vjav.com/videos/181898/japanese-mom-seduce-daugther-s-teacher/
172.64.195.7301 Moved Permanently 0 B URL HTTP/1.1 vjav.com/videos/181898/japanese-mom-seduce-daugther-s-teacher/
IP 172.64.195.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /videos/181898/japanese-mom-seduce-daugther-s-teacher/ HTTP/1.1
Host: vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 22:39:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 07 Dec 2022 23:39:17 GMT
Location: https://vjav.com/videos/181898/japanese-mom-seduce-daugther-s-teacher/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FchyCIybUTyNVNgs7uCkyclpq9Ea%2Bfkz1ERE3w6rmNthQIgFLhFEhov7d8HC%2BEWVdMtCbSJl%2B40WwsmBuIsqjB0YInz6Es7MQwtt85Z28hJaEqlNXw80ODTl7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7760c1a6690a71c3-LHR
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3072
Expires: Wed, 07 Dec 2022 23:30:29 GMT
Date: Wed, 07 Dec 2022 22:39:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13980
Expires: Thu, 08 Dec 2022 02:32:17 GMT
Date: Wed, 07 Dec 2022 22:39:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 22:08:06 GMT
content-type: application/json
age: 1871
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4733
Expires: Wed, 07 Dec 2022 23:58:10 GMT
Date: Wed, 07 Dec 2022 22:39:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nDCW8+Xj0j/NLJ6jInfUgQ+gPGH3evvUEPeMYDwLHzxSoigUDvv2K0+b8GccagA/qqILdfMRWng=
x-amz-request-id: HDXTREQK2VWNX3ZX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 21:49:31 GMT
age: 2986
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9e6a74a2a22cfaf154ae65df06937459
f432fe03848486ad5a64e724108a812cc7bff28c
8b9da47c56e86b616248f874b9620d4e505e1ae61de9ad941589cfc9eaa17955
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2180
Cache-Control: max-age=128402
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 22:39:17 GMT
Etag: "63906023-116"
Expires: Fri, 09 Dec 2022 10:19:19 GMT
Last-Modified: Wed, 07 Dec 2022 09:42:59 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 22:39:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9e6a74a2a22cfaf154ae65df06937459
f432fe03848486ad5a64e724108a812cc7bff28c
8b9da47c56e86b616248f874b9620d4e505e1ae61de9ad941589cfc9eaa17955
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2181
Cache-Control: max-age=128402
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 22:39:18 GMT
Etag: "63906023-116"
Expires: Fri, 09 Dec 2022 10:19:20 GMT
Last-Modified: Wed, 07 Dec 2022 09:42:59 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 22:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 22:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-MW9PQ3
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MW9PQ3
IP 142.250.74.168:0
File type ASCII text, with very long lines (2219)
Hash d079fedafb2c9bbaaea3f6470638e1ed
0d9113f8f90fe14cab6a525065bd8646760dc5e3
de8f0a7133acbad6e26b8a3c76a696978e8f6909fbee9dbb5a7808ac7c02b64f
GET /gtm.js?id=GTM-MW9PQ3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 22:39:18 GMT
expires: Wed, 07 Dec 2022 22:39:18 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MVMB4DG
142.250.74.168200 OK 100 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MVMB4DG
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (40012), with NEL line terminators
Hash 35354940623a535677549ce749966af6
3e72b377c33cff19c564c32cd89b51d4fdb5d449
ddd34dcfaa53510e0336f3b2dbf2fa1d90275eaf21db8ee699be9614c5aa54f1
GET /gtm.js?id=GTM-MVMB4DG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 22:39:18 GMT
expires: Wed, 07 Dec 2022 22:39:18 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39536
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 22:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 22:07:58 GMT
age: 1880
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4021
Cache-Control: max-age=128073
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 22:39:18 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:13:51 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.186.39101 Switching Protocols 8.2 kB URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.186.39:0
Hash 5659511087d61086c2b45c7d1184a0d4
6247e554513db14a5b3e14f011356cd58a51b3d9
a8706581ebd45ccb2f7c85dde606aea3cb0d6141f782dd5e073f6fbd47fd0c0d
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NALkxC6WUYBBdmabf5aCMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r7iJOegAg3csyc/qrjKxnaP73Yo=
r3.o.lencr.org/
23.36.76.226200 OK 15 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2c15d1733859f4786f17ed9f0a078f97
18f8f5149ae9b602b0f3e54d53d59bf35e3bfe32
14c4a76e9dcac192d92be069e15c2c90ef450fa24030656c4b4194ac7e1ca326
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B83124421DC68D73EDAD01A7841B596EE3CA6D28F6C799EB101D2A04887B2FA7"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7096
Expires: Thu, 08 Dec 2022 00:37:34 GMT
Date: Wed, 07 Dec 2022 22:39:18 GMT
Connection: keep-alive
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.24200 OK 15 kB URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash cde36cf67fbdd5d8f03152660d77db18
8908a0d3a6d4d479fc9004fc2590afd5cd77e2a6
84f441d303d49298f5f408c247a1ee85edc1c4f2114bf733c0876750eac664e8
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 07 Dec 2022 22:44:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 20:41:08 GMT
expires: Wed, 07 Dec 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 7090
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.exoclick.com/ads.js
205.185.216.42200 OK 974 B IP 205.185.216.42:0
File type ASCII text, with very long lines (2476), with no line terminators
Hash 92af51b4341a31ff621022c2a648c05e
3761459319128e7349981f338926abcd89ba58e0
6dd1f44f60b3c9584b3d9a54af5348c3fc36c7e13585f593f205ed42a0fa7e9f
GET /ads.js HTTP/1.1
Host: ads.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 22:39:18 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 974
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"8f3c7314efe500b41baba9f571b"
X-HW: 1670452758.dop017.sk1.t,1670452758.cds257.sk1.shn,1670452758.cds257.sk1.c
Access-Control-Allow-Origin: *, *
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 21 kB URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 2f9c34c9f1b3ead0d2f7ad97dce1438e
35eea7f31cc6329dce4d205bb6edb065ea243e0c
cdbd413785f4e26f84ed42714619cc7a6d7ac856d09f8753fe1090411c829a6a
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 22:39:19 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Sun, 11 Dec 2022 20:33:41 GMT
ETag: "115321dc7235d2a22dd591d9fb9ccfa306c1ac9e"
Last-Modified: Wed, 07 Dec 2022 20:33:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 552
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7760c1afdc12b503-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash ea42c12acfabe1a8fd33a8cdeeb86550
115321dc7235d2a22dd591d9fb9ccfa306c1ac9e
3794a08bd607cca0cdd3728cee7c830befaeaad6cf3b53aeb18838e4858c2965
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 22:39:19 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Sun, 11 Dec 2022 20:33:41 GMT
ETag: "115321dc7235d2a22dd591d9fb9ccfa306c1ac9e"
Last-Modified: Wed, 07 Dec 2022 20:33:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 552
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7760c1b07cb4b503-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ddd123ce4069ab907bd2eebb2f70cba9
48951bd8b68cbb8d6fba5c0301cbbc5ee2d0bc9c
983815cf6abe85cf1c44b77be482b6a685bc7f134777f0d718616a8b0762fd99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "983815CF6ABE85CF1C44B77BE482B6A685BC7F134777F0D718616A8B0762FD99"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6235
Expires: Thu, 08 Dec 2022 00:23:14 GMT
Date: Wed, 07 Dec 2022 22:39:19 GMT
Connection: keep-alive
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73266
date: Wed, 07 Dec 2022 22:39:19 GMT
access-control-allow-origin: *
etag: "638eb36c-11e32"
expires: Wed, 07 Dec 2022 23:39:19 GMT
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ddd123ce4069ab907bd2eebb2f70cba9
48951bd8b68cbb8d6fba5c0301cbbc5ee2d0bc9c
983815cf6abe85cf1c44b77be482b6a685bc7f134777f0d718616a8b0762fd99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "983815CF6ABE85CF1C44B77BE482B6A685BC7F134777F0D718616A8B0762FD99"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6235
Expires: Thu, 08 Dec 2022 00:23:14 GMT
Date: Wed, 07 Dec 2022 22:39:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ddd123ce4069ab907bd2eebb2f70cba9
48951bd8b68cbb8d6fba5c0301cbbc5ee2d0bc9c
983815cf6abe85cf1c44b77be482b6a685bc7f134777f0d718616a8b0762fd99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "983815CF6ABE85CF1C44B77BE482B6A685BC7F134777F0D718616A8B0762FD99"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6235
Expires: Thu, 08 Dec 2022 00:23:14 GMT
Date: Wed, 07 Dec 2022 22:39:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ddd123ce4069ab907bd2eebb2f70cba9
48951bd8b68cbb8d6fba5c0301cbbc5ee2d0bc9c
983815cf6abe85cf1c44b77be482b6a685bc7f134777f0d718616a8b0762fd99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "983815CF6ABE85CF1C44B77BE482B6A685BC7F134777F0D718616A8B0762FD99"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6235
Expires: Thu, 08 Dec 2022 00:23:14 GMT
Date: Wed, 07 Dec 2022 22:39:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ddd123ce4069ab907bd2eebb2f70cba9
48951bd8b68cbb8d6fba5c0301cbbc5ee2d0bc9c
983815cf6abe85cf1c44b77be482b6a685bc7f134777f0d718616a8b0762fd99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "983815CF6ABE85CF1C44B77BE482B6A685BC7F134777F0D718616A8B0762FD99"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6235
Expires: Thu, 08 Dec 2022 00:23:14 GMT
Date: Wed, 07 Dec 2022 22:39:19 GMT
Connection: keep-alive
mc.yandex.ru/metrika/watch.js
77.88.21.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (553)
Hash 69d8fb977b5f11ff2f42caaf9acae0f5
c68a1a8a921d9ca906a20a838458b48d33f0a6b1
197becd55ad37f6cdbdd1b1fc334a34a795359b805639f8311d42ac0abeedf34
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57635
date: Wed, 07 Dec 2022 22:39:19 GMT
access-control-allow-origin: *
etag: "638eb36c-e123"
expires: Wed, 07 Dec 2022 23:39:19 GMT
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/389000/389887/240x180/1.jpg
