3
GET /widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-3d"
expires: Thu, 30 Nov 2023 08:31:12 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb77dd335687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
200 OK 54 kB URL GET HTTP/3 creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (45140)
Hash 4a1e862a348e6713dfcce18e9cda2f42
47bed78ef29844bec68da443a6b0add48936b61b
b3b83266dde6fa2870ddc1cc812233d8baa03727cd4d65733ed5ee7a4fbb4490
GET /widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-2b6c9"
expires: Thu, 30 Nov 2023 08:31:05 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb781d6b5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fp.metricswpsh.com/fp?tag_id=124465
200 OK 58 B URL POST HTTP/1.1 fp.metricswpsh.com/fp?tag_id=124465
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint0D:7A:7C:53:DB:15:35:28:E9:E6:2B:90:43:BB:EF:E5:AB:BE:DA:E3
ValidityThu, 09 Nov 2023 09:29:43 GMT - Wed, 07 Feb 2024 09:29:42 GMT
File type JSON data\012- , ASCII text
Hash 49cb75c0da6be8cc97daea0ae2498649
1dd230c3f22a2308b9c091fe1e952b5e8d44bc88
3f61f6927c8c29196e623750a164dcd6895cc2dc3a592ccc5d755b3d4d407841
POST /fp?tag_id=124465 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 23170
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:07 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www1.verhentai.top
Set-Cookie: id=9881572407551070350; Expires=Fri, 29 Nov 2024 08:31:07 GMT; Secure; SameSite=None
Vary: Origin
creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js
200 OK 53 B URL GET HTTP/3 creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 22f22b49cc901aa95826401f7ce0930c
6471abdd35ab6d511b67d73ad1375f1ee0f255de
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3
GET /widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-3d"
expires: Thu, 30 Nov 2023 08:31:12 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb77ed455687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
netuplayer.top/ad/top/popunder.js
200 OK 21 B URL GET HTTP/3 netuplayer.top/ad/top/popunder.js
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type ASCII text, with no line terminators
Hash 533a813ddb8f84d7e018bf8e6296c44d
8c95af23d5dc502f1bc3395a6d2e339e696c0d3e
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
GET /ad/top/popunder.js HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=UTF-8
content-length: 21
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: "6141fdde-15"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 611234
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnyKq4S8s0LRi5dW7Qawohw%2BxVbTduimdFolo9JW%2FIMV8pmrwkhlr6b449ryQ7A6aMfN2j%2Fytv3pfPWEN%2BMcthg3WCLIQtVQ0akHCZn8HEhi8umtf6Ed8QIk8neE4X5lyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7a4f70b529-OSL
alt-svc: h3=":443"; ma=86400
2c83d2caf6.d067641e02.com/in/multy
200 OK 0 B URL POST HTTP/2 2c83d2caf6.d067641e02.com/in/multy
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectd067641e02.com
Fingerprint82:D8:77:53:52:1A:F5:03:AF:0D:FD:8F:C0:8C:9F:D8:4C:D9:01:F1
ValidityMon, 27 Nov 2023 03:21:50 GMT - Sun, 25 Feb 2024 03:21:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /in/multy HTTP/1.1
Host: 2c83d2caf6.d067641e02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www1.verhentai.top/
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.18.0
date: Thu, 30 Nov 2023 08:31:07 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_init_8IRPLRI9glpYuBdL.mp4
200 OK 1.2 kB URL GET HTTP/2 b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_init_8IRPLRI9glpYuBdL.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v5 \012- data
Hash 98d2e04da508ad29d3a9bcd8c3853d76
b946d289e1dd9a3da41363ee6269cc9ebee966e3
f18560a67880487cc1d4ebefda6cdf0faaba470a9dcd8e03d76d284aaaccd36a
GET /hls/135319193/135319193_480p_init_8IRPLRI9glpYuBdL.mp4 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: video/mp4
content-length: 1217
last-modified: Thu, 30 Nov 2023 08:30:54 GMT
etag: "6568483e-4c1"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7b7b4d56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1701333000/135319193_webp
404 Not Found 2.6 kB URL GET HTTP/3 img.strpst.com/thumbs/1701333000/135319193_webp
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /thumbs/1701333000/135319193_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
cf-cache-status: HIT
age: 71
server: cloudflare
cf-ray: 82e1bb75cc8956bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
netuplayer.top/js/d_check.js?35
2.2 kB URL netuplayer.top/js/d_check.js?35
IP
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type ASCII text, with very long lines (821)
Hash cc58687e068922c3c6cd915e90ce82a6
4560b7b212b7a3ea4daab7f679cfee37e4493bf8
88e33d38aa577708d4cb0230edfddbbc348ed7dd6af3224797bee28eae0f2c7a
GET /js/d_check.js?35 HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 01 Oct 2023 06:10:30 GMT
etag: W/"65190d56-d80"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 690341
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Fkx%2BcFawX%2BhQkaU25RQrbKllz1HyCKnEfYFXIbH3xwNCIawZkLv0NdtS12hxwnCDKCFpUvEAE5Y%2Fmq37rV6jsk0SxT6PY9A49UnAgzOYYtSVf1Pbdur0Yfsvv51jquOzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7a4f6bb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_276_qOfz8ODf8J1EPdpv_1701333058.mp4
200 OK 317 kB URL GET HTTP/2 b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_276_qOfz8ODf8J1EPdpv_1701333058.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 317 kB (316681 bytes)
Hash c8d8f6be5ae8cf47a3d73f67ad5db3af
0466d5c0591adfadc073220e39fb4a5a7ea73c0d
556f9495f9327ad4194c6a4a0e8d883f867951fcc86ecb6e5d1bd7b1e6fc54c0
GET /hls/135319193/135319193_480p_276_qOfz8ODf8J1EPdpv_1701333058.mp4 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: video/mp4
content-length: 316681
last-modified: Thu, 30 Nov 2023 08:31:00 GMT
etag: "65684844-4d509"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7bab7b56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.bbrdbr.com/api/models?tag=girls&forceClient=1&stripcashR=0&limit=2&usePreroll&webp=1
200 OK 38 kB URL GET HTTP/3 go.bbrdbr.com/api/models?tag=girls&forceClient=1&stripcashR=0&limit=2&usePreroll&webp=1
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (3164), with no line terminators
Hash 4751aac312aa73fe6c561ddf3bc1e4cd
75aac0a797b734e5f472f72701e17cc5a8d189b1
34944e25aaf0732019357ddac36c15a02019b9cd1576263f1dbe286e4c5e7b54
GET /api/models?tag=girls&forceClient=1&stripcashR=0&limit=2&usePreroll&webp=1 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Cookie: __cflb=0H28upDCGznfDm9XVDxnWfPhahVbGaKH8fUKVvfHA4L
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Thu, 30 Nov 2023 08:28:52 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 82e1bb74c9e05687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_276_qOfz8ODf8J1EPdpv_1701333058.mp4
200 OK 317 kB URL GET HTTP/2 b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_276_qOfz8ODf8J1EPdpv_1701333058.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 317 kB (316681 bytes)
Hash c8d8f6be5ae8cf47a3d73f67ad5db3af
0466d5c0591adfadc073220e39fb4a5a7ea73c0d
556f9495f9327ad4194c6a4a0e8d883f867951fcc86ecb6e5d1bd7b1e6fc54c0
GET /hls/135319193/135319193_480p_276_qOfz8ODf8J1EPdpv_1701333058.mp4 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: video/mp4
content-length: 316681
last-modified: Thu, 30 Nov 2023 08:31:00 GMT
etag: "65684844-4d509"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7c0a6d0b4d-OSL
alt-svc: h3=":443"; ma=86400
b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_276_qOfz8ODf8J1EPdpv_1701333058.mp4
200 OK 317 kB URL GET HTTP/2 b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_276_qOfz8ODf8J1EPdpv_1701333058.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 317 kB (316681 bytes)
Hash c8d8f6be5ae8cf47a3d73f67ad5db3af
0466d5c0591adfadc073220e39fb4a5a7ea73c0d
556f9495f9327ad4194c6a4a0e8d883f867951fcc86ecb6e5d1bd7b1e6fc54c0
GET /hls/135319193/135319193_480p_276_qOfz8ODf8J1EPdpv_1701333058.mp4 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: video/mp4
content-length: 316681
last-modified: Thu, 30 Nov 2023 08:31:00 GMT
etag: "65684844-4d509"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7c0a6e0b4d-OSL
alt-svc: h3=":443"; ma=86400
commentsmodule.com/js/js.load.1.js?1280754420844745
200 OK 0 B URL GET HTTP/2 commentsmodule.com/js/js.load.1.js?1280754420844745
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectcommentsmodule.com
FingerprintFB:D4:66:A8:AE:18:5F:8C:FE:B0:5E:D5:8D:88:CA:1B:63:0A:16:67
ValidityThu, 12 Oct 2023 20:21:07 GMT - Wed, 10 Jan 2024 20:21:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/js.load.1.js?1280754420844745 HTTP/1.1
Host: commentsmodule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://netuplayer.top/
Origin: https://netuplayer.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 611208
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fcx45NRJRxp05i2elwMI1zNxj5BD2JTDxXt602G%2FyQXCFQB9eZoL02Q2jUIASFb6W0yWN67SCbFlKEhVtWgcUn0QtL559rR4s5V1qJQARLN6jpwsBpqcu%2F9x8dBhm0qKyFGpLIA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 82e1bb7c8ab0b4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_277_cHMd0FsP9WdLhgXb_1701333060.mp4
200 OK 317 kB URL GET HTTP/3 b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_277_cHMd0FsP9WdLhgXb_1701333060.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 317 kB (316945 bytes)
Hash 53c4581ac4b2d5c464ed38deb6cdecaf
bfc75824333299546d5949408ba0b06cb6b32520
30f06c70019aaeac6e6099a0bb27af49981885f31a8999d1fb0fa7f7ac2556a1
GET /hls/135319193/135319193_480p_277_cHMd0FsP9WdLhgXb_1701333060.mp4 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: video/mp4
content-length: 316945
last-modified: Thu, 30 Nov 2023 08:31:02 GMT
etag: "65684846-4d611"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7d1b0c0b4d-OSL
alt-svc: h3=":443"; ma=86400
b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_277_cHMd0FsP9WdLhgXb_1701333060.mp4
200 OK 317 kB URL GET HTTP/3 b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_277_cHMd0FsP9WdLhgXb_1701333060.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 317 kB (316945 bytes)
Hash 53c4581ac4b2d5c464ed38deb6cdecaf
bfc75824333299546d5949408ba0b06cb6b32520
30f06c70019aaeac6e6099a0bb27af49981885f31a8999d1fb0fa7f7ac2556a1
GET /hls/135319193/135319193_480p_277_cHMd0FsP9WdLhgXb_1701333060.mp4 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: video/mp4
content-length: 316945
last-modified: Thu, 30 Nov 2023 08:31:02 GMT
etag: "65684846-4d611"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7d1b0e0b4d-OSL
alt-svc: h3=":443"; ma=86400
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3hA4wrzZXBttixLlaf5xu88np7qWJCGKtaVgRYmAiEgMUPW62fRKZYhCJpdEJB94l_zJ5-
407 B URL accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3hA4wrzZXBttixLlaf5xu88np7qWJCGKtaVgRYmAiEgMUPW62fRKZYhCJpdEJB94l_zJ5-
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (397)
Hash 63de436ad345a50767dae242174a0239
70e00894cbcfc6122f6c8adf64b5d1e4d448bf9b
704876bd7aa1d02a3cb2f7fc16203d287adb73405bbc53d354e4fbae7c6af334
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3hA4wrzZXBttixLlaf5xu88np7qWJCGKtaVgRYmAiEgMUPW62fRKZYhCJpdEJB94l_zJ5- HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:zniA-NZ-7dGmxekgKyhayZ600o8nOg:O4WbESURDx8fIwSC;Path=/;Expires=Sat, 29-Nov-2025 08:31:08 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 30 Nov 2023 08:31:08 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0FqqIj1pbKL5Lx0ZGygwPQ1aJZ_D7cbAsbdA9MddIqapWqpzt2Kdy90xXQb6iBEzz59zA2Jw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-922468632%3A1701333068354559&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-UNt4ngJhmZOJ5gRO4hxGgQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 407
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_277_cHMd0FsP9WdLhgXb_1701333060.mp4
200 OK 317 kB URL GET HTTP/3 b-hls-02.doppiocdn.com/hls/135319193/135319193_480p_277_cHMd0FsP9WdLhgXb_1701333060.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 317 kB (316945 bytes)
Hash 53c4581ac4b2d5c464ed38deb6cdecaf
bfc75824333299546d5949408ba0b06cb6b32520
30f06c70019aaeac6e6099a0bb27af49981885f31a8999d1fb0fa7f7ac2556a1
GET /hls/135319193/135319193_480p_277_cHMd0FsP9WdLhgXb_1701333060.mp4 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: video/mp4
content-length: 316945
last-modified: Thu, 30 Nov 2023 08:31:02 GMT
etag: "65684846-4d611"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7d5b250b4d-OSL
alt-svc: h3=":443"; ma=86400
netuplayer.top/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=83624335
200 OK 2 B URL GET HTTP/3 netuplayer.top/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=83624335
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=83624335 HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Cookie: uid=LoVrYyIbzp9v-FCCrMKsmqlwk5riVsKl
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
x-inferno-location: banner
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdepfJOWOfYKw3WQTEPKExOus5LiuwZfzrFgrACbJlzy35O80GFJWXI%2FTqA8W3yWRz7teVscfJBRnXXRqTA1SNq52S3jNRLWSt1tg018Jy%2FC80TKbJ6ccIyzTLwD1yVrVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7dba93b529-OSL
alt-svc: h3=":443"; ma=86400
netuplayer.top/js/video.counters.2.js?117
200 OK 406 B URL GET HTTP/3 netuplayer.top/js/video.counters.2.js?117
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
Hash 822d1aaefb9a343e788bfd63d5270e37
500ec918bfb859b16cb6b147010924f266591c67
34310731b79445f958ec982df1cb3793cea4f125f0a192a110d08203f4015c10
GET /js/video.counters.2.js?117 HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Cookie: uid=LoVrYyIbzp9v-FCCrMKsmqlwk5riVsKl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 06 Feb 2022 19:35:56 GMT
etag: W/"6200231c-2b8"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 497805
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApZh0HkmU6eBgP%2F9L5XraINsu4pftUi5vxu6heOZOOzIjZNzkdhBJgvpG9J6ebf3rz2MgESuHTgnAFgI5yRTnirHhOFZtG%2FwrUIzIWcoZwOYg%2FogiCx%2Bip1QiqQGLuUdHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7dba87b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
2c83d2caf6.d067641e02.com/in/multy
200 OK 5.9 kB URL POST HTTP/2 2c83d2caf6.d067641e02.com/in/multy
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectd067641e02.com
Fingerprint82:D8:77:53:52:1A:F5:03:AF:0D:FD:8F:C0:8C:9F:D8:4C:D9:01:F1
ValidityMon, 27 Nov 2023 03:21:50 GMT - Sun, 25 Feb 2024 03:21:49 GMT
File type JSON data\012- , ASCII text, with very long lines (42668), with no line terminators
Hash bb3d9379df179d88b4ef742dd5080d65
ce2e12e513ff8d62c150d8fa0b1d57a3cb5aa7fb
e95f4e992ebd9ddaed2b47c08c028ae1186ee95fc379d1f1f6a6ea0503f4404b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /in/multy HTTP/1.1
Host: 2c83d2caf6.d067641e02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1888
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/json
content-length: 5893
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
i0.wp.com/cdn-s10.cfglobalcdn.com/flv/api/files/thumbs/2019/11/08/1573163968szmxe-640x480-1.jpg
200 OK 46 kB URL GET HTTP/2 i0.wp.com/cdn-s10.cfglobalcdn.com/flv/api/files/thumbs/2019/11/08/1573163968szmxe-640x480-1.jpg
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8b7e542c858c7fdf679c3a80be0f46b6
b05d61a798a626f86b76c153edb9a60aef42511b
25c010a7e839f4ea1c50889efbe01c4303c2259ef1a004cee594f250119eb059
GET /cdn-s10.cfglobalcdn.com/flv/api/files/thumbs/2019/11/08/1573163968szmxe-640x480-1.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: image/webp
content-length: 46224
last-modified: Thu, 23 Nov 2023 11:02:57 GMT
expires: Sat, 22 Nov 2025 23:02:57 GMT
cache-control: public, max-age=63115200
link: <http://cdn-s10.cfglobalcdn.com/flv/api/files/thumbs/2019/11/08/1573163968szmxe-640x480-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8e53c4c1338559d1"
vary: Accept
x-nc: MISS arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
b-hls-17.doppiocdn.com/hls/126114747/126114747_480p_init_3ycwFSxSF21GOgvf.mp4
200 OK 1.2 kB URL GET HTTP/3 b-hls-17.doppiocdn.com/hls/126114747/126114747_480p_init_3ycwFSxSF21GOgvf.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v5 \012- data
Hash 98d2e04da508ad29d3a9bcd8c3853d76
b946d289e1dd9a3da41363ee6269cc9ebee966e3
f18560a67880487cc1d4ebefda6cdf0faaba470a9dcd8e03d76d284aaaccd36a
GET /hls/126114747/126114747_480p_init_3ycwFSxSF21GOgvf.mp4 HTTP/1.1
Host: b-hls-17.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: video/mp4
content-length: 1217
last-modified: Thu, 30 Nov 2023 06:54:42 GMT
etag: "656831b2-4c1"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 30
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb809d020b4d-OSL
alt-svc: h3=":443"; ma=86400
b-hls-15.doppiocdn.com/hls/99309079/99309079_init_EcJpzw5c0w84Cw1G.mp4
200 OK 1.2 kB URL GET HTTP/3 b-hls-15.doppiocdn.com/hls/99309079/99309079_init_EcJpzw5c0w84Cw1G.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v5 \012- data
Hash 73e92786ed72b883e6859abdf7fa42fd
0df4e190030480f8b36811e6d553f7f221e742a6
4cd4e9259ced3a55aa5c2e6921bd2cca60d107c0c6f274b1ddef4d500cdffce7