45.133.44.25200 OK 24 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/389000/389887/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash b5ccd2b7c3800703aba6e31ff4ba584b
8af29ea8fbf150b7b46568aa1d6ab7c20344cf69
6af469affc4fa861e3ea813c0929729403f7aad22792230f331d68d9b5f45905
GET /contents/videos_screenshots/389000/389887/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 23773
server: nginx/1.19.6
last-modified: Fri, 04 Dec 2020 03:53:11 GMT
etag: "5fc9b2a7-5cdd"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/254000/254779/240x180/1.jpg
45.133.44.25200 OK 22 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/254000/254779/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 700ab5b8ada1e8d58bb9a274b1185904
df88bada085c66c4e94de5f5dc66b23d9c48a027
814f7def5ec95c79e8d51a9d183d5a851d74fb758d42e17ec3d27ab7fd58f2b0
GET /contents/videos_screenshots/254000/254779/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 22034
server: nginx/1.19.6
last-modified: Thu, 04 Jul 2019 18:22:20 GMT
etag: "5d1e43dc-5612"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/412000/412731/240x180/1.jpg
45.133.44.25200 OK 61 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/412000/412731/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash 9a0aebc69367e374be367acb78149262
db78c9a296b220d8de5ee83081cdf7e523a45a77
8d07a8b71cb19189206e476fb99f272f15fb334bb8451a6bda5d3ce1705a4f0b
GET /contents/videos_screenshots/412000/412731/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 23787
server: nginx/1.19.6
last-modified: Tue, 25 May 2021 03:46:14 GMT
etag: "60ac7306-5ceb"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/204000/204048/240x180/1.jpg
45.133.44.25200 OK 15 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/204000/204048/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash eae0407980f1d7dfcb25d5bdd3ede69b
e4ce9a91e24a5c129481aa3a3400652c7a084351
6c602d9d780097dfee4aeee3ba4dcd0cd4d5211e67b312e4bf1dbcb78849e1b3
GET /contents/videos_screenshots/204000/204048/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 14807
server: nginx/1.19.6
last-modified: Sun, 31 Mar 2019 11:50:36 GMT
etag: "5ca0a98c-39d7"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/329000/329571/240x180/1.jpg
45.133.44.25200 OK 20 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/329000/329571/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash ab49ac07c050598a4b2a42d6aca113f1
183f4622943777a5c456d76c9e7df26dbc0a2a12
50bbf8bab41be5553845caac0d154b452b939f67d139de064a5ebad00361db89
GET /contents/videos_screenshots/329000/329571/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 19202
server: nginx/1.19.6
last-modified: Sat, 22 Feb 2020 22:28:24 GMT
etag: "5e51ab08-4b02"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/313000/313846/240x180/1.jpg
45.133.44.25200 OK 18 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/313000/313846/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash bb057f03b7651550faae1a33ed75193d
2cf6724bc0fd2801fe2bc6ff06315c8e5e24992e
c1c73c75a27c0083d7f9682baba78227eda606370bfe1f821210c85f2157457b
GET /contents/videos_screenshots/313000/313846/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 17509
server: nginx/1.19.6
last-modified: Tue, 12 Nov 2019 23:30:08 GMT
etag: "5dcb4080-4465"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/239000/239818/240x180/1.jpg
45.133.44.25200 OK 24 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/239000/239818/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 903d299d05fe38b7bf9653ca4eb7d992
61b2e81ece04cc2f41d1bc66cffed8751d745f56
1b5faaf183aad2cf9bf1fe6933106dbf62844c03de9ebba4f5b6fc229a276385
GET /contents/videos_screenshots/239000/239818/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 23935
server: nginx/1.19.6
last-modified: Thu, 30 May 2019 12:32:39 GMT
etag: "5cefcd67-5d7f"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/245000/245781/240x180/1.jpg
45.133.44.25200 OK 26 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/245000/245781/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash af13578c6fcc9d1137ea59d6df22feec
0b810ae21f6fef66718a1c1f51206800ae268ade
22b852fb94bbef1cd826255e016a88b6a6cded4f0523cb908312b1e33a992589
GET /contents/videos_screenshots/245000/245781/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 25955
server: nginx/1.19.6
last-modified: Fri, 14 Jun 2019 06:17:24 GMT
etag: "5d033bf4-6563"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/362000/362486/240x180/1.jpg
45.133.44.25200 OK 22 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/362000/362486/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 2d6d616e6ec1aeed4bd906be2d5a22b9
a9333fd3ff5a7c29a3e24978b18ad303ef4ff0dc
ba1ab2a9d6322b37b856d3a0bd47beb02781772722d03870df130c450d8be8e3
GET /contents/videos_screenshots/362000/362486/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 22351
server: nginx/1.19.6
last-modified: Tue, 22 Sep 2020 18:16:10 GMT
etag: "5f6a3f6a-574f"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/215000/215150/240x180/1.jpg
45.133.44.25200 OK 13 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/215000/215150/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 2886e68f9c7bf246efafb2ad6f13e4d1
383ef34c032cd2280f0441a2137002537ae60547
1c84c8f419ecbdf1d9727dc88abf868ed6fafd1158dbf0df08faedafbc64fa1b
GET /contents/videos_screenshots/215000/215150/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 12650
server: nginx/1.19.6
last-modified: Mon, 15 Apr 2019 17:03:27 GMT
etag: "5cb4b95f-316a"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/128000/128068/240x180/10.jpg
45.133.44.25200 OK 12 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/128000/128068/240x180/10.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash fcab045249c7fef4f671d0e189bb1e17
4af083e355aae96bd6818b76266e378d8b4f6564
6cc2320d61b9f4cd236bbcb8fd8b28fc2134d6d889a91745a952c4994012f60c
GET /contents/videos_screenshots/128000/128068/240x180/10.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 11589
server: nginx/1.19.6
last-modified: Sat, 17 Nov 2018 09:46:02 GMT
etag: "5befe35a-2d45"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/318000/318999/240x180/1.jpg
45.133.44.25200 OK 20 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/318000/318999/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 07428cb29ff8ab4cf026a09286c25a72
fd82559b3324c6c05a8f269a9e35dafa88e0fd36
91c8ec4004534baa6123637c2268fbecdcca9d3a6788d1b2fec7fe949c32d875
GET /contents/videos_screenshots/318000/318999/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 20108
server: nginx/1.19.6
last-modified: Mon, 02 Dec 2019 00:09:07 GMT
etag: "5de45623-4e8c"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/355000/355281/240x180/1.jpg
45.133.44.25200 OK 23 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/355000/355281/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash d61df52f7fb19f1e57370c72f527bfb1
565bead5db240c962b98d378a0d5940bb5e0fcf0
35b0e47670e232f44070550020a698aec615a0e3a1aeae78e913db33420b6b9d
GET /contents/videos_screenshots/355000/355281/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 22934
server: nginx/1.19.6
last-modified: Tue, 11 Aug 2020 22:11:02 GMT
etag: "5f331776-5996"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/465000/465543/240x180/1.jpg
45.133.44.25200 OK 21 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/465000/465543/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 00ab154b2ea80b94a114a4b2228694e8
b6af396341cd7dd74739c6cad427b2b08cc03b42
ebc835036d6760715d028df383332a359bd7dc4e88bdbd0873082cb6f6c5be44
GET /contents/videos_screenshots/465000/465543/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 20660
server: nginx/1.19.6
last-modified: Sat, 30 Oct 2021 04:39:08 GMT
etag: "617ccc6c-50b4"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/198000/198183/240x180/1.jpg
45.133.44.25200 OK 14 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/198000/198183/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash e8bbf3211f6c8b00668c37c8d5d99458
bf050a916ffa27ef9081036c5369f3a60eb9f78e
18b10f259729c548dca49484e6523ae38770e48461cd49bca549c4631528f518
GET /contents/videos_screenshots/198000/198183/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 13455
server: nginx/1.19.6
last-modified: Wed, 20 Mar 2019 11:40:46 GMT
etag: "5c9226be-348f"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/203000/203595/240x180/1.jpg
45.133.44.25200 OK 13 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/203000/203595/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 96e9f3abb3c577782dbc3da558aa3eed
9bc294e9c5162db4dae780757a1df0c127009340
cdf7f0e5e2894abc2faddbca6a0fc629140acb306fd159216b63f9ba17726489
GET /contents/videos_screenshots/203000/203595/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 13448
server: nginx/1.19.6
last-modified: Sat, 30 Mar 2019 11:14:18 GMT
etag: "5c9f4f8a-3488"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/167000/167386/240x180/28.jpg
45.133.44.25200 OK 14 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/167000/167386/240x180/28.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash e08383af2285f32e7632690884a0a071
34bf178b3702c5c04c8192a3c4110f97ea931e0f
7c58d180d2f2fca1725a144d806d40f4b14ccb6a2832e662569759a72ff10bdb
GET /contents/videos_screenshots/167000/167386/240x180/28.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 13551
server: nginx/1.19.6
last-modified: Thu, 27 Dec 2018 08:25:44 GMT
etag: "5c248c88-34ef"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/235000/235705/240x180/1.jpg
45.133.44.25200 OK 19 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/235000/235705/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash d1c457b6825d95197330510844f3e689
c15aaed4c852ba04066ced935ed18a80f136f71c
ccd30b9ec7af856d83e8589a10c43fbd5de07dbf34876697a85eceffd47e93df
GET /contents/videos_screenshots/235000/235705/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 19248
server: nginx/1.19.6
last-modified: Tue, 28 May 2019 10:38:04 GMT
etag: "5ced0f8c-4b30"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/336000/336599/240x180/1.jpg