GET /hls/99309079/99309079_init_EcJpzw5c0w84Cw1G.mp4 HTTP/1.1
Host: b-hls-15.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: video/mp4
content-length: 1216
last-modified: Thu, 30 Nov 2023 08:29:58 GMT
etag: "65684806-4c0"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb805ce20b4d-OSL
alt-svc: h3=":443"; ma=86400
b-hls-17.doppiocdn.com/hls/126114747/126114747_480p_4327_sWiXjaqgUJpd5Bb7_1701333060.mp4
200 OK 336 kB URL GET HTTP/3 b-hls-17.doppiocdn.com/hls/126114747/126114747_480p_4327_sWiXjaqgUJpd5Bb7_1701333060.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 336 kB (335731 bytes)
Hash de3ffbf86bc6b5572b586dedba45ed55
f4456dcc502f754a0480516d1a6a9341beea54b3
1da54fbb9e3292570b872a29f0a1dfef2c2d19270804a01208f32eefa60d07be
GET /hls/126114747/126114747_480p_4327_sWiXjaqgUJpd5Bb7_1701333060.mp4 HTTP/1.1
Host: b-hls-17.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: video/mp4
content-length: 335731
last-modified: Thu, 30 Nov 2023 08:31:02 GMT
etag: "65684846-51f73"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 4
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb80cd180b4d-OSL
alt-svc: h3=":443"; ma=86400
creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js
200 OK 81 kB URL GET HTTP/3 creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (32011), with LF, NEL line terminators
Hash 149fd3a87101adfb731800f02f11e73b
9a9a0f6f14028d913e63fc012a80378a5c4d5896
420332e58487b55b58db2c2edbe69162c5d23170061d16addce87762ef224f4b
GET /widgets/v4/Universal/main.672e6e87c69b0c60653e.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-44bd4"
expires: Thu, 30 Nov 2023 08:31:05 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 2
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb71eeff5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
2c83d2caf6.d067641e02.com/in/show/?tag_ab=b&site_id=31438070&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fwww1.verhentai.top%2Fonline%2Fnatsuyasumi%2F&refdom=www1.verhentai.top&auction_time=1701333068&subid=651956767&sid=2079352419&tcid=0&ver=8.120.0&ver_c=&spot_id=438070&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-30&iabcat=IAB25&keywords=hentai&user_fp=2903243637289063326&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D651956767%26spot_id%3D438070%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYbBm2QGTNDTAscOWbQaEHjhpkwLcLYEAOjxYwbOGaQOYgDho0ZNUQ4nCMmDRmFOraIsFEjRo4aNm5EFdHF4Rg3SHHQmOEwTJ0xGG_EoAEjBg4ZMnAwhSHjxo0aOcYKFVGUDMY0dMq0-RJjrkE7C23YoEHDhkM4dcQsrAFURlc4F3XIiAGXxlA4EnXQkAGDBg61DsvgofNlDmaMBvW8cVOGb43Cc8e0iVyjhowZMWB0JWNmYUO6btwsVGm2rWMRbdx4ZPhz7OHky2PcgOHTYZ2-OgbSsThHx4sXadzklWOGzRs5YVyYCe9GjPk2c8a7cPPmBR30Y9b8iNPjzh09ZOSgRQ1TwHFGDnnMRcYbbWDk3x0xuGAHQgSJF0YaLtCxUWxhZLYFblVlJAdYOsDgAnXS1eCQGL2V6MINM8yQQw6GiTAGHHvBMeJELnj2lkNy2BEZZaHd2KAOEf4oQh11pIGRDDnAMIMMW_10Q1pR_jSlDXOlEZkIcbkQZY8yuEAZDXPVEQZGTbyhRxpssBHGCzWcCAIKV4S34B1zgOAEFSDkduIOIOTpxmCE4oEoCEEiCUOdMKQAwhFl5FcfZ7mVVRYIRqQhRxlmvIHHC7lBGhuJIjjxxFznfTEGqqrOxQaqRTihYBl2fPEpGxPV4FZONvSkmwhynCGcZDXg8NtBuYohx0KfOcTsF228YZdkalEkAhlyvDGcQ28gZZmIoiaog4rEgooRGtvB0d13D0Y4oRwV0nFhhhu9sBob4ZXxghsdzlFHHmEI3EYaL8w1R5AYdWuvhnK0UIcbeLUAww0ujHQDqwsDhmwMMtgG403SonrQFxrPRceR0pUV4ww-4VBRGzJMNF0ML8fM1rgG6VqGaV90aLPLMcYcWq5hsIEQHUh9WEOIYYiR2bagesWGRIfNutCwYywHQx8KBAQ%253D%26s%3Dc94f372721ef6eb925267826d033529fde23887c8433a86e413a88ca0db3c2611701333068&icons=aEoD7f9ksWTDYjf0RXPsF3kYdBiBYJQJ0LTy3l3hBtOjUu7xkixfu2Ff71w495p9FrrStS3y7EpNaraD1P3GUIjohOtdus3r1-aWD9SopN2j2DxzQanxx4CM-wpXKMwKtOy17d0Hg8rR9L0qzD8Cvtiu5w-GYpOQYpvtgFQTje0sqlkNhw&ext_cid=0&pop_price=0.0014874999999999999&pop_ecpm=0.015826738327582544&px_id=438070&min_cpm=0.009095723426540204&out_id=0&campaign_type=lq-pop-ext&aid=2010&cid=10882&uniq=&mid=7140182286502775914&skin_id=25&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2771675303578371&cpm=0&verify_hash=5ff946c2450d063b5401915602446aa5&is_native=3&real_bid=1.2771675303578371&pop_real_cpm=1.4875&pop_real_bid=0.0012771675303578371&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,5,27,129,130,108,0&need_redirect_show=0&applied_features=main-skins-settings,coef_099&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-5-c&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014874999999999999&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&st=0.06&cpa=e765ab4f-9873-4846-8b03-4337656468f9
200 OK 0 B URL GET HTTP/2 2c83d2caf6.d067641e02.com/in/show/?tag_ab=b&site_id=31438070&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fwww1.verhentai.top%2Fonline%2Fnatsuyasumi%2F&refdom=www1.verhentai.top&auction_time=1701333068&subid=651956767&sid=2079352419&tcid=0&ver=8.120.0&ver_c=&spot_id=438070&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-30&iabcat=IAB25&keywords=hentai&user_fp=2903243637289063326&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D651956767%26spot_id%3D438070%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYbBm2QGTNDTAscOWbQaEHjhpkwLcLYEAOjxYwbOGaQOYgDho0ZNUQ4nCMmDRmFOraIsFEjRo4aNm5EFdHF4Rg3SHHQmOEwTJ0xGG_EoAEjBg4ZMnAwhSHjxo0aOcYKFVGUDMY0dMq0-RJjrkE7C23YoEHDhkM4dcQsrAFURlc4F3XIiAGXxlA4EnXQkAGDBg61DsvgofNlDmaMBvW8cVOGb43Cc8e0iVyjhowZMWB0JWNmYUO6btwsVGm2rWMRbdx4ZPhz7OHky2PcgOHTYZ2-OgbSsThHx4sXadzklWOGzRs5YVyYCe9GjPk2c8a7cPPmBR30Y9b8iNPjzh09ZOSgRQ1TwHFGDnnMRcYbbWDk3x0xuGAHQgSJF0YaLtCxUWxhZLYFblVlJAdYOsDgAnXS1eCQGL2V6MINM8yQQw6GiTAGHHvBMeJELnj2lkNy2BEZZaHd2KAOEf4oQh11pIGRDDnAMIMMW_10Q1pR_jSlDXOlEZkIcbkQZY8yuEAZDXPVEQZGTbyhRxpssBHGCzWcCAIKV4S34B1zgOAEFSDkduIOIOTpxmCE4oEoCEEiCUOdMKQAwhFl5FcfZ7mVVRYIRqQhRxlmvIHHC7lBGhuJIjjxxFznfTEGqqrOxQaqRTihYBl2fPEpGxPV4FZONvSkmwhynCGcZDXg8NtBuYohx0KfOcTsF228YZdkalEkAhlyvDGcQ28gZZmIoiaog4rEgooRGtvB0d13D0Y4oRwV0nFhhhu9sBob4ZXxghsdzlFHHmEI3EYaL8w1R5AYdWuvhnK0UIcbeLUAww0ujHQDqwsDhmwMMtgG403SonrQFxrPRceR0pUV4ww-4VBRGzJMNF0ML8fM1rgG6VqGaV90aLPLMcYcWq5hsIEQHUh9WEOIYYiR2bagesWGRIfNutCwYywHQx8KBAQ%253D%26s%3Dc94f372721ef6eb925267826d033529fde23887c8433a86e413a88ca0db3c2611701333068&icons=aEoD7f9ksWTDYjf0RXPsF3kYdBiBYJQJ0LTy3l3hBtOjUu7xkixfu2Ff71w495p9FrrStS3y7EpNaraD1P3GUIjohOtdus3r1-aWD9SopN2j2DxzQanxx4CM-wpXKMwKtOy17d0Hg8rR9L0qzD8Cvtiu5w-GYpOQYpvtgFQTje0sqlkNhw&ext_cid=0&pop_price=0.0014874999999999999&pop_ecpm=0.015826738327582544&px_id=438070&min_cpm=0.009095723426540204&out_id=0&campaign_type=lq-pop-ext&aid=2010&cid=10882&uniq=&mid=7140182286502775914&skin_id=25&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2771675303578371&cpm=0&verify_hash=5ff946c2450d063b5401915602446aa5&is_native=3&real_bid=1.2771675303578371&pop_real_cpm=1.4875&pop_real_bid=0.0012771675303578371&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,5,27,129,130,108,0&need_redirect_show=0&applied_features=main-skins-settings,coef_099&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-5-c&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014874999999999999&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&st=0.06&cpa=e765ab4f-9873-4846-8b03-4337656468f9
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectd067641e02.com
Fingerprint82:D8:77:53:52:1A:F5:03:AF:0D:FD:8F:C0:8C:9F:D8:4C:D9:01:F1
ValidityMon, 27 Nov 2023 03:21:50 GMT - Sun, 25 Feb 2024 03:21:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /in/show/?tag_ab=b&site_id=31438070&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fwww1.verhentai.top%2Fonline%2Fnatsuyasumi%2F&refdom=www1.verhentai.top&auction_time=1701333068&subid=651956767&sid=2079352419&tcid=0&ver=8.120.0&ver_c=&spot_id=438070&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-30&iabcat=IAB25&keywords=hentai&user_fp=2903243637289063326&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D651956767%26spot_id%3D438070%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYbBm2QGTNDTAscOWbQaEHjhpkwLcLYEAOjxYwbOGaQOYgDho0ZNUQ4nCMmDRmFOraIsFEjRo4aNm5EFdHF4Rg3SHHQmOEwTJ0xGG_EoAEjBg4ZMnAwhSHjxo0aOcYKFVGUDMY0dMq0-RJjrkE7C23YoEHDhkM4dcQsrAFURlc4F3XIiAGXxlA4EnXQkAGDBg61DsvgofNlDmaMBvW8cVOGb43Cc8e0iVyjhowZMWB0JWNmYUO6btwsVGm2rWMRbdx4ZPhz7OHky2PcgOHTYZ2-OgbSsThHx4sXadzklWOGzRs5YVyYCe9GjPk2c8a7cPPmBR30Y9b8iNPjzh09ZOSgRQ1TwHFGDnnMRcYbbWDk3x0xuGAHQgSJF0YaLtCxUWxhZLYFblVlJAdYOsDgAnXS1eCQGL2V6MINM8yQQw6GiTAGHHvBMeJELnj2lkNy2BEZZaHd2KAOEf4oQh11pIGRDDnAMIMMW_10Q1pR_jSlDXOlEZkIcbkQZY8yuEAZDXPVEQZGTbyhRxpssBHGCzWcCAIKV4S34B1zgOAEFSDkduIOIOTpxmCE4oEoCEEiCUOdMKQAwhFl5FcfZ7mVVRYIRqQhRxlmvIHHC7lBGhuJIjjxxFznfTEGqqrOxQaqRTihYBl2fPEpGxPV4FZONvSkmwhynCGcZDXg8NtBuYohx0KfOcTsF228YZdkalEkAhlyvDGcQ28gZZmIoiaog4rEgooRGtvB0d13D0Y4oRwV0nFhhhu9sBob4ZXxghsdzlFHHmEI3EYaL8w1R5AYdWuvhnK0UIcbeLUAww0ujHQDqwsDhmwMMtgG403SonrQFxrPRceR0pUV4ww-4VBRGzJMNF0ML8fM1rgG6VqGaV90aLPLMcYcWq5hsIEQHUh9WEOIYYiR2bagesWGRIfNutCwYywHQx8KBAQ%253D%26s%3Dc94f372721ef6eb925267826d033529fde23887c8433a86e413a88ca0db3c2611701333068&icons=aEoD7f9ksWTDYjf0RXPsF3kYdBiBYJQJ0LTy3l3hBtOjUu7xkixfu2Ff71w495p9FrrStS3y7EpNaraD1P3GUIjohOtdus3r1-aWD9SopN2j2DxzQanxx4CM-wpXKMwKtOy17d0Hg8rR9L0qzD8Cvtiu5w-GYpOQYpvtgFQTje0sqlkNhw&ext_cid=0&pop_price=0.0014874999999999999&pop_ecpm=0.015826738327582544&px_id=438070&min_cpm=0.009095723426540204&out_id=0&campaign_type=lq-pop-ext&aid=2010&cid=10882&uniq=&mid=7140182286502775914&skin_id=25&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2771675303578371&cpm=0&verify_hash=5ff946c2450d063b5401915602446aa5&is_native=3&real_bid=1.2771675303578371&pop_real_cpm=1.4875&pop_real_bid=0.0012771675303578371&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,5,27,129,130,108,0&need_redirect_show=0&applied_features=main-skins-settings,coef_099&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-5-c&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014874999999999999&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&st=0.06&cpa=e765ab4f-9873-4846-8b03-4337656468f9 HTTP/1.1
Host: 2c83d2caf6.d067641e02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 08:31:08 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
b-hls-15.doppiocdn.com/hls/99309079/99309079_49_GXtTdyiuvTEDm3MO_1701333060.mp4
200 OK 279 kB URL GET HTTP/3 b-hls-15.doppiocdn.com/hls/99309079/99309079_49_GXtTdyiuvTEDm3MO_1701333060.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 279 kB (278712 bytes)
Hash 097939074f253bff577d86a53aa3b7b6
3cf003634a22b898395b24701001e34faf3402d2
c0a052ac7c4332d7429b56b24a9f793b3b3b37c71584c65f7a5f853be61ebfcd
GET /hls/99309079/99309079_49_GXtTdyiuvTEDm3MO_1701333060.mp4 HTTP/1.1
Host: b-hls-15.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: video/mp4
content-length: 278712
last-modified: Thu, 30 Nov 2023 08:31:02 GMT
etag: "65684846-440b8"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 4
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb80dd1c0b4d-OSL
alt-svc: h3=":443"; ma=86400
b-hls-17.doppiocdn.com/hls/126114747/126114747_480p_4328_kOQna7DsEiOFYD6u_1701333062.mp4
200 OK 302 kB URL GET HTTP/3 b-hls-17.doppiocdn.com/hls/126114747/126114747_480p_4328_kOQna7DsEiOFYD6u_1701333062.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 302 kB (301561 bytes)
Hash 3eda946ca8adc4c51b5c8b8986cd6b05
f76f391fcf077b04cd4813839227f85c94ef359d
07b03b4cb4447c3754d3dc584db39f2dcbb7d6f48c4d2e9bb301696c79587b0f
GET /hls/126114747/126114747_480p_4328_kOQna7DsEiOFYD6u_1701333062.mp4 HTTP/1.1
Host: b-hls-17.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:09 GMT
content-type: video/mp4
content-length: 301561
last-modified: Thu, 30 Nov 2023 08:31:04 GMT
etag: "65684848-499f9"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb814d6a0b4d-OSL
alt-svc: h3=":443"; ma=86400
b-hls-15.doppiocdn.com/hls/99309079/99309079_50_2wyRWXfNKVgvPsrF_1701333062.mp4
200 OK 285 kB URL GET HTTP/3 b-hls-15.doppiocdn.com/hls/99309079/99309079_50_2wyRWXfNKVgvPsrF_1701333062.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 285 kB (285249 bytes)
Hash f1a7bf73308469c9012a75e9eb8f0fb5
1410c44b106d61e9763203aee105207525f4c7f3
9fc68abc966c7005c2146ddff700136064f8a85ec132306fa6321f7f357f4ef0
GET /hls/99309079/99309079_50_2wyRWXfNKVgvPsrF_1701333062.mp4 HTTP/1.1
Host: b-hls-15.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:09 GMT
content-type: video/mp4
content-length: 285249
last-modified: Thu, 30 Nov 2023 08:31:04 GMT
etag: "65684848-45a41"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb819d900b4d-OSL
alt-svc: h3=":443"; ma=86400
b-hls-03.doppiocdn.com/hls/23938902/23938902_480p.m3u8
200 OK 1.5 kB URL GET HTTP/3 b-hls-03.doppiocdn.com/hls/23938902/23938902_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Hash edd4d3bb57b128ea5ac6eab0ef8755f8
a752b8665b5d060ff38a6be2362f6a21a2485c4a
66fe012078600c1e223fe3ea6849cc79df77f97b4eeff1360b4a0805a9d7d5e6
GET /hls/23938902/23938902_480p.m3u8 HTTP/1.1
Host: b-hls-03.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:09 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:07 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82e1bb820dc70b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
200 OK 590 B URL GET HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectbookmsg.com
Fingerprint84:FF:B2:EC:22:57:12:AF:98:D1:21:28:6D:29:74:88:74:C2:08:C4
ValiditySat, 11 Nov 2023 01:54:54 GMT - Fri, 09 Feb 2024 01:54:53 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 08:31:09 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
edge-hls.doppiocdn.com/hls/126114747/master/126114747_480p.m3u8
200 OK 779 B URL GET HTTP/3 edge-hls.doppiocdn.com/hls/126114747/master/126114747_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Hash 1e7cfb1d3b694c228506f3d1c8498114
10319537ffd32f93d50e4d10d0257954774dd555
5094f9f500483b6e9dd46f5651065cac0e84a083b29ef78036be699f2c3f5c56
GET /hls/126114747/master/126114747_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:07 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82e1bb7d6b300b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&mlc=1&st=0.06&cpa=5f88c863-9b5d-44ae-af1b-8e7bd64ab329
200 OK 590 B URL GET HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&mlc=1&st=0.06&cpa=5f88c863-9b5d-44ae-af1b-8e7bd64ab329
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectbookmsg.com
Fingerprint84:FF:B2:EC:22:57:12:AF:98:D1:21:28:6D:29:74:88:74:C2:08:C4
ValiditySat, 11 Nov 2023 01:54:54 GMT - Fri, 09 Feb 2024 01:54:53 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&mlc=1&st=0.06&cpa=5f88c863-9b5d-44ae-af1b-8e7bd64ab329 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 08:31:09 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
200 OK 590 B URL GET HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectbookmsg.com
Fingerprint84:FF:B2:EC:22:57:12:AF:98:D1:21:28:6D:29:74:88:74:C2:08:C4
ValiditySat, 11 Nov 2023 01:54:54 GMT - Fri, 09 Feb 2024 01:54:53 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 08:31:09 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
b-hls-03.doppiocdn.com/hls/23938902/23938902_480p_834_42tvOpFiVxQ5wIzV_1701333060.mp4
200 OK 314 kB URL GET HTTP/3 b-hls-03.doppiocdn.com/hls/23938902/23938902_480p_834_42tvOpFiVxQ5wIzV_1701333060.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 314 kB (314387 bytes)
Hash 392bdd8839df121d3b9590a7149ef037
32522ab63fcb5d2d8dae320883af81e41414d44b
297c6122595cba9089c539104274da61bcba0c244a2e421ea658cd36ae262c81
GET /hls/23938902/23938902_480p_834_42tvOpFiVxQ5wIzV_1701333060.mp4 HTTP/1.1
Host: b-hls-03.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:09 GMT
content-type: video/mp4
content-length: 314387
last-modified: Thu, 30 Nov 2023 08:31:02 GMT
etag: "65684846-4cc13"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 5
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb82be340b4d-OSL
alt-svc: h3=":443"; ma=86400
b-hls-03.doppiocdn.com/hls/23938902/23938902_480p_835_tdLr4uDiZ1CBaEIT_1701333062.mp4
320 kB URL b-hls-03.doppiocdn.com/hls/23938902/23938902_480p_835_tdLr4uDiZ1CBaEIT_1701333062.mp4
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 320 kB (320029 bytes)
Hash 15e2f954c75524819095822e2f2128aa
f4dd591f87b23a2cb33344e30cffc16bda15a0ac
34097566c0c6744f9cf1cfcfcdf3ebe5e96ed352a99eb25587009572b67c249c
GET /hls/23938902/23938902_480p_835_tdLr4uDiZ1CBaEIT_1701333062.mp4 HTTP/1.1
Host: b-hls-03.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:09 GMT
content-type: video/mp4
content-length: 320029
last-modified: Thu, 30 Nov 2023 08:31:04 GMT
etag: "65684848-4e21d"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb831e710b4d-OSL
alt-svc: h3=":443"; ma=86400
syndication.realsrv.com/v1/api.php
200 OK 6.8 kB URL POST HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint33:54:4D:F8:0E:E4:00:D3:20:90:CA:61:C8:CC:4D:D5:CB:BB:83:57
ValidityThu, 05 Oct 2023 15:34:07 GMT - Wed, 03 Jan 2024 15:34:06 GMT
File type JSON data\012- , ASCII text, with very long lines (12138), with no line terminators
Hash af0df12b44e784381f07594fee04918a
c07abda3912a4eaf4e2a233f99d5d28bfa247cf6
bd8b2c1607c2553dcaa56c246345e97bd896b44717c0bc0b951bd0a97454bc6e
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 335
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:31:10 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www1.verhentai.top