45.133.44.25200 OK 34 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/336000/336599/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash 3b988092c7bfe76143466f3cfe6e445e
23cecf8ebfd1bb36852a9bcf148b59d0c846d58c
a0f4b547d78c018981ed7842f00675f2d778d146c209e010516b24deb2e92c3e
GET /contents/videos_screenshots/336000/336599/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 18778
server: nginx/1.19.6
last-modified: Mon, 18 May 2020 10:20:11 GMT
etag: "5ec2615b-495a"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/309000/309240/240x180/1.jpg
45.133.44.25200 OK 19 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/309000/309240/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash a02816dca0c522a2da066988ff92c0d9
73b55c98ab83f064cf45dd66dae5d05031bf986c
287d4da1297599d25ab2536313965f467efb1b5695c77c04f740d4062b12d87c
GET /contents/videos_screenshots/309000/309240/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 19226
server: nginx/1.19.6
last-modified: Sat, 02 Nov 2019 11:01:09 GMT
etag: "5dbd61f5-4b1a"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/222000/222076/240x180/1.jpg
45.133.44.25200 OK 13 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/222000/222076/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 130bfb8d172f8528c5ac7b32e9a4f1f2
e6637e1e6710997ba6b43aeeeb73a7116e38f991
9be0249a81abfdca72f9cd8b1db3dc050a7716ed8a7008e815ef2cb59b931e0b
GET /contents/videos_screenshots/222000/222076/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 12865
server: nginx/1.19.6
last-modified: Tue, 23 Apr 2019 09:57:03 GMT
etag: "5cbee16f-3241"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/226000/226974/240x180/1.jpg
45.133.44.25200 OK 13 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/226000/226974/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 1a65db91835da85ebf5c1c0bfd6a7851
f5de927cf35e04c561bac7d9e2796dee8f76c5ec
f794e0677b8551c22c03281c435684765de05219a8bf6f09f141408220602dd2
GET /contents/videos_screenshots/226000/226974/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 12813
server: nginx/1.19.6
last-modified: Wed, 01 May 2019 20:30:31 GMT
etag: "5cca01e7-320d"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/216000/216854/240x180/1.jpg
45.133.44.25200 OK 17 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/216000/216854/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 06358a847f4d6e8f311aafc741343a63
98570c06932689108762d6bad0175a2bb237e2c3
a1dff2c75ca681027cd30f0427de51937feb2a0425f40ed4a3091a7f23fa6282
GET /contents/videos_screenshots/216000/216854/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 17034
server: nginx/1.19.6
last-modified: Wed, 17 Apr 2019 11:12:39 GMT
etag: "5cb70a27-428a"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tn.vjav.com/contents/videos_screenshots/182000/182949/240x180/1.jpg
45.133.44.25200 OK 11 kB URL HTTP/2 tn.vjav.com/contents/videos_screenshots/182000/182949/240x180/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 17179ad2fbbf0acec51d1db4fb0bec08
da521f3348cd8c40a1bc72ccf0037e42e98544dd
7a1f6809c93617e73947233720d38bb2c5cbeea7fa42c75fa076c08ffb4fd62d
GET /contents/videos_screenshots/182000/182949/240x180/1.jpg HTTP/1.1
Host: tn.vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Cookie: kt_lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: image/jpeg
content-length: 10790
server: nginx/1.19.6
last-modified: Wed, 06 Feb 2019 11:59:16 GMT
etag: "5c5acc14-2a26"
cache-control: max-age=7776000
expires: Tue, 07 Mar 2023 22:39:19 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 20e2f1c1caebc0e48ca9c7b1dac6fac7
e9b8a58f1e209fe8d0a3de4a85e1f9a5d3410d32
343ef777533d445c0b5dbbf24ac6344b352c75d3ac43ae4037248a8f9e442da6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "343EF777533D445C0B5DBBF24AC6344B352C75D3AC43AE4037248A8F9E442DA6"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13576
Expires: Thu, 08 Dec 2022 02:25:35 GMT
Date: Wed, 07 Dec 2022 22:39:19 GMT
Connection: keep-alive
eb3a94f7c8.fa479896c7.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjI4NjY5MDU2NjQ4MDIxNDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE4LjAiLCJ0YWdfaWQiOjE4NCwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjg1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJKYXBhbmVzZSUyQ21vbSUyQ3NlZHVjZSUyQ2RhdWd0aGVyJ3MlMkN0ZWFjaGVyJTJDVkpBVi5jb20lMkNKYXBhbmVzZSUyQ21vbSUyQ3NlZHVjZSUyQ2RhdWd0aGVyJ3MlMkN0ZWFjaGVyJTJDdmphdi5jb20lMkNqYXYlMkNwb3JuJTJDdHViZSUyQ3h4eCUyQ2phdiUyQ3R1YmUlMkNmcmVlJTJDcG9ybiUyQ3ZpZGVvcyUyQ2ZyZWUlMkNwb3JuJTJDeHh4JTJDbW92aWVzJTJDeHh4JTJDdHViZSUyQ3ZpZGVvJTJDZnJlZSUyQ3h4eCUyQ3ZpZGVvJTJDY2xpcHMlMkN4eHh0dWJlJTJDaG90JTJDamFwYW5lc2UlMkNwb3JuJTJDb3JpZW50YWwlMkNwb3JuJTJDdmlkZW8lMkNXYXRjaCUyQ0phcGFuZXNlJTJDbW9tJTJDc2VkdWNlJTJDZGF1Z3RoZXIncyUyQ3RlYWNoZXIlMkNvbiUyQ0phcGFuZXNlJTJDcG9ybiUyQ3ZpZGVvJTJDc2l0ZSUyQ0xvdHMlMkNvZiUyQ2ZyZWUlMkN2aWRlb3MlMkN3aXRoJTJDSmFwYW5lc2UlMkNwb3JuJTJDc3RhcnMlMkNMYXJnZXN0JTJDYXJjaGl2ZSUyQ29mJTJDSEQlMkNtb3ZpZXMlMkN1bmNlbnNvcmVkIn0=
45.133.44.24200 OK 0 B URL HTTP/2 eb3a94f7c8.fa479896c7.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjI4NjY5MDU2NjQ4MDIxNDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE4LjAiLCJ0YWdfaWQiOjE4NCwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjg1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJKYXBhbmVzZSUyQ21vbSUyQ3NlZHVjZSUyQ2RhdWd0aGVyJ3MlMkN0ZWFjaGVyJTJDVkpBVi5jb20lMkNKYXBhbmVzZSUyQ21vbSUyQ3NlZHVjZSUyQ2RhdWd0aGVyJ3MlMkN0ZWFjaGVyJTJDdmphdi5jb20lMkNqYXYlMkNwb3JuJTJDdHViZSUyQ3h4eCUyQ2phdiUyQ3R1YmUlMkNmcmVlJTJDcG9ybiUyQ3ZpZGVvcyUyQ2ZyZWUlMkNwb3JuJTJDeHh4JTJDbW92aWVzJTJDeHh4JTJDdHViZSUyQ3ZpZGVvJTJDZnJlZSUyQ3h4eCUyQ3ZpZGVvJTJDY2xpcHMlMkN4eHh0dWJlJTJDaG90JTJDamFwYW5lc2UlMkNwb3JuJTJDb3JpZW50YWwlMkNwb3JuJTJDdmlkZW8lMkNXYXRjaCUyQ0phcGFuZXNlJTJDbW9tJTJDc2VkdWNlJTJDZGF1Z3RoZXIncyUyQ3RlYWNoZXIlMkNvbiUyQ0phcGFuZXNlJTJDcG9ybiUyQ3ZpZGVvJTJDc2l0ZSUyQ0xvdHMlMkNvZiUyQ2ZyZWUlMkN2aWRlb3MlMkN3aXRoJTJDSmFwYW5lc2UlMkNwb3JuJTJDc3RhcnMlMkNMYXJnZXN0JTJDYXJjaGl2ZSUyQ29mJTJDSEQlMkNtb3ZpZXMlMkN1bmNlbnNvcmVkIn0=
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjI4NjY5MDU2NjQ4MDIxNDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE4LjAiLCJ0YWdfaWQiOjE4NCwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjg1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJKYXBhbmVzZSUyQ21vbSUyQ3NlZHVjZSUyQ2RhdWd0aGVyJ3MlMkN0ZWFjaGVyJTJDVkpBVi5jb20lMkNKYXBhbmVzZSUyQ21vbSUyQ3NlZHVjZSUyQ2RhdWd0aGVyJ3MlMkN0ZWFjaGVyJTJDdmphdi5jb20lMkNqYXYlMkNwb3JuJTJDdHViZSUyQ3h4eCUyQ2phdiUyQ3R1YmUlMkNmcmVlJTJDcG9ybiUyQ3ZpZGVvcyUyQ2ZyZWUlMkNwb3JuJTJDeHh4JTJDbW92aWVzJTJDeHh4JTJDdHViZSUyQ3ZpZGVvJTJDZnJlZSUyQ3h4eCUyQ3ZpZGVvJTJDY2xpcHMlMkN4eHh0dWJlJTJDaG90JTJDamFwYW5lc2UlMkNwb3JuJTJDb3JpZW50YWwlMkNwb3JuJTJDdmlkZW8lMkNXYXRjaCUyQ0phcGFuZXNlJTJDbW9tJTJDc2VkdWNlJTJDZGF1Z3RoZXIncyUyQ3RlYWNoZXIlMkNvbiUyQ0phcGFuZXNlJTJDcG9ybiUyQ3ZpZGVvJTJDc2l0ZSUyQ0xvdHMlMkNvZiUyQ2ZyZWUlMkN2aWRlb3MlMkN3aXRoJTJDSmFwYW5lc2UlMkNwb3JuJTJDc3RhcnMlMkNMYXJnZXN0JTJDYXJjaGl2ZSUyQ29mJTJDSEQlMkNtb3ZpZXMlMkN1bmNlbnNvcmVkIn0= HTTP/1.1
Host: eb3a94f7c8.fa479896c7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:19 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=184
157.90.84.242204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=184
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=184 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://vjav.com/
Origin: https://vjav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 07 Dec 2022 22:39:19 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://vjav.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1fd4d502e7e75fd099e09beccbe9f883
f194c3f913b40fb9174690e84298407a26f30cbc
aa411695f7ffc1c8850dc91ada8afa1edb9cc528ebde4b9a2bc9ac0eef624d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA411695F7FFC1C8850DC91ADA8AFA1EDB9CC528EBDE4B9A2BC9AC0EEF624D5A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9020
Expires: Thu, 08 Dec 2022 01:09:39 GMT
Date: Wed, 07 Dec 2022 22:39:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 7.5 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 814c8e56337584b04b690f8aaec9a965
77e78d7d8f401f41e96b763fc41905fed6da0705
261ec2dce417b18fbe42088082c9115cfbc4afb4f046efaecce04458905d9b70
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA411695F7FFC1C8850DC91ADA8AFA1EDB9CC528EBDE4B9A2BC9AC0EEF624D5A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9020
Expires: Thu, 08 Dec 2022 01:09:39 GMT
Date: Wed, 07 Dec 2022 22:39:19 GMT
Connection: keep-alive
fp.metricswpsh.com/fp?tag_id=184
157.90.84.242200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=184
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=184 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22288
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 07 Dec 2022 22:39:19 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://vjav.com
Set-Cookie: id=13965003032892898448; Expires=Thu, 07 Dec 2023 22:39:19 GMT; Secure; SameSite=None
Vary: Origin
vast.yomeno.xyz/vast
109.206.176.75204 No Content 0 B IP 109.206.176.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /vast HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://vjav.com/
Origin: https://vjav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:20 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://vjav.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-type: text/plain; charset=utf-8
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5d4f9779be25da22508106edd3723595
35741797a83e0054356357688336914edfbc9f58
106a90e3385fea3ad7d122c70f1d841c7837835efd7f56c014c88579937c660c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "106A90E3385FEA3AD7D122C70F1D841C7837835EFD7F56C014C88579937C660C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2929
Expires: Wed, 07 Dec 2022 23:28:08 GMT
Date: Wed, 07 Dec 2022 22:39:19 GMT
Connection: keep-alive
mc.yandex.ru/watch/35313285?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A467204794180%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A952812383%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/35313285?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A467204794180%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A952812383%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/35313285?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A467204794180%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A952812383%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/35313285/1?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A467204794180%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A952812383%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 07 Dec 2022 22:39:19 GMT