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226568484e3d8f17.172575924110220906%22%3B%7D; expires=Sat, 29-Nov-2025 08:31:10 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VPW0oDQRC8ihfI0K955Vt/FSI5wM7sLvoTgwajUIe3Z4OgUzAURVV3tZDojnmndEe6V94zoXKoFEwCR8Pj0wHG+FzeX5bTZXoNl7czkmhiRtJqNaJQJoswTZYtgX2EVo41FU+WrEUM5hrIIVHNBgtEJCgRD8cDjs/3rnhIwRCC/2PxoOKcvka0a5tmKy3Na9cpFkvT0mydy8qcWrFhxPV65fC/Ld0QqNThkV/BsRsRZVPxUv4Imzx9fJ868Md4O25E4zZABFK3hQMMrK3Hbplk0a6lt541SfKGNrclZ/kBtMNCEmkBAAA=
200 OK 20 B URL GET HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VPW0oDQRC8ihfI0K955Vt/FSI5wM7sLvoTgwajUIe3Z4OgUzAURVV3tZDojnmndEe6V94zoXKoFEwCR8Pj0wHG+FzeX5bTZXoNl7czkmhiRtJqNaJQJoswTZYtgX2EVo41FU+WrEUM5hrIIVHNBgtEJCgRD8cDjs/3rnhIwRCC/2PxoOKcvka0a5tmKy3Na9cpFkvT0mydy8qcWrFhxPV65fC/Ld0QqNThkV/BsRsRZVPxUv4Imzx9fJ868Md4O25E4zZABFK3hQMMrK3Hbplk0a6lt541SfKGNrclZ/kBtMNCEmkBAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint33:54:4D:F8:0E:E4:00:D3:20:90:CA:61:C8:CC:4D:D5:CB:BB:83:57
ValidityThu, 05 Oct 2023 15:34:07 GMT - Wed, 03 Jan 2024 15:34:06 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA1VPW0oDQRC8ihfI0K955Vt/FSI5wM7sLvoTgwajUIe3Z4OgUzAURVV3tZDojnmndEe6V94zoXKoFEwCR8Pj0wHG+FzeX5bTZXoNl7czkmhiRtJqNaJQJoswTZYtgX2EVo41FU+WrEUM5hrIIVHNBgtEJCgRD8cDjs/3rnhIwRCC/2PxoOKcvka0a5tmKy3Na9cpFkvT0mydy8qcWrFhxPV65fC/Ld0QqNThkV/BsRsRZVPxUv4Imzx9fJ868Md4O25E4zZABFK3hQMMrK3Hbplk0a6lt541SfKGNrclZ/kBtMNCEmkBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226568484e3d8f17.172575924110220906%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:31:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www1.verhentai.top
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22110.0199%22%7D; expires=Sat, 29 Nov 2025 08:31:10 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VPW0rEQBC8ihdI6Oc89lt/FVb2AJlkg/6sootRqMPbE0F0CrqbpqqrRkh0YB6UbkgPygcmVB4rjSYju+H+4QhjfJzfns6X6/Q8Xl9eUUSlJiStVh2FMpnDNFm2BI4Tns2cCgp7zWoCIygoIK5mfRqJWGpQHHenI06Pt7Gr7AqGEKJ2a+TQxkyfXTxrmxYrLS3rrJMXS9O52bqUlTm1shOxbRuP//MSipoL2HMQu3epCgnQL4auVTaVyBePsK+n96/LDPwh/vyzS30/IHGn7s4MNusNy1x9kdKIjX0tq2oktqieW/K0fAMJDMihdwEAAA==
20 B URL syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VPW0rEQBC8ihdI6Oc89lt/FVb2AJlkg/6sootRqMPbE0F0CrqbpqqrRkh0YB6UbkgPygcmVB4rjSYju+H+4QhjfJzfns6X6/Q8Xl9eUUSlJiStVh2FMpnDNFm2BI4Tns2cCgp7zWoCIygoIK5mfRqJWGpQHHenI06Pt7Gr7AqGEKJ2a+TQxkyfXTxrmxYrLS3rrJMXS9O52bqUlTm1shOxbRuP//MSipoL2HMQu3epCgnQL4auVTaVyBePsK+n96/LDPwh/vyzS30/IHGn7s4MNusNy1x9kdKIjX0tq2oktqieW/K0fAMJDMihdwEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint33:54:4D:F8:0E:E4:00:D3:20:90:CA:61:C8:CC:4D:D5:CB:BB:83:57
ValidityThu, 05 Oct 2023 15:34:07 GMT - Wed, 03 Jan 2024 15:34:06 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA1VPW0rEQBC8ihdI6Oc89lt/FVb2AJlkg/6sootRqMPbE0F0CrqbpqqrRkh0YB6UbkgPygcmVB4rjSYju+H+4QhjfJzfns6X6/Q8Xl9eUUSlJiStVh2FMpnDNFm2BI4Tns2cCgp7zWoCIygoIK5mfRqJWGpQHHenI06Pt7Gr7AqGEKJ2a+TQxkyfXTxrmxYrLS3rrJMXS9O52bqUlTm1shOxbRuP//MSipoL2HMQu3epCgnQL4auVTaVyBePsK+n96/LDPwh/vyzS30/IHGn7s4MNusNy1x9kdKIjX0tq2oktqieW/K0fAMJDMihdwEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226568484e3d8f17.172575924110220906%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:31:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www1.verhentai.top
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22110.0199%22%7D; expires=Sat, 29 Nov 2025 08:31:10 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1WPW0oEQQxFt+IGusizHvOtvwojs4DqF/ozDjrYCnfxVvUgaA6EEG5uEiHRgXlQuiM9KB+YUDgUCiaB3fD4dIQxPpf3l+V8ra/h+nYBG5FnRC1WHJkSmcM0WrIIbhaiybUpREtyoQQjKKghrmZ7lR0PpyNOz/egUNgVDCG03Hf2khv01bWTjnW2PMZ5nbR6tliX0dY5r8xxzNaF2LaNw/9D6UagXBQG+W00hj6ibCrtnhaEvV0/vs8T8Ed4+6uP+m4gAin7wg4DVeJS6pSTzzlNOQvZMptYSmkVMfoB/4VVfGQBAAA=
200 OK 20 B URL GET HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1WPW0oEQQxFt+IGusizHvOtvwojs4DqF/ozDjrYCnfxVvUgaA6EEG5uEiHRgXlQuiM9KB+YUDgUCiaB3fD4dIQxPpf3l+V8ra/h+nYBG5FnRC1WHJkSmcM0WrIIbhaiybUpREtyoQQjKKghrmZ7lR0PpyNOz/egUNgVDCG03Hf2khv01bWTjnW2PMZ5nbR6tliX0dY5r8xxzNaF2LaNw/9D6UagXBQG+W00hj6ibCrtnhaEvV0/vs8T8Ed4+6uP+m4gAin7wg4DVeJS6pSTzzlNOQvZMptYSmkVMfoB/4VVfGQBAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint33:54:4D:F8:0E:E4:00:D3:20:90:CA:61:C8:CC:4D:D5:CB:BB:83:57
ValidityThu, 05 Oct 2023 15:34:07 GMT - Wed, 03 Jan 2024 15:34:06 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA1WPW0oEQQxFt+IGusizHvOtvwojs4DqF/ozDjrYCnfxVvUgaA6EEG5uEiHRgXlQuiM9KB+YUDgUCiaB3fD4dIQxPpf3l+V8ra/h+nYBG5FnRC1WHJkSmcM0WrIIbhaiybUpREtyoQQjKKghrmZ7lR0PpyNOz/egUNgVDCG03Hf2khv01bWTjnW2PMZ5nbR6tliX0dY5r8xxzNaF2LaNw/9D6UagXBQG+W00hj6ibCrtnhaEvV0/vs8T8Ed4+6uP+m4gAin7wg4DVeJS6pSTzzlNOQvZMptYSmkVMfoB/4VVfGQBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226568484e3d8f17.172575924110220906%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:31:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www1.verhentai.top
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22110.0199%22%7D; expires=Sat, 29 Nov 2025 08:31:10 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VPW0oEMRC8iheY0I9KJtlv/VVY2QNkJjPoz7ro4ij04e3MImgKQlF0d1UJiQ7Mg9Id6UH5wGSFQ6EACRxhj09HA9vn8v6ynK/1NVzfLgZkRLakBSVappEQDZowIhn7iZiBIsmy5LEUhoFMjRwSFegsELl3thzt4XS00/O9a4WjGpuQ+d+tO4Vz+urLs061IU+prbNWN0l1mbC2vDKnKe+Dtm0bh/956YZAuajnkF/BMfQVZah4LH9ku1w/vs+z2Z/BW72+GvcDIiZlN/TK8H7s07xgWlYaE9PszRuSEFdtLce6pPkHhWmYPW4BAAA=
200 OK 20 B URL GET HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VPW0oEMRC8iheY0I9KJtlv/VVY2QNkJjPoz7ro4ij04e3MImgKQlF0d1UJiQ7Mg9Id6UH5wGSFQ6EACRxhj09HA9vn8v6ynK/1NVzfLgZkRLakBSVappEQDZowIhn7iZiBIsmy5LEUhoFMjRwSFegsELl3thzt4XS00/O9a4WjGpuQ+d+tO4Vz+urLs061IU+prbNWN0l1mbC2vDKnKe+Dtm0bh/956YZAuajnkF/BMfQVZah4LH9ku1w/vs+z2Z/BW72+GvcDIiZlN/TK8H7s07xgWlYaE9PszRuSEFdtLce6pPkHhWmYPW4BAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint33:54:4D:F8:0E:E4:00:D3:20:90:CA:61:C8:CC:4D:D5:CB:BB:83:57
ValidityThu, 05 Oct 2023 15:34:07 GMT - Wed, 03 Jan 2024 15:34:06 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA1VPW0oEMRC8iheY0I9KJtlv/VVY2QNkJjPoz7ro4ij04e3MImgKQlF0d1UJiQ7Mg9Id6UH5wGSFQ6EACRxhj09HA9vn8v6ynK/1NVzfLgZkRLakBSVappEQDZowIhn7iZiBIsmy5LEUhoFMjRwSFegsELl3thzt4XS00/O9a4WjGpuQ+d+tO4Vz+urLs061IU+prbNWN0l1mbC2vDKnKe+Dtm0bh/956YZAuajnkF/BMfQVZah4LH9ku1w/vs+z2Z/BW72+GvcDIiZlN/TK8H7s07xgWlYaE9PszRuSEFdtLce6pPkHhWmYPW4BAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226568484e3d8f17.172575924110220906%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:31:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www1.verhentai.top
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22110.0199%22%7D; expires=Sat, 29 Nov 2025 08:31:10 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1WPW2pDMQxEt9INxIwefij//W0h0AXY90H7k5Ym9Kagxde+odB6MIhhdCQxWA5EB8ED5Ch0JLhRMATlQFH96fnkSv61fL4u52t9C9f3D1dOiOZJTC16QYZGV0maFU4doblEk+Sl5CjZindfHF0cRXVUARAhMxRNqZCxl+iPL6f9k1OAcfTOEuBG6Nx9l0HSXuM2aJO0OmtpaV4nqbGj6tJ0nctKlFrZg75tG4X/B+CuQEa5Z/jX6DqMFiEV7nv2B9/tevk+T+5/gvd7R2vcAaTOtg9U1zL2dZbKuuZp4RmmQG2RmlhepgwBtx9/22r1fgEAAA==
200 OK 20 B URL GET HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1WPW2pDMQxEt9INxIwefij//W0h0AXY90H7k5Ym9Kagxde+odB6MIhhdCQxWA5EB8ED5Ch0JLhRMATlQFH96fnkSv61fL4u52t9C9f3D1dOiOZJTC16QYZGV0maFU4doblEk+Sl5CjZindfHF0cRXVUARAhMxRNqZCxl+iPL6f9k1OAcfTOEuBG6Nx9l0HSXuM2aJO0OmtpaV4nqbGj6tJ0nctKlFrZg75tG4X/B+CuQEa5Z/jX6DqMFiEV7nv2B9/tevk+T+5/gvd7R2vcAaTOtg9U1zL2dZbKuuZp4RmmQG2RmlhepgwBtx9/22r1fgEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint33:54:4D:F8:0E:E4:00:D3:20:90:CA:61:C8:CC:4D:D5:CB:BB:83:57
ValidityThu, 05 Oct 2023 15:34:07 GMT - Wed, 03 Jan 2024 15:34:06 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA1WPW2pDMQxEt9INxIwefij//W0h0AXY90H7k5Ym9Kagxde+odB6MIhhdCQxWA5EB8ED5Ch0JLhRMATlQFH96fnkSv61fL4u52t9C9f3D1dOiOZJTC16QYZGV0maFU4doblEk+Sl5CjZindfHF0cRXVUARAhMxRNqZCxl+iPL6f9k1OAcfTOEuBG6Nx9l0HSXuM2aJO0OmtpaV4nqbGj6tJ0nctKlFrZg75tG4X/B+CuQEa5Z/jX6DqMFiEV7nv2B9/tevk+T+5/gvd7R2vcAaTOtg9U1zL2dZbKuuZp4RmmQG2RmlhepgwBtx9/22r1fgEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226568484e3d8f17.172575924110220906%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22110.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:31:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www1.verhentai.top
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22110.029701%22%7D; expires=Sat, 29 Nov 2025 08:31:10 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/426059/60bec6cb923d0970416a64c7607eb2173d4fbe13.mp4
206 Partial Content 63 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/426059/60bec6cb923d0970416a64c7607eb2173d4fbe13.mp4
IP
ASN #60068 Datacamp Limited
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash c31f41292bf44c5a0c90df7d93a2fdd1
60bec6cb923d0970416a64c7607eb2173d4fbe13
6edecbd2f02a404a8250f8ef0f790f833953bc530829b1d526108b129e45eee1
GET /library/426059/60bec6cb923d0970416a64c7607eb2173d4fbe13.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Thu, 30 Nov 2023 08:31:10 GMT
content-type: video/mp4
content-length: 62792
last-modified: Mon, 27 Jun 2022 13:51:54 GMT
etag: "62b9b5fa-f548"
accept-ch:
expires: Sat, 16 Nov 2024 17:32:16 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: ArlMCQ03Nzf/QKQQALlMCgE3Nzf/bgAAAA
x-77-nzt-ray: c0a4cc28c7ba8b0f4e4868657f69e724
x-accel-expires: @1731778336
x-accel-date: 1700242446
x-77-cache: HIT
x-77-age: 1090734
server: CDN77-Turbo
x-cache-lb: HIT
x-age-lb: 1090624
x-77-pop: stockholmSE
content-range: bytes 0-62791/62792
X-Firefox-Spdy: h2
alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
200 OK 14 kB URL GET HTTP/1.1 alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerLet's Encrypt
Subjectalleviatepracticableaddicted.com
FingerprintED:76:D1:B6:BE:61:8A:98:95:2B:12:51:D5:59:4B:2A:4E:E6:C9:BD
ValiditySun, 29 Oct 2023 06:03:48 GMT - Sat, 27 Jan 2024 06:03:47 GMT
File type ASCII text, with very long lines (37871), with no line terminators
Hash 19494badaf775a18f4732eaa79541edc
bdbf402c7b3e76985418ac37fabe5f82e84deb1c
c508f86312eeb891fee3efcc71b1fb25d4d8c9db1e7d68de57c3c72f2089adac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 08:31:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 145bac949a954128dd218d09d5ac0cfb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
proftrafficcounter.com/stats
200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 78afec156342a8d0cbb0b91f804c8a9f
7a1a31c4b0fc6d03e1efc4b034cbe6aca0832410
ac98be52c7054ace9516cc1fbbb470ab7352015b3341f44efe9e833ffe115de7
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://netuplayer.top
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://netuplayer.top
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=809599a3-7ad9-4622-be08-13245aad91d3:1:1; expires=Sun, 27 Nov 2033 08:31:10 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
barelydresstraitor.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
200 OK 23 kB URL GET HTTP/1.1 barelydresstraitor.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerLet's Encrypt
Subjectbarelydresstraitor.com
Fingerprint25:97:2B:38:9D:41:66:EF:F8:3D:E9:6C:15:38:E1:4F:3F:37:6E:81
ValidityTue, 28 Nov 2023 10:39:06 GMT - Mon, 26 Feb 2024 10:39:05 GMT
File type ASCII text, with very long lines (59633), with no line terminators
Hash d0c4dc194ca8a8a1f25de77b7a05768e
d67460d401bfba1facda06cb3a520d4869987006
29e0bdf288b03c3682cfe3ab4a6565a64d7b00c2062640175b669384f07a8ebb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js HTTP/1.1
Host: barelydresstraitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 08:31:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 83cc75d8bdb4a3eb6bd514214abecbbd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
adxadserv.com/px/heartbeat/v1?pv_uid=618927d5-651f-4526-ab8f-1eaf57c84b52&t_op=5.455&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384
200 OK 0 B URL POST HTTP/1.1 adxadserv.com/px/heartbeat/v1?pv_uid=618927d5-651f-4526-ab8f-1eaf57c84b52&t_op=5.455&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://ads.adxadserv.com/ad?spotid=5f6f78e361d6e216493b2fc4&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069448&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subjectadxadserv.com
FingerprintF8:88:80:7F:5B:DB:FA:2D:82:38:B4:B0:63:00:5E:F2:59:44:94:52
ValiditySun, 01 Oct 2023 21:03:03 GMT - Sat, 30 Dec 2023 21:03:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /px/heartbeat/v1?pv_uid=618927d5-651f-4526-ab8f-1eaf57c84b52&t_op=5.455&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: https://ads.adxadserv.com
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:11 GMT
Content-Length: 0
Connection: keep-alive
b-hls-03.doppiocdn.com/hls/23938902/23938902_480p.m3u8
200 OK 312 B URL GET HTTP/3 b-hls-03.doppiocdn.com/hls/23938902/23938902_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Hash 673173c6d03a82d2625113846ffb5dff
9d2c175569ba604cd4c483bda0e181e1718cfd1f
8fb677c167be7b88332c1275e3d3b009cb09e7ddf583fad21e1fb4ca452a3877
GET /hls/23938902/23938902_480p.m3u8 HTTP/1.1
Host: b-hls-03.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:11 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:09 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82e1bb8e5da10b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
adxadserv.com/px/heartbeat/v1?pv_uid=9fc20882-fdad-4ad2-a957-a020625b5000&t_op=5.703&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384
200 OK 0 B URL POST HTTP/1.1 adxadserv.com/px/heartbeat/v1?pv_uid=9fc20882-fdad-4ad2-a957-a020625b5000&t_op=5.703&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://ads.adxadserv.com/ad?spotid=5f6f78cf61d6e26c9f742e1f&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069429&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subjectadxadserv.com
FingerprintF8:88:80:7F:5B:DB:FA:2D:82:38:B4:B0:63:00:5E:F2:59:44:94:52
ValiditySun, 01 Oct 2023 21:03:03 GMT - Sat, 30 Dec 2023 21:03:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /px/heartbeat/v1?pv_uid=9fc20882-fdad-4ad2-a957-a020625b5000&t_op=5.703&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: https://ads.adxadserv.com
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:11 GMT
Content-Length: 0
Connection: keep-alive
adxadserv.com/px/heartbeat/v1?pv_uid=eb8c4057-55c8-4741-9f5b-997663dc06d5&t_op=5.771&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384
200 OK 0 B URL POST HTTP/1.1 adxadserv.com/px/heartbeat/v1?pv_uid=eb8c4057-55c8-4741-9f5b-997663dc06d5&t_op=5.771&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://ads.adxadserv.com/ad?spotid=5f6f756f61d6e26c9f742e1d&type=300x250&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069454&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subjectadxadserv.com
FingerprintF8:88:80:7F:5B:DB:FA:2D:82:38:B4:B0:63:00:5E:F2:59:44:94:52
ValiditySun, 01 Oct 2023 21:03:03 GMT - Sat, 30 Dec 2023 21:03:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /px/heartbeat/v1?pv_uid=eb8c4057-55c8-4741-9f5b-997663dc06d5&t_op=5.771&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: https://ads.adxadserv.com
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:11 GMT
Content-Length: 0
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL GET HTTP/2 banquetunarmedgrater.com/advertisers.js
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:11 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: bb60a2d30496a86516813ca8196b3ea1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 30 Nov 2023 08:31:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNvLOhZAxUu3jfcM0lnvWlWsyGQOaBDepXyL%2BJj0c%2F%2FcB9tGpFP%2FMdwaRXhidfMO0qAY2Mk6vXS5%2Bug2u28W1TfrGQiyB%2FCkRUBn50BEC%2FM0qnpq%2BJHDNiRMTtMzCNes55EHCoc7iKk2dlo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb916ab756c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
adxadserv.com/px/heartbeat/v1?pv_uid=1b696a75-5b5d-4dfb-849e-fefb5920b57f&t_op=5.841&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384
0 B URL adxadserv.com/px/heartbeat/v1?pv_uid=1b696a75-5b5d-4dfb-849e-fefb5920b57f&t_op=5.841&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /px/heartbeat/v1?pv_uid=1b696a75-5b5d-4dfb-849e-fefb5920b57f&t_op=5.841&p_nn=adxad-rtb&fpid_sa=1701333070300&fpid=7f764ca52ae2755a2c3605a23365b379&feid_sa=1701333070300&sid_sa=1701333070300&feid=57cd61f703737c107aad9ff2980f216f&sid=35db56a8ae1aedc57074ab0469450c21&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www1.verhentai.top&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=48&dm=-1&dt=0&ed=0&sr=5497558139904&fb=10384 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: https://ads.adxadserv.com
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 30 Nov 2023 08:31:11 GMT
Content-Length: 0
Connection: keep-alive
divedresign.com/pixel/purst?dl=0&th=0&sc=0&rs=4310&rd=4310&fd=539&bv=23.11.v.8&tmpl=136
200 OK 0 B URL GET HTTP/1.1 divedresign.com/pixel/purst?dl=0&th=0&sc=0&rs=4310&rd=4310&fd=539&bv=23.11.v.8&tmpl=136
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerLet's Encrypt
Subjectdivedresign.com
FingerprintFD:4F:62:E6:DE:53:D1:B9:E0:A6:67:51:14:6D:2C:FE:3F:C1:0E:41
ValidityTue, 28 Nov 2023 08:17:41 GMT - Mon, 26 Feb 2024 08:17:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=4310&rd=4310&fd=539&bv=23.11.v.8&tmpl=136 HTTP/1.1
Host: divedresign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 08:31:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
scl6gc5l.site/api/data/analytics_ads
204 No Content 0 B URL OPTIONS HTTP/1.1 scl6gc5l.site/api/data/analytics_ads
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGlobalSign nv-sa
Subjectwww.scl6gc5l.site
FingerprintC4:63:2C:B2:9F:48:F2:11:12:9F:DB:A3:7E:39:90:6E:99:72:24:85
ValidityTue, 21 Nov 2023 19:15:40 GMT - Sun, 22 Dec 2024 19:15:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/data/analytics_ads HTTP/1.1
Host: scl6gc5l.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www1.verhentai.top/
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Nov 2023 08:31:15 GMT
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
scl6gc5l.site/api/data/analytics_ads
204 No Content 358 B URL OPTIONS HTTP/1.1 scl6gc5l.site/api/data/analytics_ads
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGlobalSign nv-sa
Subjectwww.scl6gc5l.site
FingerprintC4:63:2C:B2:9F:48:F2:11:12:9F:DB:A3:7E:39:90:6E:99:72:24:85
ValidityTue, 21 Nov 2023 19:15:40 GMT - Sun, 22 Dec 2024 19:15:39 GMT
File type JSON data\012- , ASCII text, with very long lines (358), with no line terminators
Hash fdb49411ebc98358599484d693b58198
2a16f3ae2e781b68c4d9003bd0e7b031238cf064
e6fe6c1ffe3219617385b94d8693aa608190ac1c175aac85164de62cb484f559
POST /api/data/analytics_ads HTTP/1.1
Host: scl6gc5l.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 158
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Nov 2023 08:31:15 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
a.exdynsrv.com/ad-provider.js
36 kB URL a.exdynsrv.com/ad-provider.js
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (32959)
Hash 9ff955ca46353fea7170ef48c97f1a8b
0a3a7b95a3e2cffa6519cad3697ae1256161c715
9099cc02934f5f44730c06d03fe4034562b7f6930efb46647da0c9de8d326d6b
GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/iframe.php?idzone=4852104&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:15 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"63c726807aba32aeffa5818c052"
accept-ch:
expires: Wed, 29 Nov 2023 17:58:38 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3tBUAAAwBuUwKAQH3CwAAAAwB1GY4nAH3AA4AAA
x-77-nzt-ray: af5856308b4a580953486865b2f3bd23
x-accel-expires: @1701338319
x-accel-date: 1701327519
x-77-cache: HIT
x-77-age: 9151
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 11, 5556
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
200 OK 58 kB URL GET HTTP/3 creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (45140)
Hash 4a1e862a348e6713dfcce18e9cda2f42
47bed78ef29844bec68da443a6b0add48936b61b
b3b83266dde6fa2870ddc1cc812233d8baa03727cd4d65733ed5ee7a4fbb4490
GET /widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-2b6c9"
expires: Thu, 30 Nov 2023 08:31:05 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb77ed465687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rEMAy8Si8Qo2dk73e/W2jpARKvQwPdpKTLsgUdvkoK68HyIKSZMQFxh9gxPAGfGE+oXjAVSEIJVfzl9c0F/da2YZkv7bMt12Fel695aem6fnsmptK7Ye5RvFgmJZeshCCOCK4mopA9oxZjzi7g7BAgZZGdJYCIQW7gH+/Px8UAeZTd3y0kg8P9WOsbErJiGy2PNjSqpjrZVEcIA90HfUjtfv5dfrZbquslGpklgqEaYr87MuXDAh7o9j1GYYpUccCP9jxtw6W5P+b+M7sdPkRO5WCRWGR/fAyRWlqlfposvlbrACKh2xSncz/+AUv4O8d0AQAA
20 B URL syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rEMAy8Si8Qo2dk73e/W2jpARKvQwPdpKTLsgUdvkoK68HyIKSZMQFxh9gxPAGfGE+oXjAVSEIJVfzl9c0F/da2YZkv7bMt12Fel695aem6fnsmptK7Ye5RvFgmJZeshCCOCK4mopA9oxZjzi7g7BAgZZGdJYCIQW7gH+/Px8UAeZTd3y0kg8P9WOsbErJiGy2PNjSqpjrZVEcIA90HfUjtfv5dfrZbquslGpklgqEaYr87MuXDAh7o9j1GYYpUccCP9jxtw6W5P+b+M7sdPkRO5WCRWGR/fAyRWlqlfposvlbrACKh2xSncz/+AUv4O8d0AQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PW2rEMAy8Si8Qo2dk73e/W2jpARKvQwPdpKTLsgUdvkoK68HyIKSZMQFxh9gxPAGfGE+oXjAVSEIJVfzl9c0F/da2YZkv7bMt12Fel695aem6fnsmptK7Ye5RvFgmJZeshCCOCK4mopA9oxZjzi7g7BAgZZGdJYCIQW7gH+/Px8UAeZTd3y0kg8P9WOsbErJiGy2PNjSqpjrZVEcIA90HfUjtfv5dfrZbquslGpklgqEaYr87MuXDAh7o9j1GYYpUccCP9jxtw6W5P+b+M7sdPkRO5WCRWGR/fAyRWlqlfposvlbrACKh2xSncz/+AUv4O8d0AQAA HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.exdynsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265684853b87cc0.117705044109641886%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:31:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.exdynsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22110.0199%22%7D; expires=Sat, 29 Nov 2025 08:31:15 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
b-hls-02.doppiocdn.com/hls/135319193/135319193_480p.m3u8
200 OK 310 B URL GET HTTP/3 b-hls-02.doppiocdn.com/hls/135319193/135319193_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Hash a921e2726e25eed3d6f29e082dd514cd
e1c85e820b0f6c07e19d45a8db07c853fc795718
e05bd9eb8b985d210e0a5afc6e58855e787f5749cc502bae33b8f6b639457d4b
GET /hls/135319193/135319193_480p.m3u8 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:19 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:18 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82e1bbc4ab760b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-17.doppiocdn.com/hls/126114747/126114747_480p.m3u8
200 OK 316 B URL GET HTTP/3 b-hls-17.doppiocdn.com/hls/126114747/126114747_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Hash 49f35d0c5084efc20fc9600ac91aa869
29cb8493cb8a5f9d690855af2555cf81ead8963d
c06d8648f0e232585f087a0be449a147a09cfa97107db33513a3bf04bce28bee
GET /hls/126114747/126114747_480p.m3u8 HTTP/1.1
Host: b-hls-17.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:26 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:25 GMT
x-proxy-cache: HIT
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82e1bbee5b650b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-03.doppiocdn.com/hls/23938902/23938902_480p.m3u8
200 OK 317 B URL GET HTTP/3 b-hls-03.doppiocdn.com/hls/23938902/23938902_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Hash 08f630634a5c750811968b16ebdbdd19
2f16ab72fa712bf58b44423d662a9cdb9ba45184
64dd2884a903f2f5c51ae418450e0f95ad9f96788974c5da801537dd385e7c1b
GET /hls/23938902/23938902_480p.m3u8 HTTP/1.1
Host: b-hls-03.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:15 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:13 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82e1bba75c750b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-02.doppiocdn.com/hls/135319193/135319193_480p.m3u8
200 OK 622 B URL GET HTTP/3 b-hls-02.doppiocdn.com/hls/135319193/135319193_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Hash 38f9be4a4decd8be5988243a7b2f0629
e2a7285089d62efded1f7ccdb21dcc2610c3fafb
91b859cd84f7d3e9e255272c6b6524717d413632ed0264509e59afc834e2310d
GET /hls/135319193/135319193_480p.m3u8 HTTP/1.1
Host: b-hls-02.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:15 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:14 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82e1bbac1e820b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
img.strpst.com/thumbs/1701333000/99309079_webp
404 Not Found 0 B URL GET HTTP/3 img.strpst.com/thumbs/1701333000/99309079_webp
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/1701333000/99309079_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
cf-cache-status: HIT
age: 58
server: cloudflare
cf-ray: 82e1bb76c9e45696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
netuplayer.top/cdn-cgi/trace
200 OK 270 B URL GET HTTP/3 netuplayer.top/cdn-cgi/trace
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type ASCII text, with no line terminators
Hash 992fcce686dc563a53f35bc3e1c95a03
e1e55abbca520d0e3c75b34c84d5cbbdc6c01fe4
087081b5b138e0324059cd6c9fc2a66101c167ca2181b44ba9855e7eacae9013
GET /cdn-cgi/trace HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Cookie: uid=LoVrYyIbzp9v-FCCrMKsmqlwk5riVsKl
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 82e1bb7d4a10b529-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
www1.verhentai.top/wp-json/dooplayer/v1/post/209?type=movie&source=1
200 OK 119 B URL GET HTTP/2 www1.verhentai.top/wp-json/dooplayer/v1/post/209?type=movie&source=1
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash acd25be571663dc166bc1afd6c29dd9d
231a6373b0794c834e1a9b5ba4e3c72026367d9f
d82426101478511324763e622c342e1e30e732ad96528706e38318d26a93e798
GET /wp-json/dooplayer/v1/post/209?type=movie&source=1 HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://www1.verhentai.top/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff, nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
vary: Accept-Encoding
x-varnish: 825725389 824224031
age: 451
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 4
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82e1bb6d3d0f56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
go.bbrdbr.com/api/models?tag=girls%2Fasian&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1
200 OK 1.6 kB URL GET HTTP/3 go.bbrdbr.com/api/models?tag=girls%2Fasian&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1752), with no line terminators
Hash a8571e7e5cdfbf3c2393554cc7802823
6fd14a08458b10d8cc7e34438e4f54cfecc6a157
4a3d1a30fc489b3e9536916f1f93b9538b5d1257d5aeb63cd0c469dfd434ef2d
GET /api/models?tag=girls%2Fasian&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Cookie: __cflb=0H28upDCGznfDm9XVDxnWfPhahVbGaKH8fUKVvfHA4L
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Thu, 30 Nov 2023 08:30:23 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 82e1bb7499a35687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
syndication.exdynsrv.com/v1/api.php
200 OK 6.1 kB URL POST HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.exdynsrv.com/iframe.php?idzone=4852104&size=300x250
Certificate IssuerLet's Encrypt
Subjectexdynsrv.com
Fingerprint8D:40:F0:75:CC:6E:55:85:E3:CD:04:C6:BF:F5:9F:81:74:ED:C3:24
ValidityThu, 05 Oct 2023 15:23:51 GMT - Wed, 03 Jan 2024 15:23:50 GMT
File type troff or preprocessor input, ASCII text, with very long lines (6622), with no line terminators
Hash 5591d298856c486d2f628aba5fca65c1
bfaaef9b1ae3c9bc0208bcd86944af854eb86718
31e5d0eab28b00109e4512b371347b89162c4641bdc288cd986f11bdecfac9da
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 313
Origin: https://a.exdynsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:31:15 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.exdynsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265684853b87cc0.117705044109641886%22%3B%7D; expires=Sat, 29-Nov-2025 08:31:15 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www1.verhentai.top/wp-includes/css/dist/block-library/style.min.css
200 OK 95 kB URL GET HTTP/2 www1.verhentai.top/wp-includes/css/dist/block-library/style.min.css
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 20 May 2023 16:53:55 GMT
etag: W/"6468fb23-1732d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
vary: Accept-Encoding
x-varnish: 616729644
age: 362425
via: 1.1 varnish (Varnish/6.0)
x-cache: MISS
x-cache-hits: 0
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb655c9d56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
na.nawpush.com/tags/124465?version_name=b
200 OK 1.2 kB URL GET HTTP/2 na.nawpush.com/tags/124465?version_name=b
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectna.nawpush.com
Fingerprint73:8E:D9:E1:D0:7F:5B:63:BD:6A:8D:47:8E:04:38:3F:5F:49:91:2B
ValidityWed, 29 Nov 2023 03:00:42 GMT - Tue, 27 Feb 2024 03:00:41 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1387), with no line terminators
Hash 88c2e9e14d6ab66f37480d612fd733f8
9aca525f1ce79793ce887c663a6557d9580b7e74
0a391696f251bda21c93e6d9be66eb7f99fb4b6514f887426a710eb0c4a84310
GET /tags/124465?version_name=b HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: application/json
content-length: 1225
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
go.bbrdbr.com/app/domain-checker/get-check
200 OK 127 B URL GET HTTP/3 go.bbrdbr.com/app/domain-checker/get-check
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 1ff1ecc0c24ed90edec4a71f0264ce2b
01984682c5d7eaac7c3e371b0afaea45397c1560
fef7a6b4423eac51dfab445a2b1a2a6321045200988804bdb269ca87337cfb8b
GET /app/domain-checker/get-check HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVDQoiPUVymMcUWj2DVppZhMfbaL; SameSite=None; Secure; path=/; expires=Fri, 01-Dec-23 08:31:07 GMT; HttpOnly
server: cloudflare
cf-ray: 82e1bb758a805687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
0 B URL GET duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
www1.verhentai.top/wp-content/uploads/2020/10/tsuma-no-haha-sayuri.jpg
200 OK 25 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2020/10/tsuma-no-haha-sayuri.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x460, components 3\012- data
Hash bd9dffa614383352a7aff6bce8142dc2
7758c7ac76ee1ddd2914a7c115121446f05da6f2
34fbfe179145d44802fba9ec9d125b8c5b70ab369c63f0715b915b275b1959dd
GET /wp-content/uploads/2020/10/tsuma-no-haha-sayuri.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: image/jpeg
content-length: 25446
last-modified: Thu, 08 Oct 2020 18:02:20 GMT
etag: "5f7f542c-6366"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 554976797 570233329
age: 524384
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 2
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb76cd2456c5-OSL
X-Firefox-Spdy: h2
b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
200 OK 698 B URL GET HTTP/3 b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (716), with no line terminators
Hash 14781a17b277deec93f094a8843deb71
1784c263f4ccdd823448632be93fd1b7acaa1f6c
d9b637c264d0759f1779c94a9101a2367ed39c867ff5758e9c1c60d6ebacc8fd
GET /hls/99309079/99309079.m3u8 HTTP/1.1
Host: b-hls-15.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:10 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:10 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82e1bb8a3b6b0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
s3t3d2y8.afcdn.net/library/823296/aa520187c967aaf733220f8707968b14669de852.webp
200 OK 4.7 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/823296/aa520187c967aaf733220f8707968b14669de852.webp
IP
ASN #60068 Datacamp Limited
Requested by https://a.exdynsrv.com/iframe.php?idzone=4852104&size=300x250
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 00e862e4b647a15079931d783a5311fd
aa520187c967aaf733220f8707968b14669de852
85f9950fceb2498b9f10bcfb708b3c160c3be93182139ec4090efda248ce92e4
GET /library/823296/aa520187c967aaf733220f8707968b14669de852.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:15 GMT
content-type: image/webp
content-length: 4706
last-modified: Mon, 24 Apr 2023 08:37:02 GMT
etag: "64463fae-1262"
expires: Tue, 23 Apr 2024 09:32:17 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3ePghAQ
x-77-nzt-ray: c0a4cc28c7ba8b0f53486865a9592532
x-accel-expires: @1713865563
x-accel-date: 1682329563
x-cache-lb: HIT
x-age-lb: 19003512
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 19003512
accept-ranges: bytes
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay-child/style.css
200 OK 631 B URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay-child/style.css
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (631), with no line terminators
Hash d4e3ecf4bf87621d72f6f5fa9a549c78
740fb4222ea469fa76b3b62770d77d4143556f87
86cf3f2087094dd245d0c739df3bc71696427f0aff54b60a3c5bd89f407c3a2f
GET /wp-content/themes/dooplay-child/style.css HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
age: 588791
cf-bgj: minify
cf-polished: origSize=1270
etag: W/"5f7b0f98-4f6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:20:40 GMT
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 10
x-varnish: 541259800 538410101
cache-control: max-age=14400
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb657cc956c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/uploads/2019/06/1DpL3yTf0a821QiLafIa97CSWsI-185x278.jpg
200 OK 9.3 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2019/06/1DpL3yTf0a821QiLafIa97CSWsI-185x278.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 5a64f9fc54ffbc1ab558a174ad30ee00
b7ad43d94e3c5116e5937ad87a31bf74a9235ea4
5143e49ef910490329897c96ce238d0038d161ad16e3a150d34cd8d40a15924f
GET /wp-content/uploads/2019/06/1DpL3yTf0a821QiLafIa97CSWsI-185x278.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: image/jpeg
content-length: 9299
last-modified: Fri, 20 Sep 2019 19:41:54 GMT
etag: "5d852b82-2453"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 617593077
age: 337707
via: 1.1 varnish (Varnish/6.0)
x-cache: MISS
x-cache-hits: 0
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6b3aeb56c5-OSL
X-Firefox-Spdy: h2
duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
0 B URL GET duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