access-control-allow-origin: https://vjav.com
set-cookie: yabs-sid=349877841670452759; Path=/; SameSite=None; Secure
i=jxpORj7jvuXMPWQVaTBBXPekt3zBbr8odfYjNHNzSEcxOQaogFBYBO1TIr6nqKg6huhU3fln84WLtlYcxUaLBVKDqgk=; Expires=Sat, 04-Dec-2032 22:39:16 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=9010764871670452759; Expires=Thu, 07-Dec-2023 22:39:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9010764871670452759; Expires=Thu, 07-Dec-2023 22:39:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701988759.yc.1670452759#1701988759.yrts.1670452759#1701988759.yrtsi.1670452759; Expires=Thu, 07-Dec-2023 22:39:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 22:39:19 GMT
last-modified: Wed, 07-Dec-2022 22:39:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
vast.yomeno.xyz/prepare
109.206.176.75204 No Content 0 B IP 109.206.176.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prepare HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1143
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:20 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://vjav.com
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a4493c3e39db472db4ec900625130d8
8ded605fdbdcb455f128b57829978f492322623b
2f17c60ae275cbe9422a74da4342e5bd3f5fe44b1ea4dd53e5646d9e5db1067d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F17C60AE275CBE9422A74DA4342E5BD3F5FE44B1EA4DD53E5646D9E5DB1067D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4634
Expires: Wed, 07 Dec 2022 23:56:34 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a4493c3e39db472db4ec900625130d8
8ded605fdbdcb455f128b57829978f492322623b
2f17c60ae275cbe9422a74da4342e5bd3f5fe44b1ea4dd53e5646d9e5db1067d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F17C60AE275CBE9422A74DA4342E5BD3F5FE44B1EA4DD53E5646D9E5DB1067D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4634
Expires: Wed, 07 Dec 2022 23:56:34 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash afe2239fe3e5cf9025bb5f285ac68a31
bc1b525872f518b3fe0228ae39087431b6e09f79
9357733885b919cdaf874a2be5583398b432e3b214296f78eccf2d9152a34445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9357733885B919CDAF874A2BE5583398B432E3B214296F78ECCF2D9152A34445"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6922
Expires: Thu, 08 Dec 2022 00:34:42 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a4493c3e39db472db4ec900625130d8
8ded605fdbdcb455f128b57829978f492322623b
2f17c60ae275cbe9422a74da4342e5bd3f5fe44b1ea4dd53e5646d9e5db1067d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F17C60AE275CBE9422A74DA4342E5BD3F5FE44B1EA4DD53E5646D9E5DB1067D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4634
Expires: Wed, 07 Dec 2022 23:56:34 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a4493c3e39db472db4ec900625130d8
8ded605fdbdcb455f128b57829978f492322623b
2f17c60ae275cbe9422a74da4342e5bd3f5fe44b1ea4dd53e5646d9e5db1067d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F17C60AE275CBE9422A74DA4342E5BD3F5FE44B1EA4DD53E5646D9E5DB1067D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4634
Expires: Wed, 07 Dec 2022 23:56:34 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08941ddc20e74dbea6d073e5fdb4316b
f789c7afde0d42c551c908f4327e883b67ec07cb
8573c1868d161e0034c5b92c36e29b65b0e57b8d220083014ba0edf19803841b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8573C1868D161E0034C5B92C36E29B65B0E57B8D220083014BA0EDF19803841B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9916
Expires: Thu, 08 Dec 2022 01:24:36 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b2b9c3412684bb24abd585f61995fddd
d3ca1c11ff47bc11d5c28c76a9f2bcf33968a609
1bf931ba933fb653b709d124e6c2cc48c28d78bc40d959f3c371b043fa4ee69a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BF931BA933FB653B709D124E6C2CC48C28D78BC40D959F3C371B043FA4EE69A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4508
Expires: Wed, 07 Dec 2022 23:54:28 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
js.wpshsdk.com/npc/sdk/wp-banners.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/wp-banners.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 07 Dec 2022 22:44:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 72676085dfe86df86a0e902ca6dec952
e7722812ab754bab552bb3b7047b5efeb39757ec
a92321b9fe5410fea539cf735edd3f6c3e21e0ecf752abac4aa2b3eed26261f6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A92321B9FE5410FEA539CF735EDD3F6C3E21E0ECF752ABAC4AA2B3EED26261F6"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14829
Expires: Thu, 08 Dec 2022 02:46:29 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
12112336.pix-cdn.org/dli/whatshot.svg?fill=rgb(128%2C%20128%2C%20128)
45.133.44.24200 OK 147 kB URL HTTP/2 12112336.pix-cdn.org/dli/whatshot.svg?fill=rgb(128%2C%20128%2C%20128)
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Size 147 kB (147382 bytes)
Hash 20a795a4431d75751dfa9ecdfdeaff3f
dc86e5d8980ad1820a54f8801aad7e2bd3303bd4
8a3b388202133196f703b9688955379e2ad9c655baf3bef760693338014c708f
GET /dli/whatshot.svg?fill=rgb(128%2C%20128%2C%20128) HTTP/1.1
Host: 12112336.pix-cdn.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: image/svg+xml
content-length: 1064
server: nginx/1.12.2
last-modified: Tue, 16 Jun 2020 16:25:10 GMT
etag: "5ee8f266-428"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 72676085dfe86df86a0e902ca6dec952
e7722812ab754bab552bb3b7047b5efeb39757ec
a92321b9fe5410fea539cf735edd3f6c3e21e0ecf752abac4aa2b3eed26261f6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A92321B9FE5410FEA539CF735EDD3F6C3E21E0ECF752ABAC4AA2B3EED26261F6"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14829
Expires: Thu, 08 Dec 2022 02:46:29 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
nereserv.com/in/dip?site=native-push&wl=1&event_id=f70ad23c-9125-4b20-9ead-0acfe16b0095&subid=1238912481&sid=2424105939&spot_id=50&created_at=2022-12-07&timezone=0&ver=8.6.1&is_native=1
168.119.25.22200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=f70ad23c-9125-4b20-9ead-0acfe16b0095&subid=1238912481&sid=2424105939&spot_id=50&created_at=2022-12-07&timezone=0&ver=8.6.1&is_native=1
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=f70ad23c-9125-4b20-9ead-0acfe16b0095&subid=1238912481&sid=2424105939&spot_id=50&created_at=2022-12-07&timezone=0&ver=8.6.1&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49315045?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A1026977581454%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A1070933365%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 310 B URL HTTP/2 mc.yandex.ru/watch/49315045?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A1026977581454%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A1070933365%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type gzip compressed data, from Unix\012- data
Hash ed3b34fcd5bd364bf9ef08e569a800cb
fac6c698eddad7546713692bba33e9bd93a76269
8d50f37aa59ec553fd59b1bf853de86eab0905f6850fe8e07c2c566370cdcd33
GET /watch/49315045?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A1026977581454%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A1070933365%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/49315045/1?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A1026977581454%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A1070933365%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 07 Dec 2022 22:39:19 GMT
access-control-allow-origin: https://vjav.com
set-cookie: yabs-sid=2324391051670452759; Path=/; SameSite=None; Secure
i=hb3wI3VKT12kUuVqkpn1qvug1ykKRxqSSZBTICLbr9EIludPo6dR/8CyFq8bPdBhCmF/Wlcabl9eqslB5A1eaoGZD+w=; Expires=Sat, 04-Dec-2032 22:39:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3235291921670452759; Expires=Thu, 07-Dec-2023 22:39:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3235291921670452759; Expires=Thu, 07-Dec-2023 22:39:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701988759.yc.1670452759#1701988759.yrts.1670452759#1701988759.yrtsi.1670452759; Expires=Thu, 07-Dec-2023 22:39:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 22:39:19 GMT
last-modified: Wed, 07-Dec-2022 22:39:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2836
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2836
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2836
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2836
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2836
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 22:39:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 59259
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2d14fc1b5d2e6d6f4751a2fe741b990
86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef
bfe88cb97ccec5af627853d0bbc02f4799c4b8a25a995c8578365cb5a2914d6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: c5f3e36b-87f1-4938-819c-7b1a6ec6bfeb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4BXHJ0oAMFaKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d5-15635f9a10d25d8c1d702bbd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zQXtGXxwwTmn7gMQQj5wM69mPzAmYXRyfTbYfgUovTGsS0y048GZDg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:06:53 GMT
age: 1947
etag: "86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
age: 1556