2c83d2caf6.d067641e02.com/in/show/?tag_ab=b&site_id=31438070&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fwww1.verhentai.top%2Fonline%2Fnatsuyasumi%2F&refdom=www1.verhentai.top&auction_time=1701333068&subid=651956767&sid=2079352419&tcid=0&ver=8.120.0&ver_c=&spot_id=438070&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-30&iabcat=IAB25&keywords=hentai&user_fp=2903243637289063326&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D651956767%26spot_id%3D438070%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYbBm2QGTNDTAscOWbQaEHjhpkwLcLYEAOjxYwbOGaQOYgDho0ZNUQ4nCMmDRmFOraIsFEjRo4aNm5EFdHF4Rg3SHHQmOEwTJ0xGG_EoAEjBg4ZMnAwhSHjxo0aOcYKFVGUDMY0dMq0-RJjrkE7C23YoEHDhkM4dcQsrAFURlc4F3XIiAGXxlA4EnXQkAGDBg61DsvgofNlDmaMBvW8cVOGb43Cc8e0iVyjhowZMWB0JWNmYUO6btwsVGm2rWMRbdx4ZPhz7OHky2PcgOHTYZ2-OgbSsThHx4sXadzklWOGzRs5YVyYCe9GjPk2c8a7cPPmBR30Y9b8iNPjzh09ZOSgRQ1TwHFGDnnMRcYbbWDk3x0xuGAHQgSJF0YaLtCxUWxhZLYFblVlJAdYOsDgAnXS1eCQGL2V6MINM8yQQw6GiTAGHHvBMeJELnj2lkNy2BEZZaHd2KAOEf4oQh11pIGRDDnAMIMMW_10Q1pR_jSlDXOlEZkIcbkQZY8yuEAZDXPVEQZGTbyhRxpssBHGCzWcCAIKV4S34B1zgOAEFSDkduIOIOTpxmCE4oEoCEEiCUOdMKQAwhFl5FcfZ7mVVRYIRqQhRxlmvIHHC7lBGhuJIjjxxFznfTEGqqrOxQaqRTihYBl2fPEpGxPV4FZONvSkmwhynCGcZDXg8NtBuYohx0KfOcTsF228YZdkalEkAhlyvDGcQ28gZZmIoiaog4rEgooRGtvB0d13D0Y4oRwV0nFhhhu9sBob4ZXxghsdzlFHHmEI3EYaL8w1R5AYdWuvhnK0UIcbeLUAww0ujHQDqwsDhmwMMtgG403SonrQFxrPRceR0pUV4ww-4VBRGzJMNF0ML8fM1rgG6VqGaV90aLPLMcYcWq5hsIEQHUh9WEOIYYiR2bagesWGRIfNutCwYywHQx8KBAQ%253D%26s%3Dc94f372721ef6eb925267826d033529fde23887c8433a86e413a88ca0db3c2611701333068&icons=fwwyTAhr_jh6ceT99TMYkMhGw28xo6jHalif62_OKv5gzBAlUYKhxLYeYhMs56WJNPv8ey5eIXFegtGKNx85EHlEhaEcQ7eknl9ygraIoLYVhZpxeuJFCEb9Sgf3J5jcdcslfc_RLWo8DhoLkKjb0hFcMiJwcZQ3dUEhuaa1ZSLt1wfCew&ext_cid=0&pop_price=0.0014874999999999999&pop_ecpm=0.02900293356348363&px_id=438070&min_cpm=0.01666816350858704&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10882&uniq=&mid=7140182286502775914&skin_id=25&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2771675303578371&cpm=0&verify_hash=5ff946c2450d063b5401915602446aa5&is_native=3&real_bid=1.2771675303578371&pop_real_cpm=1.4875&pop_real_bid=0.0012771675303578371&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=129,130,108,0,4,5,27&need_redirect_show=0&applied_features=coef_099,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-5-c&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014874999999999999&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&mlc=1&st=0.06&cpa=5493f939-2edf-4668-9ea1-5bd4c3964827
200 OK 0 B URL GET HTTP/2 2c83d2caf6.d067641e02.com/in/show/?tag_ab=b&site_id=31438070&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fwww1.verhentai.top%2Fonline%2Fnatsuyasumi%2F&refdom=www1.verhentai.top&auction_time=1701333068&subid=651956767&sid=2079352419&tcid=0&ver=8.120.0&ver_c=&spot_id=438070&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-30&iabcat=IAB25&keywords=hentai&user_fp=2903243637289063326&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D651956767%26spot_id%3D438070%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYbBm2QGTNDTAscOWbQaEHjhpkwLcLYEAOjxYwbOGaQOYgDho0ZNUQ4nCMmDRmFOraIsFEjRo4aNm5EFdHF4Rg3SHHQmOEwTJ0xGG_EoAEjBg4ZMnAwhSHjxo0aOcYKFVGUDMY0dMq0-RJjrkE7C23YoEHDhkM4dcQsrAFURlc4F3XIiAGXxlA4EnXQkAGDBg61DsvgofNlDmaMBvW8cVOGb43Cc8e0iVyjhowZMWB0JWNmYUO6btwsVGm2rWMRbdx4ZPhz7OHky2PcgOHTYZ2-OgbSsThHx4sXadzklWOGzRs5YVyYCe9GjPk2c8a7cPPmBR30Y9b8iNPjzh09ZOSgRQ1TwHFGDnnMRcYbbWDk3x0xuGAHQgSJF0YaLtCxUWxhZLYFblVlJAdYOsDgAnXS1eCQGL2V6MINM8yQQw6GiTAGHHvBMeJELnj2lkNy2BEZZaHd2KAOEf4oQh11pIGRDDnAMIMMW_10Q1pR_jSlDXOlEZkIcbkQZY8yuEAZDXPVEQZGTbyhRxpssBHGCzWcCAIKV4S34B1zgOAEFSDkduIOIOTpxmCE4oEoCEEiCUOdMKQAwhFl5FcfZ7mVVRYIRqQhRxlmvIHHC7lBGhuJIjjxxFznfTEGqqrOxQaqRTihYBl2fPEpGxPV4FZONvSkmwhynCGcZDXg8NtBuYohx0KfOcTsF228YZdkalEkAhlyvDGcQ28gZZmIoiaog4rEgooRGtvB0d13D0Y4oRwV0nFhhhu9sBob4ZXxghsdzlFHHmEI3EYaL8w1R5AYdWuvhnK0UIcbeLUAww0ujHQDqwsDhmwMMtgG403SonrQFxrPRceR0pUV4ww-4VBRGzJMNF0ML8fM1rgG6VqGaV90aLPLMcYcWq5hsIEQHUh9WEOIYYiR2bagesWGRIfNutCwYywHQx8KBAQ%253D%26s%3Dc94f372721ef6eb925267826d033529fde23887c8433a86e413a88ca0db3c2611701333068&icons=fwwyTAhr_jh6ceT99TMYkMhGw28xo6jHalif62_OKv5gzBAlUYKhxLYeYhMs56WJNPv8ey5eIXFegtGKNx85EHlEhaEcQ7eknl9ygraIoLYVhZpxeuJFCEb9Sgf3J5jcdcslfc_RLWo8DhoLkKjb0hFcMiJwcZQ3dUEhuaa1ZSLt1wfCew&ext_cid=0&pop_price=0.0014874999999999999&pop_ecpm=0.02900293356348363&px_id=438070&min_cpm=0.01666816350858704&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10882&uniq=&mid=7140182286502775914&skin_id=25&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2771675303578371&cpm=0&verify_hash=5ff946c2450d063b5401915602446aa5&is_native=3&real_bid=1.2771675303578371&pop_real_cpm=1.4875&pop_real_bid=0.0012771675303578371&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=129,130,108,0,4,5,27&need_redirect_show=0&applied_features=coef_099,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-5-c&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014874999999999999&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&mlc=1&st=0.06&cpa=5493f939-2edf-4668-9ea1-5bd4c3964827
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectd067641e02.com
Fingerprint82:D8:77:53:52:1A:F5:03:AF:0D:FD:8F:C0:8C:9F:D8:4C:D9:01:F1
ValidityMon, 27 Nov 2023 03:21:50 GMT - Sun, 25 Feb 2024 03:21:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /in/show/?tag_ab=b&site_id=31438070&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fwww1.verhentai.top%2Fonline%2Fnatsuyasumi%2F&refdom=www1.verhentai.top&auction_time=1701333068&subid=651956767&sid=2079352419&tcid=0&ver=8.120.0&ver_c=&spot_id=438070&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-30&iabcat=IAB25&keywords=hentai&user_fp=2903243637289063326&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D651956767%26spot_id%3D438070%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww1.verhentai.top%252Fonline%252Fnatsuyasumi%252F%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYbBm2QGTNDTAscOWbQaEHjhpkwLcLYEAOjxYwbOGaQOYgDho0ZNUQ4nCMmDRmFOraIsFEjRo4aNm5EFdHF4Rg3SHHQmOEwTJ0xGG_EoAEjBg4ZMnAwhSHjxo0aOcYKFVGUDMY0dMq0-RJjrkE7C23YoEHDhkM4dcQsrAFURlc4F3XIiAGXxlA4EnXQkAGDBg61DsvgofNlDmaMBvW8cVOGb43Cc8e0iVyjhowZMWB0JWNmYUO6btwsVGm2rWMRbdx4ZPhz7OHky2PcgOHTYZ2-OgbSsThHx4sXadzklWOGzRs5YVyYCe9GjPk2c8a7cPPmBR30Y9b8iNPjzh09ZOSgRQ1TwHFGDnnMRcYbbWDk3x0xuGAHQgSJF0YaLtCxUWxhZLYFblVlJAdYOsDgAnXS1eCQGL2V6MINM8yQQw6GiTAGHHvBMeJELnj2lkNy2BEZZaHd2KAOEf4oQh11pIGRDDnAMIMMW_10Q1pR_jSlDXOlEZkIcbkQZY8yuEAZDXPVEQZGTbyhRxpssBHGCzWcCAIKV4S34B1zgOAEFSDkduIOIOTpxmCE4oEoCEEiCUOdMKQAwhFl5FcfZ7mVVRYIRqQhRxlmvIHHC7lBGhuJIjjxxFznfTEGqqrOxQaqRTihYBl2fPEpGxPV4FZONvSkmwhynCGcZDXg8NtBuYohx0KfOcTsF228YZdkalEkAhlyvDGcQ28gZZmIoiaog4rEgooRGtvB0d13D0Y4oRwV0nFhhhu9sBob4ZXxghsdzlFHHmEI3EYaL8w1R5AYdWuvhnK0UIcbeLUAww0ujHQDqwsDhmwMMtgG403SonrQFxrPRceR0pUV4ww-4VBRGzJMNF0ML8fM1rgG6VqGaV90aLPLMcYcWq5hsIEQHUh9WEOIYYiR2bagesWGRIfNutCwYywHQx8KBAQ%253D%26s%3Dc94f372721ef6eb925267826d033529fde23887c8433a86e413a88ca0db3c2611701333068&icons=fwwyTAhr_jh6ceT99TMYkMhGw28xo6jHalif62_OKv5gzBAlUYKhxLYeYhMs56WJNPv8ey5eIXFegtGKNx85EHlEhaEcQ7eknl9ygraIoLYVhZpxeuJFCEb9Sgf3J5jcdcslfc_RLWo8DhoLkKjb0hFcMiJwcZQ3dUEhuaa1ZSLt1wfCew&ext_cid=0&pop_price=0.0014874999999999999&pop_ecpm=0.02900293356348363&px_id=438070&min_cpm=0.01666816350858704&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10882&uniq=&mid=7140182286502775914&skin_id=25&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2771675303578371&cpm=0&verify_hash=5ff946c2450d063b5401915602446aa5&is_native=3&real_bid=1.2771675303578371&pop_real_cpm=1.4875&pop_real_bid=0.0012771675303578371&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=129,130,108,0,4,5,27&need_redirect_show=0&applied_features=coef_099,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-5-c&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014874999999999999&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&mlc=1&st=0.06&cpa=5493f939-2edf-4668-9ea1-5bd4c3964827 HTTP/1.1
Host: 2c83d2caf6.d067641e02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 08:31:08 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
www1.verhentai.top/online/natsuyasumi/
200 OK 115 kB URL User Request GET HTTP/2 www1.verhentai.top/online/natsuyasumi/
IP
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
Size 115 kB (115093 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /online/natsuyasumi/ HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: text/html; charset=UTF-8
link: <https://www1.verhentai.top/wp-json/>; rel="https://api.w.org/", <https://www1.verhentai.top/?p=209>; rel=shortlink
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
vary: Accept-Encoding
x-varnish: 815028997 820753544
age: 7
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 4
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82e1bb626a0e56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
netuplayer.top/js/script_33.10.js?16
200 OK 7.0 kB URL GET HTTP/3 netuplayer.top/js/script_33.10.js?16
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (7101), with no line terminators
Hash 32e16f45a036927c198ef05879a785ec
b551aff286616dccba9b624a73eff430538a76ed
bdcbe7674526ab9b68258d86dca84c3c9259c0c60016a47b1adf84e08dea32cc
GET /js/script_33.10.js?16 HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Cookie: uid=LoVrYyIbzp9v-FCCrMKsmqlwk5riVsKl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 07 Oct 2023 10:41:14 GMT
etag: W/"652135ca-1b3c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 344482
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHJ9fp0eIYd9QIOCs12fPrqdrLmKQTXWVLKOKQc41NyW5GKJQyzqd3rSdrrWXBkqGgVNsXi%2FNjyTKu5%2FsNvG%2BdKz86o%2BjkOF59NAJrU9zkNAtcOmRVabUvEIsEFqWbZhCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7d19d9b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
200 OK 698 B URL GET HTTP/3 b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (716), with no line terminators
Hash 421e7187cf2fbcce046423261b5b9cc1
a329e3a3e0e6a521b8297bab240c53b539c654d7
5e16b559728b67ad36f5ea228c46529adfb6682defa0e39db7c8dd9c82e53f97
GET /hls/99309079/99309079.m3u8 HTTP/1.1
Host: b-hls-15.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:08 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82e1bb7e1b7c0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
sadjklq.com/netu.php
200 OK 1.2 kB IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectsadjklq.com
Fingerprint72:69:F9:BF:D9:20:23:59:4D:E4:C9:75:C9:BA:4F:D7:3D:E8:70:27
ValidityWed, 22 Nov 2023 23:37:41 GMT - Tue, 20 Feb 2024 23:37:40 GMT
File type ASCII text, with very long lines (1189), with no line terminators
Hash 13b0a09aa5b291f7dd6fc0ba8f31f5be
d04d79218633faf8299456a1737362dd87d0f439
ae6e57169c43ef9ac33d4cd95f5dbb87a38496cdcc5f0fae101679bcfe2841dd
GET /netu.php HTTP/1.1
Host: sadjklq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCf2zMTXPoPG6sqSiMC5%2BnpQUVVGAQyJonEqQ%2F%2BjUgp0li8v1YzY1DgNl%2FyruZzsfJXCg6ZtbPfyQUcqZr1g6XvUxd3dglHrx2DnKBJEcP0b9SIpgsWMeKLVw1qnww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7dfbac5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay/assets/css/front.icons.css
200 OK 5.8 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/css/front.icons.css
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (6175), with no line terminators
Hash d57967cfe4ba44196e881e558081dabb
81881da30e24614e5fc49c165fd65077e4f83a7c
68d04fd330b847c8001c5217d944c2833f56ba2677b0e3702408e36a59dc031d
GET /wp-content/themes/dooplay/assets/css/front.icons.css HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
age: 354119
cf-bgj: minify
cf-polished: origSize=7509
etag: W/"5f7b0dc4-1d55"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 1
x-varnish: 623449236 619126329
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb656ca356c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
200 OK 698 B URL GET HTTP/3 b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (716), with no line terminators
Hash cb38752bc2bd723f099796fb25bd7adb
7aadcff1283433a72c77807d5ce07f4325622638
6f72e10fbe5dc48a7d19365b4b459d3b41c1a58b87d009c7b5a3495a93b68030
GET /hls/99309079/99309079.m3u8 HTTP/1.1
Host: b-hls-15.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:16 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:16 GMT
x-proxy-cache: HIT
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82e1bbafb80a0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
banneradsday.com/300250.js
200 OK 2.8 kB URL GET HTTP/2 banneradsday.com/300250.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGlobalSign nv-sa
Subjectwww.banneradsday.com
Fingerprint64:D2:4F:B0:7F:50:0C:A1:68:6C:40:78:6F:4F:C0:05:B7:2D:89:CF
ValidityTue, 16 May 2023 05:24:22 GMT - Sun, 16 Jun 2024 05:24:21 GMT
File type ASCII text, with very long lines (2780), with no line terminators
Hash d6465465e20c468f394afc189e3ba774
f573e3fd5c6dafb0eb311a794f4f3cf02156ebcc
e22e808275507484f22318f7a772e74333b02c456b87af511abe7d6bca2fa493
GET /300250.js HTTP/1.1
Host: banneradsday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 08:31:15 GMT
content-type: application/javascript
last-modified: Tue, 06 Apr 2021 10:40:04 GMT
vary: Accept-Encoding
etag: W/"606c3a84-adc"
expires: Sun, 14 Jan 2024 08:31:15 GMT
cache-control: max-age=3888000
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:53 GMT
expires: Thu, 28 Nov 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 39252
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
edge-hls.doppiocdn.com/hls/135319193/master/135319193_480p.m3u8
200 OK 227 B URL GET HTTP/2 edge-hls.doppiocdn.com/hls/135319193/master/135319193_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with no line terminators
Hash 7f40b41aea8e1141d1ae24e5ce146e1e
92a8b25e12eb4bc1f3bc9bba141ad92872a3bfca
79628ba0ffa759de04dd401e505d47847cfb9eb0a115f2092519049a898aca23
GET /hls/135319193/master/135319193_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:30:59 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
server: cloudflare
cf-ray: 82e1bb79092d56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
netuplayer.top/js/adv/fuckadblock.js?2
200 OK 14 kB URL GET HTTP/3 netuplayer.top/js/adv/fuckadblock.js?2
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type ASCII text, with CRLF line terminators
Hash 626be86ed51eef8b8b4038b6dcb8fcb2
229b2c503c8a0acc4bb1b423c895fc30330a0723
7e5965a6eb681ef5f8a59dacd6e8c8263dcbbb512e441e532fee942a90c4c7ea
GET /js/adv/fuckadblock.js?2 HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
etag: W/"5d656ab8-369e"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 690341
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BfOug7kbRY3JTCoHJmeldQtklGwGU1Ir0UYtMl9BcnxOPLK7ZEa4DIGq09lRDa%2Bm6WzYov5NCBYeBGqgV%2F2fXY1SfHRTV99OJfzeuJ6u9f2%2F9G%2Fq0TLSlc8U%2FAgCNh63Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7a6f8bb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www1.verhentai.top/wp-content/uploads/2019/09/vNoWpn2aosCAU7Rowg5rSC3qn3d.jpg
200 OK 71 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2019/09/vNoWpn2aosCAU7Rowg5rSC3qn3d.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x704, components 3\012- data
Hash 54dd88acd40718464881393cf4dfa32c
96ef5a7422568ef5831bb7b2e9857c961126a9f5
8cc8075765e226f0db881bbec0940fa59046a255812cf585fc47c089e2ce17a0
GET /wp-content/uploads/2019/09/vNoWpn2aosCAU7Rowg5rSC3qn3d.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: image/jpeg
content-length: 71291
last-modified: Fri, 20 Sep 2019 20:37:30 GMT
etag: "5d85388a-1167b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 588796083
age: 439000
via: 1.1 varnish (Varnish/6.0)
x-cache: MISS
x-cache-hits: 0
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6efea056c5-OSL
X-Firefox-Spdy: h2
adtrace.online/tag
0 B IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tag HTTP/1.1
Host: adtrace.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
www1.verhentai.top/wp-includes/js/jquery/jquery.min.js
200 OK 90 kB URL GET HTTP/2 www1.verhentai.top/wp-includes/js/jquery/jquery.min.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
last-modified: Sun, 19 Mar 2023 15:40:56 GMT
etag: W/"64172d08-15e54"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
vary: Accept-Encoding
x-varnish: 683222615
age: 178813
via: 1.1 varnish (Varnish/6.0)
x-cache: MISS
x-cache-hits: 0
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb657cca56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 40629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/uploads/2019/06/Shoujo-Ramune-1.jpg
200 OK 102 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2019/06/Shoujo-Ramune-1.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 715x1000, components 3\012- data
Size 102 kB (102407 bytes)
Hash c6d85a94d2dd45fbb426083b359d9969
3cdb7e0f604bba7b082898c86c40f5d7bf2ca249
32e0c1560e0126b96a54b3bd004f02a20e4d08d76f9c942b91da7e4014d39d1d
GET /wp-content/uploads/2019/06/Shoujo-Ramune-1.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: image/jpeg
content-length: 102407
last-modified: Fri, 20 Sep 2019 19:07:06 GMT
etag: "5d85235a-19007"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 547979940 543509103
age: 585967
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 26
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6cbc8156c5-OSL
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0FqqIj1pbKL5Lx0ZGygwPQ1aJZ_D7cbAsbdA9MddIqapWqpzt2Kdy90xXQb6iBEzz59zA2Jw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-922468632%3A1701333068354559&theme=glif