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=2389229618836845337&pid=0&site=29876&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-5&site_id=0&spot_id=29876&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.00027437752759150707&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29876&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=2389229618836845337&pid=0&site=29876&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-5&site_id=0&spot_id=29876&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.00027437752759150707&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29876&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=2389229618836845337&pid=0&site=29876&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-5&site_id=0&spot_id=29876&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.00027437752759150707&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29876&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NiwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2NCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzYsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzYiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ3fX0=
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa98459-9507-4e55-9fad-ef4a6111e4fc.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa98459-9507-4e55-9fad-ef4a6111e4fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 911f9077bb888e775390cd5f34825f93
d64877f85440c5b7ab98bd29589f273b2b003608
9ae0779879235abd98a87fd4a25b0e2c1961d7e37ae2481867393e47ac871947
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa98459-9507-4e55-9fad-ef4a6111e4fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8295
x-amzn-requestid: e13ec956-9996-44d1-b216-1138c273d557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy42XHI_oAMFfCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63910828-532765c65249a4b339abfad4;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:39:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: eDebLHlPV0psvVes0bmmBPmwqPlAA8LTNBvmMQIQhxNtM2bTqThGQg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:06:53 GMT
etag: "d64877f85440c5b7ab98bd29589f273b2b003608"
content-type: image/jpeg
age: 1947
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4cbd333b74ebe10e77c1bdf1fec0269
bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8
7c868974824cef2f1a08c4500d10490fbaa8515984391b822c70a5009ad8c225
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 79861560-2468-4c0a-afd8-800d1e6d6814
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4A5EbzIAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d2-0b1efe0b006b8b0b2f69870b;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OInz4Evmbh2Z4PL2ogGsw6iOF9I-u-KhBhAsHHiA46CuHcqHo2Z34A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:07 GMT
age: 1573
etag: "bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce35df4fe4f77c950e40dc44b311bab4
aadf97d040e3577599581e892ee20f88d191bf91
f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5620
x-amzn-requestid: fadda084-c7fc-4ec0-bad0-27e97b8349d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gHGIMIAMFy_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-5dc824963fe82ab927205128;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MWB80hrfUMDjexNsySVGMXtm6Wva4t1gkJXaesFKRaGSkFS1r1zIrw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
age: 1556
etag: "aadf97d040e3577599581e892ee20f88d191bf91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=4384524719834623807&pid=0&site=29877&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-1&site_id=0&spot_id=29877&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0005240610776997785&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29877&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=4384524719834623807&pid=0&site=29877&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-1&site_id=0&spot_id=29877&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0005240610776997785&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29877&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=4384524719834623807&pid=0&site=29877&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-1&site_id=0&spot_id=29877&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0005240610776997785&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29877&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NywidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2OCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzcsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzciLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ4fX0=
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=1458122559378285106&pid=0&site=29874&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-5&site_id=0&spot_id=29874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0002524273253841865&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29874&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=1458122559378285106&pid=0&site=29874&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-5&site_id=0&spot_id=29874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0002524273253841865&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29874&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=1458122559378285106&pid=0&site=29874&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-5&site_id=0&spot_id=29874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0002524273253841865&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29874&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NCwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2MCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzQsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzQiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ0fX0=
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=5527776200474179070&pid=0&site=29875&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-3&site_id=0&spot_id=29875&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.00030181528035065776&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29875&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=5527776200474179070&pid=0&site=29875&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-3&site_id=0&spot_id=29875&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.00030181528035065776&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29875&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=5527776200474179070&pid=0&site=29875&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-3&site_id=0&spot_id=29875&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.00030181528035065776&placement_type_id=8&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29875&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NSwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2MiwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzUsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzUiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ1fX0=
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Firefox-Spdy: h2
s.optnx.com/cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjAzfDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8MGRkMzk3YTUzNDM5NzhiZjg3NTM5Y2QyYmU2Zjk3NTA-
95.211.229.248302 Found 0 B URL HTTP/1.1 s.optnx.com/cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjAzfDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8MGRkMzk3YTUzNDM5NzhiZjg3NTM5Y2QyYmU2Zjk3NTA-
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjAzfDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8MGRkMzk3YTUzNDM5NzhiZjg3NTM5Y2QyYmU2Zjk3NTA- HTTP/1.1
Host: s.optnx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbrennab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 22:39:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22639116184f0b66.808272763278007680%22%3B%7D; expires=Fri, 06 Dec 2024 22:39:20 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Robots-Tag: noindex, follow
s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
185.76.9.16200 OK 27 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash c1c75724467e05b05d3f47c4192d595a
be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1
e3274a14bb5b75548d26cd44215aef5395348223ed43c262cb17c3783f88c132
GET /library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbrennab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: image/jpeg
content-length: 27027
last-modified: Thu, 03 Mar 2022 12:22:54 GMT
etag: "6220b31e-6993"
expires: Tue, 12 Sep 2023 00:42:58 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1694772188
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ0LiAP/vB1uAA
x-77-nzt-ray: c0a4cc28aa410e4c18169163e081b714
x-cache: HIT
x-age: 7216572
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s.optnx.com/cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjA0fDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8ZmMxZjQ4NGZhNzExYzAzYmY1MTEyMDkxYWU5MjZiMWY-
95.211.229.248302 Found 0 B URL HTTP/1.1 s.optnx.com/cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjA0fDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8ZmMxZjQ4NGZhNzExYzAzYmY1MTEyMDkxYWU5MjZiMWY-
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjA0fDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8ZmMxZjQ4NGZhNzExYzAzYmY1MTEyMDkxYWU5MjZiMWY- HTTP/1.1
Host: s.optnx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbrennab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 22:39:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263911618562827.557318692180467348%22%3B%7D; expires=Fri, 06 Dec 2024 22:39:20 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Robots-Tag: noindex, follow
s.optnx.com/cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjA1fDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8NjM4OThhOGQwYjM5NDgwYmNjNTNiOWQ4OGMzNDQ2ZWU-
95.211.229.248302 Found 0 B URL HTTP/1.1 s.optnx.com/cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjA1fDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8NjM4OThhOGQwYjM5NDgwYmNjNTNiOWQ4OGMzNDQ2ZWU-
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjA1fDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8NjM4OThhOGQwYjM5NDgwYmNjNTNiOWQ4OGMzNDQ2ZWU- HTTP/1.1
Host: s.optnx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbrennab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 22:39:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263911618578496.448101881092596025%22%3B%7D; expires=Fri, 06 Dec 2024 22:39:20 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Robots-Tag: noindex, follow
rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3OSwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc3NCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzksIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6Miwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTZ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIyOTg3OSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0NDJ9fQ==
162.55.139.130200 OK 2.8 kB URL HTTP/2 rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3OSwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc3NCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzksIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6Miwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTZ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIyOTg3OSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0NDJ9fQ==
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash 71862f4e06f2191f2eb12216dcb8fff1
2632c96aa808b80c9278e2a66e1d729b04395310
98361c40cc83810debd79494069c69e1039b525cecd010118a7abadd097e25db
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3OSwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc3NCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzksIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6Miwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTZ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIyOTg3OSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0NDJ9fQ== HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/35313285/1?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A467204794180%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A952812383%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
77.88.21.119200 OK 483 B URL HTTP/2 mc.yandex.ru/watch/35313285/1?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A467204794180%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A952812383%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 77.88.21.119:0
Hash be93fdb3f4b9f70d6a9b9e7b5375e406
f8accd4dd41d05ae77baecee1738f93f33213b33
1d7d5222f739195786ccece321fe850045b999e6107f85a9d2f99b1051497e2a
GET /watch/35313285/1?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A467204794180%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A952812383%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vjav.com
Referer: https://vjav.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Wed, 07 Dec 2022 22:39:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://vjav.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 22:39:20 GMT
last-modified: Wed, 07-Dec-2022 22:39:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 22:39:20 GMT
access-control-allow-origin: *
etag: "638eb36c-2b"
expires: Wed, 07 Dec 2022 23:39:20 GMT
accept-ranges: bytes
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49315045/1?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A1026977581454%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A1070933365%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
77.88.21.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/49315045/1?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A1026977581454%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A1070933365%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash e53016c517159c284460b60308e41522
4499690cc31c40032dcf3ec0ee5c045ffb987156
00a33cedc378443c0d75148ed09059347f9501e7c0de71f8fb35835e13082b10
GET /watch/49315045/1?wmode=7&page-url=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A1026977581454%3Ahid%3A191514537%3Az%3A0%3Ai%3A20221207223919%3Aet%3A1670452759%3Ac%3A1%3Arn%3A1070933365%3Arqn%3A1%3Au%3A1670452759158444430%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C107%2C45%2C6%2C340%2C0%2C%2C588%2C9%2C1266%2C1266%2C1%2C1203%3Aco%3A0%3Ans%3A1670452756930%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670452759%3At%3AJapanese%20mom%20seduce%20daugther%27s%20teacher%20-%20VJAV.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vjav.com
Referer: https://vjav.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Wed, 07 Dec 2022 22:39:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://vjav.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 22:39:20 GMT
last-modified: Wed, 07-Dec-2022 22:39:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
s.optnx.com/cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjA0fDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8ZmMxZjQ4NGZhNzExYzAzYmY1MTEyMDkxYWU5MjZiMWY-
95.211.229.248302 Found 0 B URL HTTP/1.1 s.optnx.com/cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjA0fDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8ZmMxZjQ4NGZhNzExYzAzYmY1MTEyMDkxYWU5MjZiMWY-
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjA0fDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8ZmMxZjQ4NGZhNzExYzAzYmY1MTEyMDkxYWU5MjZiMWY- HTTP/1.1
Host: s.optnx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbrennab.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263911618578496.448101881092596025%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 22:39:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263911618578496.448101881092596025%22%3B%7D; expires=Fri, 06 Dec 2024 22:39:20 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Robots-Tag: noindex, follow
rtbrennab.com/banner/in/show/?mid=4607264101381798660&pid=0&site=29879&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-8&site_id=0&spot_id=29879&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.000481532560923095&placement_type_id=2&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29879&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=4607264101381798660&pid=0&site=29879&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-8&site_id=0&spot_id=29879&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.000481532560923095&placement_type_id=2&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29879&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=4607264101381798660&pid=0&site=29879&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-8&site_id=0&spot_id=29879&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.000481532560923095&placement_type_id=2&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29879&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3OSwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc3NCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzksIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6Miwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTZ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIyOTg3OSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0NDJ9fQ==
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Firefox-Spdy: h2
3728d55f88.acba3464a0.com/get/
94.130.197.134200 OK 2.8 kB URL HTTP/2 3728d55f88.acba3464a0.com/get/
IP 94.130.197.134:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (2843), with no line terminators
Hash 66d0a70ef5c441306d64eac1fbb1864f
d4039177cc6c3d6269bca7af3daab938aef6f23a
3b3edc6b0aecb546fefc3700e1c758ce59adef73b9bf67856f4bdcdb539f7521
Analyzer Verdict Alert quad9 Sinkholed
POST /get/ HTTP/1.1
Host: 3728d55f88.acba3464a0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vjav.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://vjav.com
Content-Length: 712
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: application/json
content-length: 2843
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
s.optnx.com/cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjAzfDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8MGRkMzk3YTUzNDM5NzhiZjg3NTM5Y2QyYmU2Zjk3NTA-
95.211.229.248302 Found 0 B URL HTTP/1.1 s.optnx.com/cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjAzfDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8MGRkMzk3YTUzNDM5NzhiZjg3NTM5Y2QyYmU2Zjk3NTA-
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cimp.php?data=TVRZM01EUTFNamMyTUh3ME5UY3dObVl4TlRneE1EZG1ZVEJqTnpSbVpUQTVPV1kxWm1NeFl6WmpaQS0tfC9saWJyYXJ5Lzc2MTU2MC9iZThmOWU0YmIyYzg3ZDYzYjcyZmUzYTJmNjIxYmUzNWE5MmQ3NWUxLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHZqYXYuY29tfDc2MTU2MHw2NjYxNzN8OTE1ODMyfDQyODc1OTZ8NTA4fDQ5NjEyNjJ8NzEwMjEzNjR8NDB8M3wwfDB8MjUzNDR8MHx8ODB8RVVSfFVTRHwwLjk1MzV8MXwzNHx8MXxOT1J8fDIwfDF8MXx8fDRmY2FmYzBlZTI2MWRlNmM4MDRiZGY3Njg3NWQ4MzA4fDF8MHx2amF2LmNvbXwwfDU3MzA0fDExMDM4MnwwLjAzfDF8MHxleGNoYW5nZV9uYXRpdmVfYWR8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMHx8T0t8MGRkMzk3YTUzNDM5NzhiZjg3NTM5Y2QyYmU2Zjk3NTA- HTTP/1.1
Host: s.optnx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbrennab.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263911618578496.448101881092596025%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 22:39:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263911618578496.448101881092596025%22%3B%7D; expires=Fri, 06 Dec 2024 22:39:20 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Robots-Tag: noindex, follow
btds.zog.link/in/dl_show/?spot_id=84723&out_name=73385|12302|cpm|0.0001|$%200.0001&ad_sub=0&utm1=&utm2=&utm3=&utm4=&spot_id=84723&p=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F
109.206.182.60200 OK 2 B URL HTTP/2 btds.zog.link/in/dl_show/?spot_id=84723&out_name=73385|12302|cpm|0.0001|$%200.0001&ad_sub=0&utm1=&utm2=&utm3=&utm4=&spot_id=84723&p=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F
IP 109.206.182.60:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /in/dl_show/?spot_id=84723&out_name=73385|12302|cpm|0.0001|$%200.0001&ad_sub=0&utm1=&utm2=&utm3=&utm4=&spot_id=84723&p=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 952.0=1; expires=Thu, 08 Dec 2022 22:39:21 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=1571205116446470168&pid=0&site=29878&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-3&site_id=0&spot_id=29878&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0004321446059566236&placement_type_id=1&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29878&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=1571205116446470168&pid=0&site=29878&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-3&site_id=0&spot_id=29878&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0004321446059566236&placement_type_id=1&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29878&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=1571205116446470168&pid=0&site=29878&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-3&site_id=0&spot_id=29878&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0004321446059566236&placement_type_id=1&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=29878&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3OCwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc3MCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzgsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjEsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzgiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQwfX0=
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Firefox-Spdy: h2
rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjozODIxNywidHlwZSI6InBvcCIsImlkem9uZSI6Mjk2OTcwNCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzgyMTcsIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6Mywic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTZ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIzODIxNyIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0NTB9fQ==
162.55.139.130200 OK 2.3 kB URL HTTP/2 rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjozODIxNywidHlwZSI6InBvcCIsImlkem9uZSI6Mjk2OTcwNCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzgyMTcsIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6Mywic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTZ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIzODIxNyIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0NTB9fQ==
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1697)
Hash b86bfecc92f7075e79d06bd920ffbbf2
4430d86d0f5194bc64fd3d981dd77f964e29ca59
5962c4fee9b266ede4a4ed8806976936c864e8eba93db528b45a2ff5bc1ccbab
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjozODIxNywidHlwZSI6InBvcCIsImlkem9uZSI6Mjk2OTcwNCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzgyMTcsIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6Mywic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTZ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIzODIxNyIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0NTB9fQ== HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NiwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2NCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzYsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzYiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ3fX0=
162.55.139.130200 OK 2.3 kB URL HTTP/2 rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NiwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2NCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzYsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzYiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ3fX0=
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1698)
Hash abb93ffe36b2a2e8c79b5f9dfff8fb69
3e040a48be68984521a074d480a913c3ac9c1b15
715739b2b7896dcc513804dca452c013c36db6108ea3f7f96de1b12060d2b33d
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NiwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2NCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzYsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzYiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ3fX0= HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=7524384884096011599&pid=0&site=38217&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-9&site_id=0&spot_id=38217&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0011372948518667968&placement_type_id=3&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=38217&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=7524384884096011599&pid=0&site=38217&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-9&site_id=0&spot_id=38217&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0011372948518667968&placement_type_id=3&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=38217&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=7524384884096011599&pid=0&site=38217&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10932&price=0&is_cpm=1&cpm=0.010679199999999998&ecpm=0.007784310977463999&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-9&site_id=0&spot_id=38217&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25-3&min_cpm=0.0011372948518667968&placement_type_id=3&skin_test=&verify_hash=&score=100&ml=&tag_ab=&ttl=&space_id=38217&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fs3t3d2y8.afcdn.net%2Flibrary%2F761560%2Fbe8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjozODIxNywidHlwZSI6InBvcCIsImlkem9uZSI6Mjk2OTcwNCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzgyMTcsIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6Mywic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTZ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIzODIxNyIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0NTB9fQ==
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
X-Firefox-Spdy: h2
rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3OCwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc3MCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzgsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjEsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzgiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQwfX0=
162.55.139.130200 OK 2.3 kB URL HTTP/2 rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3OCwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc3MCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzgsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjEsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzgiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQwfX0=
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1697)
Hash 589da99334f8d348924de096c7f90a05
e5c5d458cc8f03a0d2793c003fbad0678ef34fae
c359bdff1744bc9118cce422b6dede3e99cebe487c721a6e7291a6d14e2c743f
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3OCwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc3MCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzgsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjEsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzgiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQwfX0= HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/761560/d06a605cf4febd9381d90106ba45aee0a51b00e4.jpg
185.76.9.16200 OK 32 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/761560/d06a605cf4febd9381d90106ba45aee0a51b00e4.jpg
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 5972e128277b6237fc2dc74d4960076b
d06a605cf4febd9381d90106ba45aee0a51b00e4
1c63bb9bafbb4e8bd1b49b13cc25b32eb2d08b0eb2944e1a3b82ef95dc4ca307
GET /library/761560/d06a605cf4febd9381d90106ba45aee0a51b00e4.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: image/jpeg
content-length: 32491
last-modified: Wed, 12 Oct 2022 09:03:15 GMT
etag: "634682d3-7eeb"
expires: Wed, 01 Nov 2023 13:00:28 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1701770275
server: CDN77-Turbo
x-77-nzt: AblMCQ2W9sj/dVUDAA
x-77-nzt-ray: c0a4cc28aa410e4c18169163a888aa20
x-cache: HIT
x-age: 218485
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
btds.zog.link/in/912/?sid=29884&source=0&idzone=3669763&w=728&h=90&mo=&ve=&site_id=29884&utm1=&utm2=&utm3=&utm4=&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&spot_id=29884&p=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&katds_labels=&btype=0&score=100&bf=0.000774
109.206.182.60302 Found 0 B URL HTTP/2 btds.zog.link/in/912/?sid=29884&source=0&idzone=3669763&w=728&h=90&mo=&ve=&site_id=29884&utm1=&utm2=&utm3=&utm4=&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&spot_id=29884&p=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&katds_labels=&btype=0&score=100&bf=0.000774
IP 109.206.182.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/912/?sid=29884&source=0&idzone=3669763&w=728&h=90&mo=&ve=&site_id=29884&utm1=&utm2=&utm3=&utm4=&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&spot_id=29884&p=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&katds_labels=&btype=0&score=100&bf=0.000774 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/
Connection: keep-alive
Cookie: 952.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://tsyndicate.com/iframes2/b71f50c1b2a44028be65b867b4e7d559.html?subid=0&categories=Straight,Big Tits,MILF,Japanese,Asian,Creampie/Nakadashi,Teacher/Sensei,Step Fantasy
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 912.0=1; expires=Thu, 08 Dec 2022 22:39:20 GMT; path=/; secure; SameSite=None
1624.0=1; expires=Thu, 08 Dec 2022 22:39:20 GMT; path=/; secure; SameSite=None
1625.0=1; expires=Thu, 08 Dec 2022 22:39:20 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NCwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2MCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzQsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzQiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ0fX0=
162.55.139.130200 OK 2.3 kB URL HTTP/2 rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NCwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2MCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzQsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzQiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ0fX0=
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash 8b71afc0ccff9308ca3dceb08a8d5c7d
f441acfa3ed6ff08d93d84fb115923e1e0e124de
65c9c817906b6ba433eae1760252ffe84587b223e77e11cb02c5469ed2006e92
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NCwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2MCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzQsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzQiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ0fX0= HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/common/config.js
45.133.44.25200 OK 19 B URL HTTP/2 js.wpshsdk.com/npc/sdk/common/config.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash fec01d1036706ba84a7eedc87ffef13c
d3c7868c305bda2cc490e961331d4c5b3c4e54f2
2609d50f01d937b5ea44cd92705c2fc422c480fd290588165951c297dd7bfb8f
GET /npc/sdk/common/config.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vjav.com/
Origin: https://vjav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 19