403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0FqqIj1pbKL5Lx0ZGygwPQ1aJZ_D7cbAsbdA9MddIqapWqpzt2Kdy90xXQb6iBEzz59zA2Jw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-922468632%3A1701333068354559&theme=glif
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0FqqIj1pbKL5Lx0ZGygwPQ1aJZ_D7cbAsbdA9MddIqapWqpzt2Kdy90xXQb6iBEzz59zA2Jw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-922468632%3A1701333068354559&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 30 Nov 2023 08:31:08 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-8WmcwwILlkLX4IWt7pHRyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www1.verhentai.top/wp-content/themes/dooplay/assets/css/front.owl.css
200 OK 2.3 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/css/front.owl.css
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (2348), with no line terminators
Hash 3b0ac121b5e438e22b81dac4cbb1f95c
c11d31c809c602bbc75e8d7dc3c4e53d4975379c
7984c9485e0ef86ed3ef0c55d335c20f2723296f14f0e8cb10045f1ea4a96d8f
GET /wp-content/themes/dooplay/assets/css/front.owl.css HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
age: 520216
cf-bgj: minify
cf-polished: origSize=3016
etag: W/"5f7b0dc4-bc8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 3
x-varnish: 562049866 568727984
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb655ca156c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
200 OK 698 B URL GET HTTP/3 b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (716), with no line terminators
Hash a30d20321b442049209a717f8e405f32
f4f663a04efb3f734a6ee6dfeeed9a20f2c9b218
98bd532a4a626423d7c0f383213c444e59e1bcf218925563de26ccb238e02a30
GET /hls/99309079/99309079.m3u8 HTTP/1.1
Host: b-hls-15.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:12 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:12 GMT
x-proxy-cache: HIT
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82e1bb96ba910b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/isrepeater.js
200 OK 10 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/isrepeater.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (10378), with no line terminators
Hash 0bccff8f02880baafd48961d53038ea2
72a437314e1253f95ae4a2f85a9442549b6a7392
03707775d9c6e9b395e13f048e19d552c2117c0a9e9df9cead454250349b6d4d
GET /wp-content/themes/dooplay/assets/js/lib/isrepeater.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
age: 524412
cf-bgj: minify
cf-polished: origSize=10380
etag: W/"5f7b0dc4-288c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 2
x-varnish: 565387303 570231853
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb657cda56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
www1.verhentai.top/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 11 kB URL GET HTTP/2 www1.verhentai.top/wp-includes/js/jquery/jquery-migrate.min.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
last-modified: Fri, 01 Oct 2021 10:18:18 GMT
etag: W/"6156e06a-2bd8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 544655454 544129809
age: 588791
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 11
cache-control: max-age=14400
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb657ccb56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay/assets/js/min/front.scripts.js
200 OK 4.1 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/js/min/front.scripts.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (4388), with no line terminators
Hash f0c11efec448995485e0ae5f617d7e2c
6c23cc35b93a7966e31e012aa17ed8962bbecdca
0305917883e3250d879ef707d68b2922945ed32ca18d403c1a94bc602f6a63aa
GET /wp-content/themes/dooplay/assets/js/min/front.scripts.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
age: 588791
cf-bgj: minify
cf-polished: origSize=7075
etag: W/"62603c33-1ba3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 20 Apr 2022 17:00:35 GMT
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 78
x-varnish: 544655464 542815717
cache-control: max-age=14400
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb65cd2756c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
edge-hls.doppiocdn.com/hls/135319193/master/135319193_480p.m3u8
200 OK 227 B URL GET HTTP/2 edge-hls.doppiocdn.com/hls/135319193/master/135319193_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with no line terminators
Hash 7f40b41aea8e1141d1ae24e5ce146e1e
92a8b25e12eb4bc1f3bc9bba141ad92872a3bfca
79628ba0ffa759de04dd401e505d47847cfb9eb0a115f2092519049a898aca23
GET /hls/135319193/master/135319193_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:30:59 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
server: cloudflare
cf-ray: 82e1bb79496a56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
a.exdynsrv.com/build-iframe-js-url.js?idzone=4852104
200 OK 761 B URL GET HTTP/2 a.exdynsrv.com/build-iframe-js-url.js?idzone=4852104
IP
ASN #60068 Datacamp Limited
Requested by https://a.exdynsrv.com/iframe.php?idzone=4852104&size=300x250
Certificate IssuerLet's Encrypt
Subject1852405956.rsc.cdn77.org
Fingerprint70:E7:66:FF:72:DA:77:1C:94:EB:B3:1E:35:41:9B:99:60:39:0D:EF
ValidityMon, 23 Oct 2023 10:06:24 GMT - Sun, 21 Jan 2024 10:06:23 GMT
File type ASCII text, with very long lines (786), with no line terminators
Hash b8d4c28e3669d403776af79f305f5d21
e760079de12e6fa9d7bdd39c84f2c70eab0d0532
3a78d4efc371543a336c02003aad4e4db52ad9801422bfe92891e0061b3f3e5e
GET /build-iframe-js-url.js?idzone=4852104 HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/iframe.php?idzone=4852104&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:15 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"1b61bb217f07cc39c41a6250fc0"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 29 Nov 2023 18:58:42 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH34BQAAAwBuUwKAQH30ycAAAwB1GY4nAH3fAAAAA
x-77-nzt-ray: af5856308b4a5809534868655fc88223
x-accel-expires: @1701338343
x-accel-date: 1701327731
x-77-cache: HIT
x-77-age: 15663
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 10195, 5344
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/mcsbscrollbar.js
200 OK 39 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/mcsbscrollbar.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (38606), with no line terminators
Hash dfd05556f6dd25a901f07243fc0921a5
cb64d0445d44671f73488ec3a4dd5c2bf81f14af
43a8aeb106db48020a09288416fec675fca2fd7fceda275a26bc7adca98832bf
GET /wp-content/themes/dooplay/assets/js/lib/mcsbscrollbar.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
age: 533925
cf-bgj: minify
cf-polished: origSize=38615
etag: W/"5f7b0dc4-96d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: MISS
x-cache-hits: 0
x-varnish: 566266181
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb657ccf56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/uploads/2019/06/xbWpcuM529DZglBi4VApxkuWlaF.jpg
200 OK 66 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2019/06/xbWpcuM529DZglBi4VApxkuWlaF.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x750, components 3\012- data
Hash 6f3e7dc5b71fc64f2c5da05fc8508b4a
05e9b01f6659ff30a511aa4fe249cea83b0504f3
d36d64b25214fdd90d28f5205932dbcfb6e33a66db24c5e0c4214b9d2477ac22
GET /wp-content/uploads/2019/06/xbWpcuM529DZglBi4VApxkuWlaF.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: image/jpeg
content-length: 65787
last-modified: Fri, 20 Sep 2019 19:11:50 GMT
etag: "5d852476-100fb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 570006528 568928574
age: 499757
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 2
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6cbc7a56c5-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu&display=swap
200 OK 1.9 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Ubuntu&display=swap
IP
Requested by https://ads.adxadserv.com/ad?spotid=5f6f78cf61d6e26c9f742e1f&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069429&screen=1280x1024&tags=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (1920), with no line terminators
Hash bac8c0acfd05e532050648a2118aa2dd
c3a585733918dae1a7ab58f740622055560c0770
154dd3054e01133ab38a433b6b9c06a1c01bde95f19f1a9c28c94d9e938f003c
GET /css?family=Ubuntu&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.adxadserv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 30 Nov 2023 08:31:05 GMT
date: Thu, 30 Nov 2023 08:31:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.css
200 OK 13 kB URL GET HTTP/3 creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.css
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (13396), with no line terminators
Hash d55b785d72863fbb8425a36b7d675ec2
546cda15b6fb2a67ce1f102dc82eefb6f749f9c3
a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7
GET /widgets/v4/Universal/main.672e6e87c69b0c60653e.css HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: text/css
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-3454"
expires: Thu, 30 Nov 2023 08:31:07 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 2
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb71deef5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
netuplayer.top/js/embed.232.js?736
200 OK 174 kB URL GET HTTP/3 netuplayer.top/js/embed.232.js?736
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
Size 174 kB (173807 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/embed.232.js?736 HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 18 Nov 2023 19:14:49 GMT
etag: W/"65590d29-2a6ef"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 611234
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpB4ReVCq6Bwf%2Bpg3Ujl%2BcnRWkIskdJiIBY7p0Arp4XjXgLCIS6M74aLWrm3QIecIG6xl2mnEpZKjJC6a6yVo9%2B2W1Vv9%2FF%2F9rjH%2FH1KNNKGTYrNJYnUq4LZUVX5%2FRiorA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7a4f6eb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www1.verhentai.top/wp-content/themes/dooplay/assets/css/colors.dark.css
200 OK 39 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/css/colors.dark.css
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (39419), with no line terminators
Hash 305bb69b887f12c00d46dcfcb028aa4c
de6b45b3b57e8f616410f1ce3e30489b291ed1d9
763e0de4ca16b7ad07e5f8a2b072e9e89ef2fc700d94fd3895f0dd5154bad7f5
GET /wp-content/themes/dooplay/assets/css/colors.dark.css HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
age: 524412
cf-bgj: minify
cf-polished: origSize=50084
etag: W/"5f7b0dc4-c3a4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 2
x-varnish: 552724071 562737505
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb657cc656c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/uploads/2019/06/Gaki-ni-Modotte-Yarinaoshi-jav-live-action-1.jpg
200 OK 63 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2019/06/Gaki-ni-Modotte-Yarinaoshi-jav-live-action-1.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 380x536, components 3\012- data
Hash 53b727f5f5324cce23eb2ff64a8d1760
c9b97decf0367039340c53dc38770f90243c6a8f
7a7de2f19d354d4a7187428df516601a13d36ac9402166bc985310d5130f4465
GET /wp-content/uploads/2019/06/Gaki-ni-Modotte-Yarinaoshi-jav-live-action-1.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: image/jpeg
content-length: 62810
last-modified: Fri, 20 Sep 2019 20:02:04 GMT
etag: "5d85303c-f55a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 544881143 543080865
age: 585967
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 19
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6cbc8256c5-OSL
X-Firefox-Spdy: h2
netuplayer.top/js/video.jquery_plugs/modernizr.js?12
200 OK 1.2 kB URL GET HTTP/3 netuplayer.top/js/video.jquery_plugs/modernizr.js?12
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type ASCII text, with very long lines (1245), with no line terminators
Hash 8daca638b6ea732f6375341d2dfe9811
73369521d8d8b5a3bbc30c158b2e9ca6ba37b9d1
23ae5f08dc1f05ecdb72298c9cf2eaf5670f088356903bec72f39520389dc0ba
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 690341
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8ehHxHXYRJlbIMnmeJhR%2FuUzqLlZWHm6RT2UCLFOj1exbqpFtlBYlYapTG8xefJWek2GckWtRXf2nSMnUf3HB%2BzxlsTLQdZ4nOSEbpa9Png5wJk0yT3i6ib7Dx5e0FzIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7a3f66b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-24.doppiocdn.com/hls/85253216/85253216_480p.m3u8
403 Forbidden 146 B URL GET HTTP/2 b-hls-24.doppiocdn.com/hls/85253216/85253216_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash bcfacc6f2d2ee7cd5e014be08612f93e
7bb6f49a83b5186d5f8598e852bfbeee102d8a4d
ef1a3d1af87d9d441ef37f001f2ffb6900ef0a7a4884a5ef165bc2b09e224b38
GET /hls/85253216/85253216_480p.m3u8 HTTP/1.1
Host: b-hls-24.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
x-proxy-cache: MISS
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82e1bb7acac856b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
netuplayer.top/styles/global/embed_player.3.css?130
200 OK 5.9 kB URL GET HTTP/3 netuplayer.top/styles/global/embed_player.3.css?130
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type ASCII text, with very long lines (6369), with no line terminators
Hash bc995c4e34d124e4f1330abec4dc9176
3fdcc0a0237651e355f041a96172a6197dcb4e20
9f4a684b3812d61066c54737adb2be3a628d76ac32978f224fce028ad0c6eb92
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
etag: W/"5fd14cc5-1701"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 184306
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rGpxgb20XYI1zPE6nHJm1gsW1ZIcNhaxctUyBAfF22Ev1%2FqPbTTpbxaBAI5IsZEq%2FExVeFahHaOpoUFdHxFlu0RaS%2B4BtM3EmT9UFJY1kLmYCvXzxh3QCmQyQdsDzpyng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7a3f64b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
netuplayer.top/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=34911068
200 OK 2 B URL GET HTTP/3 netuplayer.top/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=34911068
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=34911068 HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Cookie: uid=LoVrYyIbzp9v-FCCrMKsmqlwk5riVsKl
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
x-inferno-location: banner
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQ8RbKQHtqxXTyC%2Bb%2Ff29MfaVQmdsZ49BjFSRvJRL3gyOBdaWh8FLHGutjixYyfEvjmniYn7yjtKMiy%2B2iIO3JOHz1F9DJa7qt46FgQCXrkvktXMREOQKiq%2BgYe3%2BKj3vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7deac1b529-OSL
alt-svc: h3=":443"; ma=86400
static.adxadserv.com/css/wm.css
200 OK 1.8 kB URL GET HTTP/2 static.adxadserv.com/css/wm.css
IP
ASN #60068 Datacamp Limited
Requested by https://ads.adxadserv.com/ad?spotid=5f6f78cf61d6e26c9f742e1f&type=300x100&output=html&extra1=0&ref=https%3A//www1.verhentai.top/online/natsuyasumi/&dt=1701333069429&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subject1585977359.rsc.cdn77.org
Fingerprint11:4C:DC:15:D3:66:0C:E4:77:6D:B8:F8:DE:49:6F:09:2A:C9:1F:CB
ValidityWed, 22 Nov 2023 23:05:55 GMT - Tue, 20 Feb 2024 23:05:54 GMT
File type ASCII text, with very long lines (1915), with no line terminators
Hash d4346927d6aac350b4c21eb2146d3851
81e08f3ed0fd1356c393506b4cca25fb02fe12ec
6cdd250d29106d2dd229d4c9021b3368bce3eabbac49c3153b608036ca82f5b2
GET /css/wm.css HTTP/1.1
Host: static.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 03 Aug 2020 09:41:06 GMT
etag: W/"5f27dbb2-711"
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3JY8GAA
x-77-nzt-ray: c0a4cc2841c5757f494868658ca60f2a
x-accel-expires: @1701939865
x-accel-date: 1700903204
x-cache-lb: HIT
x-age-lb: 429861
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 429861
content-encoding: gzip
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/uploads/2019/09/Gaki-ni-Modotte-Yarinaoshi.jpg
200 OK 31 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2019/09/Gaki-ni-Modotte-Yarinaoshi.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 297x525, components 3\012- data
Hash 2007453b2652550d57494e46845551d3
4138518f63dfcc40776ec8d5e2b3612de26cac9a
3204b79a36e8baf38395c1715fe73bb65871c44d7b1a5f752a959c3cfd8bdacb
GET /wp-content/uploads/2019/09/Gaki-ni-Modotte-Yarinaoshi.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: image/jpeg
content-length: 30930
last-modified: Sat, 21 Sep 2019 17:26:58 GMT
etag: "5d865d62-78d2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 546281252 546805813
age: 585967
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 22
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6cbc7656c5-OSL
X-Firefox-Spdy: h2
storage.multstorage.com/log/count.html
200 OK 882 B URL GET HTTP/2 storage.multstorage.com/log/count.html
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGoogle Trust Services LLC
Subjectmultstorage.com
Fingerprint1F:90:8C:BB:6B:B0:99:41:3A:23:DF:A4:57:1A:25:0F:88:BA:C6:DE
ValidityMon, 20 Nov 2023 10:07:51 GMT - Sun, 18 Feb 2024 10:07:50 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (919), with no line terminators
Hash 053b1fe641da8057571d40ebaf1624ab
09b2648b7d08c84621298f0b939cea5170a65022
6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: c8afc1181ef877c72acb828fe05a0a1b
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XT6FqYqQmlnWNYokTvnfXzEqMRGDQSb1YvjbeNf7d9RV6TWs7F7Sk0nx%2FAJmh7KveeI8smu5SFEZ8XO9PqR8dYZmm7a3oN9pgAUCa2OZ4XN0Sp6FTp2c0jz691%2FXv%2B3%2Fn9R5gO403UXEjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb75cb0fb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
edge-hls.doppiocdn.com/hls/135319193/master/135319193_480p.m3u8
200 OK 227 B URL GET HTTP/2 edge-hls.doppiocdn.com/hls/135319193/master/135319193_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with no line terminators
Hash 7f40b41aea8e1141d1ae24e5ce146e1e
92a8b25e12eb4bc1f3bc9bba141ad92872a3bfca
79628ba0ffa759de04dd401e505d47847cfb9eb0a115f2092519049a898aca23
GET /hls/135319193/master/135319193_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:30:59 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
server: cloudflare
cf-ray: 82e1bb79597256b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.bbrdbr.com/api/models?tag=girls&forceClient=1&stripcashR=0&limit=4&usePreroll&webp=1
200 OK 6.2 kB URL GET HTTP/3 go.bbrdbr.com/api/models?tag=girls&forceClient=1&stripcashR=0&limit=4&usePreroll&webp=1
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (6712), with no line terminators
Hash 27d125dc58adc09cad561b405185b522
25b95cb2ff904ae664fb30931fb04ccc4bb39711
ffd7f78b25ea1727adaf4a46a45891023e4c8e5f7e0ac4bc54a27512a059f96a
GET /api/models?tag=girls&forceClient=1&stripcashR=0&limit=4&usePreroll&webp=1 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Cookie: __cflb=0H28upDCGznfDm9XVDxnWfPhahVbGaKH8fUKVvfHA4L
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Thu, 30 Nov 2023 01:01:09 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 82e1bb7b99855687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/starstruck.js
200 OK 1.3 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/starstruck.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (1375), with no line terminators
Hash 46ff4fa42bd55103a506dd15024fb395
4a7ad708a5a0605706ff19a6717b15e4c65a4b76
ff8fb69f56bed05370f7502799050096cc6fb02c6a9cb6465467d95f6458800c
GET /wp-content/themes/dooplay/assets/js/lib/starstruck.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
age: 524412
cf-bgj: minify
cf-polished: origSize=1311
etag: W/"5f7b0dc4-51f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 2
x-varnish: 565387305 567610693
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb65bd1856c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
0ffdaa4778.5a9b74f2cd.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzY3NDkyMjI1OTc3OTA5MjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjkzLjEiLCJ0YWdfaWQiOjEyNDQ2NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoxLjc2LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiIlRTIlOTYlQjclMkNOYXRzdXlhc3VtaSVFMyU4MCU5MDAzJTJGMDMlRTMlODAlOTElRTMlODAlOTBZQU9JJUUzJTgwJTkxJUUzJTgwJTkwSEQlRTIlOTYlQjdTVUIlMkNFU1BBJUMzJTkxT0wlRTMlODAlOTElMkNWZXJIZW50YWkuVG9wJTJDRGlzZnJ1dGElMkNkZSUyQyVFMiU5RSVBNCVFMiU5QyU4NSUyQ05hdHN1eWFzdW1pJTJDU0lOJTJDQ0VOU1VSQSUyQ09ubGluZSUyQ0hEJTJDU3ViJTJDRXNwYSVDMyVCMW9sJTJDRGVzY2FyZ2ElMkNOYXRzdXlhc3VtaSUyQ3ZlcnNpJUMzJUIzbiUyQ0JEJTJDTUVHQSUyQ01FRElBRklSRSUyQ0RSSVZFJTJDJUUyJTlDJTg1In0=
200 OK 0 B URL GET HTTP/2 0ffdaa4778.5a9b74f2cd.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzY3NDkyMjI1OTc3OTA5MjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjkzLjEiLCJ0YWdfaWQiOjEyNDQ2NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoxLjc2LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiIlRTIlOTYlQjclMkNOYXRzdXlhc3VtaSVFMyU4MCU5MDAzJTJGMDMlRTMlODAlOTElRTMlODAlOTBZQU9JJUUzJTgwJTkxJUUzJTgwJTkwSEQlRTIlOTYlQjdTVUIlMkNFU1BBJUMzJTkxT0wlRTMlODAlOTElMkNWZXJIZW50YWkuVG9wJTJDRGlzZnJ1dGElMkNkZSUyQyVFMiU5RSVBNCVFMiU5QyU4NSUyQ05hdHN1eWFzdW1pJTJDU0lOJTJDQ0VOU1VSQSUyQ09ubGluZSUyQ0hEJTJDU3ViJTJDRXNwYSVDMyVCMW9sJTJDRGVzY2FyZ2ElMkNOYXRzdXlhc3VtaSUyQ3ZlcnNpJUMzJUIzbiUyQ0JEJTJDTUVHQSUyQ01FRElBRklSRSUyQ0RSSVZFJTJDJUUyJTlDJTg1In0=
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subject0ffdaa4778.5a9b74f2cd.com
Fingerprint90:E9:83:77:72:A8:22:87:32:E3:89:9B:85:7E:05:7C:D8:4C:01:1B
ValidityMon, 27 Nov 2023 02:50:36 GMT - Sun, 25 Feb 2024 02:50:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzY3NDkyMjI1OTc3OTA5MjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjkzLjEiLCJ0YWdfaWQiOjEyNDQ2NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoxLjc2LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiIlRTIlOTYlQjclMkNOYXRzdXlhc3VtaSVFMyU4MCU5MDAzJTJGMDMlRTMlODAlOTElRTMlODAlOTBZQU9JJUUzJTgwJTkxJUUzJTgwJTkwSEQlRTIlOTYlQjdTVUIlMkNFU1BBJUMzJTkxT0wlRTMlODAlOTElMkNWZXJIZW50YWkuVG9wJTJDRGlzZnJ1dGElMkNkZSUyQyVFMiU5RSVBNCVFMiU5QyU4NSUyQ05hdHN1eWFzdW1pJTJDU0lOJTJDQ0VOU1VSQSUyQ09ubGluZSUyQ0hEJTJDU3ViJTJDRXNwYSVDMyVCMW9sJTJDRGVzY2FyZ2ElMkNOYXRzdXlhc3VtaSUyQ3ZlcnNpJUMzJUIzbiUyQ0JEJTJDTUVHQSUyQ01FRElBRklSRSUyQ0RSSVZFJTJDJUUyJTlDJTg1In0= HTTP/1.1
Host: 0ffdaa4778.5a9b74f2cd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
netuplayer.top/js/websocket_ip.min.js
200 OK 4.6 kB URL GET HTTP/3 netuplayer.top/js/websocket_ip.min.js
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type ASCII text, with very long lines (4798), with no line terminators
Hash 7c354bd309d3152f26fd4c61b1f7eb2b
2dc50304cfaecb57148a5001827f8e0b19acb9ca
f88d924353140c3c8cbfd2ce7f128539408029907fadeaa0f5cb81c4fde1e1e8
GET /js/websocket_ip.min.js HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
etag: W/"63ca9ac4-121c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 602644
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=549p9%2Bice2BySf46YgASSZ6TtIfcmB6eYej4eEMO8JfSKUq772nWiRF3RoiRkFO%2BJVcPCYzfGlFJYcFWLCQO%2BRJb%2BSiDVHgTqPLmaEMmKlQ8ynMa61R3wsf7KNZ8lbptUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7a3f60b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
200 OK 698 B URL GET HTTP/3 b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (716), with no line terminators
Hash 0baceb4d340308e2a3c317a0557a4d72
4e385f46bee4503b7a1e38ad3c48ac9252d75bcd
25c31415c03bed31be7faf378bca072d0d6fd85014c7ae015237212162465622
GET /hls/99309079/99309079.m3u8 HTTP/1.1
Host: b-hls-15.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:14 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:14 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bba33a230b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.bbrdbr.com/config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%3Ftag%3Dgirls%2Fasian%26thumbsMargin%3D0%26gridRows%3D1%26gridColumns%3D1%26sourceId%3D300asrsasgirlwlcop%26creativeId%3D300asrsasgirlwlcop%26responsive%3D0%26hideButton%3D1%26hideTitle%3D1%26userId%3D2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d%26autoplay%3Dall%26autoplayForce%3D1%26showModal%3Dsignup%26memberId%3D%7Bclickid%7D
200 OK 6.8 kB URL GET HTTP/3 go.bbrdbr.com/config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%3Ftag%3Dgirls%2Fasian%26thumbsMargin%3D0%26gridRows%3D1%26gridColumns%3D1%26sourceId%3D300asrsasgirlwlcop%26creativeId%3D300asrsasgirlwlcop%26responsive%3D0%26hideButton%3D1%26hideTitle%3D1%26userId%3D2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d%26autoplay%3Dall%26autoplayForce%3D1%26showModal%3Dsignup%26memberId%3D%7Bclickid%7D
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (8856), with no line terminators
Hash d713489f9a53bb8f7f73154b3c58ce3c
87420dfc5596b624341f2cf1871246c8e0276958
15733a9647407819b4575fa98e972068d26ecb8b6db7254f5be3a20302861bc7
GET /config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%3Ftag%3Dgirls%2Fasian%26thumbsMargin%3D0%26gridRows%3D1%26gridColumns%3D1%26sourceId%3D300asrsasgirlwlcop%26creativeId%3D300asrsasgirlwlcop%26responsive%3D0%26hideButton%3D1%26hideTitle%3D1%26userId%3D2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d%26autoplay%3Dall%26autoplayForce%3D1%26showModal%3Dsignup%26memberId%3D%7Bclickid%7D HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Thu, 30 Nov 2023 08:12:08 GMT
cf-cache-status: HIT
age: 15
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb73184d5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.bbrdbr.com/app/domain-checker/get-check
200 OK 128 B URL GET HTTP/3 go.bbrdbr.com/app/domain-checker/get-check
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 375899a9fe08ea252633b995de326464
ee50f84f00e8192e2e91500f7bc5b4706e0f3a89
409ae3b86f85b0f49ce3e252bbb9c8c7053099a86e313ef9e3f4e1c63ccf329f
GET /app/domain-checker/get-check HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtr4BTSnpWHamtv7KmdXQxYwXQL9J; SameSite=None; Secure; path=/; expires=Fri, 01-Dec-23 08:31:07 GMT; HttpOnly
server: cloudflare
cf-ray: 82e1bb74b9bb5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 07:29:35 GMT
expires: Fri, 29 Nov 2024 07:29:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 3690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
barelydresstraitor.com/sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=809599a3-7ad9-4622-be08-13245aad91d3%3A1%3A1
200 OK 0 B URL GET HTTP/1.1 barelydresstraitor.com/sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=809599a3-7ad9-4622-be08-13245aad91d3%3A1%3A1
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerLet's Encrypt
Subjectbarelydresstraitor.com
Fingerprint25:97:2B:38:9D:41:66:EF:F8:3D:E9:6C:15:38:E1:4F:3F:37:6E:81
ValidityTue, 28 Nov 2023 10:39:06 GMT - Mon, 26 Feb 2024 10:39:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=809599a3-7ad9-4622-be08-13245aad91d3%3A1%3A1 HTTP/1.1
Host: barelydresstraitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://netuplayer.top
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 08:31:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://netuplayer.top
Access-Control-Allow-Origin: https://netuplayer.top
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17334947; expires=Fri, 01 Dec 2023 08:31:11 GMT; secure; SameSite=None
uid_id2=809599a3-7ad9-4622-be08-13245aad91d3:1:1; expires=Thu, 07 Dec 2023 08:31:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 899b38370915b3218415e8798a41ceb4
Strict-Transport-Security: max-age=0; includeSubdomains
verhentai.top/wp-content/uploads/2020/08/isekai-harem-monogatari.jpg
301 Moved Permanently 40 kB URL GET HTTP/2 verhentai.top/wp-content/uploads/2020/08/isekai-harem-monogatari.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2020/08/isekai-harem-monogatari.jpg HTTP/1.1
Host: verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 08:31:06 GMT
location: https://www1.verhentai.top/wp-content/uploads/2020/08/isekai-harem-monogatari.jpg
cache-control: max-age=3600
expires: Thu, 30 Nov 2023 09:31:06 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6e9c14b523-OSL
X-Firefox-Spdy: h2
netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
200 OK 152 kB URL GET HTTP/2 netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
Size 152 kB (151738 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09 HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//netuplayer.top>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
pragma: no-cache
x-origin-location: player
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfX3X%2BncGeiFcgZsURZXP5na84stnX2rMTm9%2FR%2BifMf%2Bps%2FWU1LI3W1ZEVFIkHhormbk9sPdCq6KW%2BE8qGGqz%2BSjDLigQH3Zhy%2BceYSMCVb1k6w%2BfP8ypvBo1dKJK8HrOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb774fa656cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:oMxoatomj2zk78Q8rJZyHo2bHYws:YhmhEW10UrmE70Fw; Expires=Sat, 29-Nov-2025 08:31:08 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 30 Nov 2023 08:31:08 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3hA4wrzZXBttixLlaf5xu88np7qWJCGKtaVgRYmAiEgMUPW62fRKZYhCJpdEJB94l_zJ5-
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-HRZ5CmtXx-P3PQ3iWVPqMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
netuplayer.top/player/get_player_image.php
200 OK 58 kB URL POST HTTP/3 netuplayer.top/player/get_player_image.php
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type JSON data\012- , ASCII text, with very long lines (57738), with no line terminators
Hash 8e6ac705c33274a852e404de3ad038af
36f38ad386b6b045614ad4c3a69aa606f488ac94
2d024ff9fd568256593d176486442a84669f061c9ea1209cfb0a968277686c9e
POST /player/get_player_image.php HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 73
Origin: https://netuplayer.top
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Cookie: uid=LoVrYyIbzp9v-FCCrMKsmqlwk5riVsKl
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/json
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
pragma: no-cache
x-image-colors-src: 0
x-file-located: temp, filename:../files/temp/video_images/e/x/1573163968szmxe-1.jpg
x-clickarr-add-e: 1
x-image-size: 81449
x-image-colors: 0
x-img-cr: j
x-origin-location: get_image
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-inferno-location: player
x-inferno-limit-req: PASSED
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xcKKUXVasdijj0AXPXkHNKgT2cOx%2FKcjfrgLc%2BXAgxicQXdj6V%2FlviaeyGv8ctTlrVjs2Pge7bribdJNL8iLZIthd%2FtnSPXv5S%2FwkbEgOf36xTfU0XV2%2B3KGshZv3tf0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb7d9a62b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
edge-hls.doppiocdn.com/hls/23938902/master/23938902_480p.m3u8
200 OK 225 B URL GET HTTP/3 edge-hls.doppiocdn.com/hls/23938902/master/23938902_480p.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with no line terminators
Hash 22abac91c7c46674634c4fe3000f04e4
e4fd3ec5761d46bec2afbd05c379615f18520969
4fef6e6b46003fe85204d22f3fa49bcaf92cd54bd83eb62b2567df948ebcab20
GET /hls/23938902/master/23938902_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:09 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:07 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
set-cookie: __cflb=02DiuDqTDHWLb7zSddG9z9dnCh3o3hTZUCjQmGu6ckaDa; SameSite=None; Secure; path=/; expires=Fri, 01-Dec-23 08:31:09 GMT; HttpOnly
server: cloudflare
cf-ray: 82e1bb817d860b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/blueimp.js
200 OK 33 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/blueimp.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (32911), with no line terminators
Hash df227d844611aaf7e07cef315ebf02df
c30e558c123879a3390269cdaec040d5d2382c74
f6876ee3d48d70c2ab7b2399e6b7a1b617d7f0b4c47a4efad06654f9d6322cec
GET /wp-content/themes/dooplay/assets/js/lib/blueimp.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
age: 434191
cf-bgj: minify
cf-polished: origSize=32964
etag: W/"5f7b0dc4-80c4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 1
x-varnish: 592170434 596477947
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb658ce356c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
edge-hls.doppiocdn.com/hls/99309079/master/99309079.m3u8
200 OK 222 B URL GET HTTP/3 edge-hls.doppiocdn.com/hls/99309079/master/99309079.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with no line terminators
Hash 38ce799878f3518cc8bb99a5c51d1175
9cb9e1a68b67f80c1c0e3bc3ee3346f153fb62ef
7a1f1e26f1876ca39c4fd21a7871a8737f2190541e13a240a237ac22f73b96b6
GET /hls/99309079/master/99309079.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:08 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
set-cookie: __cflb=02DiuDqTDHWLb7zSddG9z9dnCh3o3hTZUBzbF5LSzUujA; SameSite=None; Secure; path=/; expires=Fri, 01-Dec-23 08:31:08 GMT; HttpOnly
server: cloudflare
cf-ray: 82e1bb7d2b130b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www1.verhentai.top/wp-content/plugins/lazy-load-optimizer/assets/frontend/js/lazysizes.min.js
200 OK 7.2 kB URL GET HTTP/2 www1.verhentai.top/wp-content/plugins/lazy-load-optimizer/assets/frontend/js/lazysizes.min.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (7416), with no line terminators
Hash 83bd4cf2623c043314fbe1ea20336adf
a71c473d37bc4bf3374292abff4f354e250116e8
61c0b35a845eb13c24d6a3a3d81b94b263cb385d840015fc7c8f6d40d31af050
GET /wp-content/plugins/lazy-load-optimizer/assets/frontend/js/lazysizes.min.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
last-modified: Mon, 18 Jan 2021 15:58:00 GMT
etag: W/"6005b008-1c43"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
vary: Accept-Encoding
x-varnish: 658287467
age: 269507
via: 1.1 varnish (Varnish/6.0)
x-cache: MISS
x-cache-hits: 0
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb65cd2e56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/jquery@2.2.4/dist/jquery.min.js
200 OK 86 kB URL GET HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01HG7A5H86SEST4VJG58SVVY7Z-arn
cf-cache-status: HIT
age: 280470
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82e1bb7a8f31568d-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
200 OK 30 kB URL GET HTTP/2 unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (29325)
Hash 013916ab61482481d8de9742a0f95bee
546bb742502faa36f8c2bb954c2f028187660404
73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01HFTT9KCTZ41V3VWBXBAR6DX1-arn
cf-cache-status: HIT
age: 699766
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82e1bb7a8f2a568d-OSL
content-encoding: br
X-Firefox-Spdy: h2
nereserv.com/in/dip?site=native-push&wl=1&event_id=21ecaf69-0ded-4ef8-ac39-5c69b8c62a19&subid=651956767&sid=2079352419&spot_id=438070&created_at=2023-11-30&timezone=0&ver=8.120.0&is_native=1
200 OK 0 B URL GET HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=21ecaf69-0ded-4ef8-ac39-5c69b8c62a19&subid=651956767&sid=2079352419&spot_id=438070&created_at=2023-11-30&timezone=0&ver=8.120.0&is_native=1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint0D:7A:7C:53:DB:15:35:28:E9:E6:2B:90:43:BB:EF:E5:AB:BE:DA:E3
ValidityThu, 09 Nov 2023 09:29:43 GMT - Wed, 07 Feb 2024 09:29:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=21ecaf69-0ded-4ef8-ac39-5c69b8c62a19&subid=651956767&sid=2079352419&spot_id=438070&created_at=2023-11-30&timezone=0&ver=8.120.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.verhentai.top
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 08:31:07 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
netuplayer.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 1.2 kB URL GET HTTP/3 netuplayer.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectnetuplayer.top
Fingerprint94:31:97:89:3A:15:C9:EF:07:48:1B:89:1E:11:67:20:05:13:D1:E0
ValidityFri, 13 Oct 2023 08:56:58 GMT - Thu, 11 Jan 2024 08:56:57 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: netuplayer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 12:56:30 GMT
etag: W/"656491fe-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gDvlBTf46UmfDDfobNokXQmmD9cB0c4SXRZ6%2BNyEhJ2LeySpsxDZFZ3I6lhRO2LrQAKT89o0ukQcJxUMk5QA98KACKSmkxiKSaOHUg1%2FSLm6LWO6gQbwPbhAb%2BtljWhZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7a3f62b529-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 02 Dec 2023 08:31:07 GMT
cache-control: max-age=172800, public
content-encoding: gzip
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
200 OK 3.1 kB URL GET HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3441), with no line terminators
Hash c70a657c6ff1764a238929b6e46fb8e4
e2a8eb96b388abf14690ea14fe4af3f600296235
466840a5176a0d6bd70e2d5ade5928ad656ca6b9cd3040a241e33478c63f5813
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:07 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01HFXFQD761P7QTCC22CPCK305-arn
cf-cache-status: HIT
age: 610186
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82e1bb7a8f2c568d-OSL
content-encoding: br
X-Firefox-Spdy: h2
videocdnmetrika.com/f.php?sid=212040
200 OK 0 B URL GET HTTP/2 videocdnmetrika.com/f.php?sid=212040
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerGoogle Trust Services LLC
Subjectvideocdnmetrika.com
Fingerprint65:C2:6F:7C:ED:59:22:15:7F:47:FD:32:BD:2B:DB:FB:34:68:26:E6
ValiditySun, 26 Nov 2023 13:44:21 GMT - Sat, 24 Feb 2024 13:44:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212040 HTTP/1.1
Host: videocdnmetrika.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwSGam46SuTXeZbSycoS0Q1NpDavaQB6jBQ8bAVjOAr6PFf5Q6RJ2ziFgL%2BKnDL0XkAa8phHC5s%2FefzgLZyeS%2F9BXgm3StUTn3G800O64WSkNsavwwTTJ6tp2ougAk0v2dW5MW8D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1bb80daa6b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&st=0.06&cpa=e7b03907-2e1a-46fb-8b77-8cce7bf7d360
200 OK 590 B URL GET HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&st=0.06&cpa=e7b03907-2e1a-46fb-8b77-8cce7bf7d360
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectbookmsg.com
Fingerprint84:FF:B2:EC:22:57:12:AF:98:D1:21:28:6D:29:74:88:74:C2:08:C4
ValiditySat, 11 Nov 2023 01:54:54 GMT - Fri, 09 Feb 2024 01:54:53 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=compact2-view-b_r-body&mlf=1&st=0.06&cpa=e7b03907-2e1a-46fb-8b77-8cce7bf7d360 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 08:31:09 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/owlcarousel.js
200 OK 24 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/js/lib/owlcarousel.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type ASCII text, with very long lines (12985)
Hash e20ca9bbf3596b9e173e2cfd8d78dbdc
5b4864511215a3dec6ab647b204ba216e02b58b8
54e9c6e5d30ad2b1002cd5b8f049302f9db5df342508b83d76e4355041f33630
GET /wp-content/themes/dooplay/assets/js/lib/owlcarousel.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
age: 440132
cf-bgj: minify
cf-polished: origSize=23938
etag: W/"5f7b0dc4-5d82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: MISS
x-cache-hits: 0
x-varnish: 591998559
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb657cd256c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.exdynsrv.com/iframe.js?idzone=4852104&size=300x250
200 OK 2.2 kB URL GET HTTP/2 a.exdynsrv.com/iframe.js?idzone=4852104&size=300x250
IP
ASN #60068 Datacamp Limited
Requested by https://a.exdynsrv.com/iframe.php?idzone=4852104&size=300x250
Certificate IssuerLet's Encrypt
Subject1852405956.rsc.cdn77.org
Fingerprint70:E7:66:FF:72:DA:77:1C:94:EB:B3:1E:35:41:9B:99:60:39:0D:EF
ValidityMon, 23 Oct 2023 10:06:24 GMT - Sun, 21 Jan 2024 10:06:23 GMT
File type ASCII text, with very long lines (2310), with no line terminators
Hash 2bd5e63eecbeb50e3b07cf0e8671ebf6
dcaff512e25360dbab93a26046f53cf986aa6685
0e3ca3ecbbc30498db2ca0653228340feee55baec1e1018b3692c5c9bf1c15f0
GET /iframe.js?idzone=4852104&size=300x250 HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.exdynsrv.com/iframe.php?idzone=4852104&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:15 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"f3aa93440b8c8d0bf73f6108236"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 29 Nov 2023 18:58:44 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: A7lMCRQ3Nzf/3xQAALlMCgk3Nzf/1CcAANRmOAE3Nzf/egAAAA
x-77-nzt-ray: af5856308b4a580953486865327d1826
x-accel-expires: @1701338343
x-accel-date: 1701327732
x-77-cache: HIT
x-77-age: 15661
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 10196, 5343
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
a.realsrv.com/ad-provider.js
200 OK 122 kB URL GET HTTP/2 a.realsrv.com/ad-provider.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint33:54:4D:F8:0E:E4:00:D3:20:90:CA:61:C8:CC:4D:D5:CB:BB:83:57
ValidityThu, 05 Oct 2023 15:34:07 GMT - Wed, 03 Jan 2024 15:34:06 GMT
File type ASCII text, with very long lines (32959)
Size 122 kB (122118 bytes)
Hash d49a008c1ebc345a45c82d3568b74a57
a3a4ec9261ccc398f73e0a7ae180432d955f8f5f
16c49ebd0602f212c42aa872a47149de690000186578416857ce78c95b46fb3e
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"a3a4ec9261ccc398f73e0a7ae18"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 29 Nov 2023 18:53:19 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EgwBeX8tUAH3rxUAAAwB1GY4CQH3LAEAAA
x-77-nzt-ray: c1fb981995592501484868651c28e927
x-accel-expires: @1701338313
x-accel-date: 1701327513
x-77-cache: HIT
x-77-age: 5851
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT
x-age-lb: 5551
x-77-pop: copenhagenDK
X-Firefox-Spdy: h2
www1.verhentai.top/wp-content/themes/dooplay/assets/js/min/front.livesearch.js
200 OK 4.8 kB URL GET HTTP/2 www1.verhentai.top/wp-content/themes/dooplay/assets/js/min/front.livesearch.js
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type HTML document, ASCII text, with very long lines (5060), with no line terminators
Hash 8dedff28d4273cf5cde0aee5164698e2
fb6a4d18749690441c4becde6df43bad7aa43a16
47406d68bdfbd352cda76cf715984ecedf12b29c6f6782e3778c67f42e52a5f9
GET /wp-content/themes/dooplay/assets/js/min/front.livesearch.js HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
age: 545281
cf-bgj: minify
cf-polished: origSize=4761
etag: W/"5f7b0dc4-1299"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 05 Oct 2020 12:12:52 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 2
x-varnish: 556046762 554707926
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82e1bb65cd2c56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.m.js
200 OK 166 kB URL GET HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintAC:C2:DC:B6:95:8A:52:42:68:CB:0F:19:3F:56:A9:E9:1F:E6:04:8C
ValiditySun, 12 Nov 2023 03:01:15 GMT - Sat, 10 Feb 2024 03:01:14 GMT
Size 166 kB (166101 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.verhentai.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 28 Nov 2023 12:01:41 GMT
etag: W/"6565d6a5-288d5"
content-encoding: gzip
expires: Thu, 30 Nov 2023 08:36:05 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1701333000/126114747_webp
404 Not Found 0 B URL GET HTTP/3 img.strpst.com/thumbs/1701333000/126114747_webp
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/1701333000/126114747_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 30 Nov 2023 08:31:08 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
cf-cache-status: HIT
age: 72
server: cloudflare
cf-ray: 82e1bb7cf82b5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
698 B URL GET b-hls-15.doppiocdn.com/hls/99309079/99309079.m3u8
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (716), with no line terminators
Hash 414c25319d1e4e0146e04b41ac29657e
4f454734d66c290d9710fa6f09a09662410af101
cd89165074880d3a4d6cd188efb6e1d674749aa968e9d08f30340b1579d07a1d
GET /hls/99309079/99309079.m3u8 HTTP/1.1
Host: b-hls-15.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:20 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 08:31:20 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 82e1bbc8cd720b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www1.verhentai.top/wp-content/uploads/2019/06/Toshi-densetsu-Series.jpg
200 OK 34 kB URL GET HTTP/2 www1.verhentai.top/wp-content/uploads/2019/06/Toshi-densetsu-Series.jpg
IP
Requested by https://www1.verhentai.top/online/natsuyasumi/
Certificate IssuerLet's Encrypt
Subjectverhentai.top
Fingerprint57:39:0D:1A:08:0C:07:86:AD:55:2E:8D:C9:A3:94:B7:DA:36:35:82
ValidityWed, 15 Nov 2023 11:25:04 GMT - Tue, 13 Feb 2024 11:25:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 357x500, components 3\012- data
Hash 04291cb208bc99811ea81683ed7cc4e5
8731f6513b6043cec444112a963d2d342adab3bb
85d586324a20caf45fb721f110221bd82eefd1339dbaaae2b9f09d9d8cd3a939
GET /wp-content/uploads/2019/06/Toshi-densetsu-Series.jpg HTTP/1.1
Host: www1.verhentai.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.verhentai.top/online/natsuyasumi/
DNT: 1
Connection: keep-alive
Cookie: _ga_0NJH4KSC7E=GS1.1.1701333069.1.0.1701333069.0.0.0; _ga=GA1.1.1531691751.1701333070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: image/jpeg
content-length: 34423
last-modified: Fri, 20 Sep 2019 18:52:32 GMT
etag: "5d851ff0-8677"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
x-varnish: 683951214
age: 167185
via: 1.1 varnish (Varnish/6.0)
x-cache: MISS
x-cache-hits: 0
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb6f0ea656c5-OSL
X-Firefox-Spdy: h2
creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
200 OK 811 B URL GET HTTP/2 creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
IP
Requested by https://r.trackwilltrk.com/s1/e766d629-8aa2-4f64-800f-7458117d07a9?externalId=055d618d-7c3e-4089-a400-0fd830b90de9&cv1=055d618d-7c3e-4089-a400-0fd830b90de9&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d833161d6e27cf559bde1&cv5=623d831361d6e2739a0c4ca4&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f756f61d6e26c9f742e1d&cv10=exim_adxad_stub1_300x250_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (872), with no line terminators
Hash c72e056cd01671e0e53e1be37e5b29ec
44d2211f84a922401458d095aa595a3320040c96
5609d268dd4d7959a25a6a7f3c8ec2c1c4f93f54819a1623dfc4bc46bb0084e0
GET /widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid} HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: text/html
last-modified: Thu, 23 Nov 2023 14:37:17 GMT
expires: Thu, 30 Nov 2023 08:31:10 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
age: 4
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7038d50b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
200 OK 811 B URL GET HTTP/2 creative.bbrdbr.com/widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}
IP
Requested by https://r.trackwilltrk.com/s1/e766d629-8aa2-4f64-800f-7458117d07a9?externalId=82507f88-09ca-4b33-9b51-43b4f8ae8a3f&cv1=82507f88-09ca-4b33-9b51-43b4f8ae8a3f&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=623d833161d6e27cf559bde1&cv5=623d831361d6e2739a0c4ca4&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=5f6f756561d6e250352ccfa0&cv10=exim_adxad_stub1_300x250_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (872), with no line terminators
Hash c72e056cd01671e0e53e1be37e5b29ec
44d2211f84a922401458d095aa595a3320040c96
5609d268dd4d7959a25a6a7f3c8ec2c1c4f93f54819a1623dfc4bc46bb0084e0
GET /widgets/v4/Universal?tag=girls/asian&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300asrsasgirlwlcop&creativeId=300asrsasgirlwlcop&responsive=0&hideButton=1&hideTitle=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid} HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: text/html
last-modified: Thu, 23 Nov 2023 14:37:17 GMT
expires: Thu, 30 Nov 2023 08:31:10 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
age: 4
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7038d60b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.bbrdbr.com/config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26autoplay%3Dall%26autoplayForce%3D1%26buttonColor%3D%26campaignId%3D100cps2asgirl%26creativeId%3D100cps2asgirl%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%26memberId%3D%257Bclickid%257D%26showButton%3D1%26showLiveBadge%3D1%26showModal%3Dsignup%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26sourceId%3D100cps2asgirl%26tag%3Dgirls%252Fasian%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Debe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
200 OK 6.8 kB URL GET HTTP/3 go.bbrdbr.com/config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26autoplay%3Dall%26autoplayForce%3D1%26buttonColor%3D%26campaignId%3D100cps2asgirl%26creativeId%3D100cps2asgirl%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%26memberId%3D%257Bclickid%257D%26showButton%3D1%26showLiveBadge%3D1%26showModal%3Dsignup%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26sourceId%3D100cps2asgirl%26tag%3Dgirls%252Fasian%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Debe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2asgirl&creativeId=100cps2asgirl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=0&sound=off&sourceId=100cps2asgirl&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (8856), with no line terminators
Hash 80174cf2c9f485b01dcf430016d880ca
c6516b543eae3a5da48fd8f1af12213137eea8e3
0f00401cc732ddbb9f5f8817ad8159151401989a5377431c96c6b2321e9e4732
GET /config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26autoplay%3Dall%26autoplayForce%3D1%26buttonColor%3D%26campaignId%3D100cps2asgirl%26creativeId%3D100cps2asgirl%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26isXhDesign%3D0%26liveBadgeColor%3D%26memberId%3D%257Bclickid%257D%26showButton%3D1%26showLiveBadge%3D1%26showModal%3Dsignup%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26sourceId%3D100cps2asgirl%26tag%3Dgirls%252Fasian%26targetDomain%3D%26thumbSizeKey%3Dsmall%26trackOff%3D1%26userId%3Debe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:06 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Thu, 30 Nov 2023 07:22:39 GMT
cf-cache-status: HIT
age: 16
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb7489885687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-03.doppiocdn.com/hls/23938902/23938902_480p_init_JBkVZZbP0XZUtdSi.mp4
200 OK 1.2 kB URL GET HTTP/3 b-hls-03.doppiocdn.com/hls/23938902/23938902_480p_init_JBkVZZbP0XZUtdSi.mp4
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal/?action=sbSignupWithModel&actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=100cps2girl&creativeId=100cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=100cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v5 \012- data
Hash 98d2e04da508ad29d3a9bcd8c3853d76
b946d289e1dd9a3da41363ee6269cc9ebee966e3
f18560a67880487cc1d4ebefda6cdf0faaba470a9dcd8e03d76d284aaaccd36a
GET /hls/23938902/23938902_480p_init_JBkVZZbP0XZUtdSi.mp4 HTTP/1.1
Host: b-hls-03.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:09 GMT
content-type: video/mp4
content-length: 1217
last-modified: Thu, 30 Nov 2023 08:03:12 GMT
etag: "656841c0-4c1"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 43
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb822de30b4d-OSL
alt-svc: h3=":443"; ma=86400
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/3 friendshipmale.com/sfp.js
IP
Requested by https://netuplayer.top/player/embed_player.php?vid=cmVKOGxZN3lQK2xmMVVZOEU5UnpEZz09
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netuplayer.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:31:11 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: bc1725eae3e8888d44a0147a820cc348
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 30 Nov 2023 08:31:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTU8fKqaie%2BwnVYMNVlDz19mnAehdtamk%2FdCxZfBuh4C2w2qWYi9F8H414qJr%2F6mx9vyEXI%2BaoiDJ2X%2FzhCFpPHAJ9hVmiQwgVKiVq7wmQnkThGdm3%2FD9rEdnXNnAC%2BfTqx4AX4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1bb902a6f56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
172.67.142.61
188.114.96.1
88.198.200.22
185.76.9.25
0.0.0.0
185.98.53.2
121.127.45.82
37.140.192.137
45.131.145.132
0.0.0.0