server: nginx/1.18.0
last-modified: Wed, 07 Dec 2022 09:51:40 GMT
etag: "6390622c-13"
expires: Wed, 07 Dec 2022 22:44:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
btds.zog.link/in/va?spot_id=29884&view=1
109.206.182.60200 OK 2 B URL HTTP/2 btds.zog.link/in/va?spot_id=29884&view=1
IP 109.206.182.60:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /in/va?spot_id=29884&view=1 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 1840.0=1; expires=Thu, 08 Dec 2022 22:39:20 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
btds.zog.link/in/va?spot_id=29878&view=1
109.206.182.60200 OK 2 B URL HTTP/2 btds.zog.link/in/va?spot_id=29878&view=1
IP 109.206.182.60:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /in/va?spot_id=29878&view=1 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 1840.0=1; expires=Thu, 08 Dec 2022 22:39:21 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
btds.zog.link/in/va?spot_id=29879&view=1
109.206.182.60200 OK 2 B URL HTTP/2 btds.zog.link/in/va?spot_id=29879&view=1
IP 109.206.182.60:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /in/va?spot_id=29879&view=1 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: application/json
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 1840.0=1; expires=Thu, 08 Dec 2022 22:39:21 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
btds.zog.link/in/va?spot_id=29880&view=1
109.206.182.60200 OK 2 B URL HTTP/2 btds.zog.link/in/va?spot_id=29880&view=1
IP 109.206.182.60:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /in/va?spot_id=29880&view=1 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:19 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 1840.0=1; expires=Thu, 08 Dec 2022 22:39:21 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8b110897aa79176527358e344c9a4e95
2180eee05784bc9f15c62abfc5591843e2a184a8
e7d55ea21dfd6d91e0f2bf532929036ca9a4a4573d20549a1fe02770c68dcd05
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 22:39:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:56:21 GMT
Expires: Wed, 14 Dec 2022 03:56:20 GMT
Etag: "2180eee05784bc9f15c62abfc5591843e2a184a8"
Cache-Control: max-age=536818,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7760c1bb5c17b50b-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8b110897aa79176527358e344c9a4e95
2180eee05784bc9f15c62abfc5591843e2a184a8
e7d55ea21dfd6d91e0f2bf532929036ca9a4a4573d20549a1fe02770c68dcd05
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 22:39:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:56:21 GMT
Expires: Wed, 14 Dec 2022 03:56:20 GMT
Etag: "2180eee05784bc9f15c62abfc5591843e2a184a8"
Cache-Control: max-age=536818,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7760c1bb595a0b61-OSL
tsyndicate.com/iframes2/b71f50c1b2a44028be65b867b4e7d559.html?subid=0&categories=Straight,Big%20Tits,MILF,Japanese,Asian,Creampie/Nakadashi,Teacher/Sensei,Step%20Fantasy
136.243.43.25200 OK 6.0 kB URL HTTP/2 tsyndicate.com/iframes2/b71f50c1b2a44028be65b867b4e7d559.html?subid=0&categories=Straight,Big%20Tits,MILF,Japanese,Asian,Creampie/Nakadashi,Teacher/Sensei,Step%20Fantasy
IP 136.243.43.25:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3765)
Hash 2c59e94175415b3b695058cdef86510f
0a646978e78d4dbaed7b5446c62113d8fabd4787
347b4b5bcfbb0d8038c7142cea3d05812833d11b683288c8df9e3909d8581ded
GET /iframes2/b71f50c1b2a44028be65b867b4e7d559.html?subid=0&categories=Straight,Big%20Tits,MILF,Japanese,Asian,Creampie/Nakadashi,Teacher/Sensei,Step%20Fantasy HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.tsyndicate.com/images/3/2/8da6b6b6f811e69664002590c57f96/main.jpg>; rel=preload; as=image
x-request-id: d6c9e2383731bbac
set-cookie: ts_uid=a7c1e7ab-83f1-4374-8672-31c3f6a6555b; expires=Wed, 07 Jun 2023 22:39:20 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/images/3/2/8da6b6b6f811e69664002590c57f96/main.jpg
8.254.252.210200 OK 12 kB URL HTTP/2 lcdn.tsyndicate.com/images/3/2/8da6b6b6f811e69664002590c57f96/main.jpg
IP 8.254.252.210:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 728x90, components 3\012- data
Hash bb76a290485b121f5331b09740d97cfb
08fc1fe3657dbe31c3cc0f429122b9257e67e866
7de96778a5221eb3d170f5f227aae0c81150a12388cc375145bea3b0b9c87ea5
GET /images/3/2/8da6b6b6f811e69664002590c57f96/main.jpg HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=a7c1e7ab-83f1-4374-8672-31c3f6a6555b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:21 GMT
content-type: image/jpeg
content-length: 12212
last-modified: Thu, 01 Oct 2020 09:38:06 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"5f75a37e-3006"
age: 15541879
accept-ranges: bytes
X-Firefox-Spdy: h2
1ed960d6ad.fa479896c7.com/in/multy
157.90.84.246200 OK 16 kB URL HTTP/2 1ed960d6ad.fa479896c7.com/in/multy
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (16280), with no line terminators
Hash 0cb97bca21ea154aef753513ef188739
c00767f2cc79f3816aead3b5553024138d4f7c3d
fa173d872ff192ea6545df4c8f7bfcc237caf744ef15cb2600131d27f028180e
Analyzer Verdict Alert quad9 Sinkholed
POST /in/multy HTTP/1.1
Host: 1ed960d6ad.fa479896c7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1251
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:21 GMT
content-type: application/json
content-length: 16287
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
1ed960d6ad.fa479896c7.com/in/show/?mid=3442475261868249994&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1238912481&sid=2424105939&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.05820886214384179&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.6.1&ver_c=&refdom=vjav.com&hostname=auc-inpage-hz-6-a&site_id=3150&spot_id=50&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-12-07&is_native=2&auction_queue=0&burl=LUsslhfkbYFoTUztVXjTG5OJejFiMElJyKM1tzJfhlaMZHLBSwX47Q&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5350&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.00990533516273072&placement_type_id=&skin_test=0&verify_hash=9adf2e85b77f7e0a9e7568ffb24e4648&score=81.30361258317298&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1238912481%26spot_id%3D50%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fvjav.com%252F%26idzone%3D4438152%26sid%3D1886&ml=&tag_ab=c&original_bid=0.0031&user_fp=0&v2_track=0&url=ptBe6fqLNtXWXYt0ScrKQYOHjjMyInqzLijFdSrtExtY1XhORy_wffAAuri9BEZ0tKvC32HrG_zJFEFb3s7voqSBMG49hNc8HOX5SEhykXWLPjV_YXRdhNbIYG9VKmz2lpwT76QB1DeBDLbbIwXstnyBkqOmAMoVrlXv49WkzJzEQAcWfQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=4&vertical_id=0&real_bid=0.00241924&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=Japanese,Adult&label_ids=89,4,83,0&mlc=1&mlf=1&cpa=c7af3cb0-4045-497c-a0c3-38a3838281b7&format=social-scale-b_r-body
157.90.84.246302 Found 0 B URL HTTP/2 1ed960d6ad.fa479896c7.com/in/show/?mid=3442475261868249994&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1238912481&sid=2424105939&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.05820886214384179&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.6.1&ver_c=&refdom=vjav.com&hostname=auc-inpage-hz-6-a&site_id=3150&spot_id=50&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-12-07&is_native=2&auction_queue=0&burl=LUsslhfkbYFoTUztVXjTG5OJejFiMElJyKM1tzJfhlaMZHLBSwX47Q&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5350&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.00990533516273072&placement_type_id=&skin_test=0&verify_hash=9adf2e85b77f7e0a9e7568ffb24e4648&score=81.30361258317298&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1238912481%26spot_id%3D50%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fvjav.com%252F%26idzone%3D4438152%26sid%3D1886&ml=&tag_ab=c&original_bid=0.0031&user_fp=0&v2_track=0&url=ptBe6fqLNtXWXYt0ScrKQYOHjjMyInqzLijFdSrtExtY1XhORy_wffAAuri9BEZ0tKvC32HrG_zJFEFb3s7voqSBMG49hNc8HOX5SEhykXWLPjV_YXRdhNbIYG9VKmz2lpwT76QB1DeBDLbbIwXstnyBkqOmAMoVrlXv49WkzJzEQAcWfQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=4&vertical_id=0&real_bid=0.00241924&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=Japanese,Adult&label_ids=89,4,83,0&mlc=1&mlf=1&cpa=c7af3cb0-4045-497c-a0c3-38a3838281b7&format=social-scale-b_r-body
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=3442475261868249994&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1238912481&sid=2424105939&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.05820886214384179&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.6.1&ver_c=&refdom=vjav.com&hostname=auc-inpage-hz-6-a&site_id=3150&spot_id=50&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-12-07&is_native=2&auction_queue=0&burl=LUsslhfkbYFoTUztVXjTG5OJejFiMElJyKM1tzJfhlaMZHLBSwX47Q&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5350&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.00990533516273072&placement_type_id=&skin_test=0&verify_hash=9adf2e85b77f7e0a9e7568ffb24e4648&score=81.30361258317298&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1238912481%26spot_id%3D50%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fvjav.com%252F%26idzone%3D4438152%26sid%3D1886&ml=&tag_ab=c&original_bid=0.0031&user_fp=0&v2_track=0&url=ptBe6fqLNtXWXYt0ScrKQYOHjjMyInqzLijFdSrtExtY1XhORy_wffAAuri9BEZ0tKvC32HrG_zJFEFb3s7voqSBMG49hNc8HOX5SEhykXWLPjV_YXRdhNbIYG9VKmz2lpwT76QB1DeBDLbbIwXstnyBkqOmAMoVrlXv49WkzJzEQAcWfQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=4&vertical_id=0&real_bid=0.00241924&pr=&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=Japanese,Adult&label_ids=89,4,83,0&mlc=1&mlf=1&cpa=c7af3cb0-4045-497c-a0c3-38a3838281b7&format=social-scale-b_r-body HTTP/1.1
Host: 1ed960d6ad.fa479896c7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:21 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XIEEMjh4wyOWC0uGFjjJkWNMLUyNEChxgxOFrMGJOjhg0aNsLckBFGhoiHc8SkIaNQxxYRMER0eRimzpiMNMrIsGFGzIyYJWWMQRkDB8scZDqOtCEDxlWVYmji-AmRjJ2FNx7CqSOGoowccSHCgbOQhowaDkXMgTNRBw0YOXAczvFwTBu-OmTgMFuxrZmFMmY8FOPGDUUbNnDY0CyijRuMDGfIKCvXNOoYNGJ0fVhHDhu7NW7YDFzHp46BdOjAmaPjxYs7El2wSeNmzYsxy8es-TGmR5k8StAkUfNmBpMhSuxsf4OniZ4sc5K4CZLmiRonObjUgQFjKvQ00of2aFijxRc4b6SRxxliUJGHEF_UcMcaTNDQxBRl0WEGG0vcAQMeS6hBAxtURBFEFmiQIccTUoixBh5G3LEEFVOEQcMXTVxBlBN5DCEGDCLC0MQdNyBhAxJpQBGFHnc4MYYbRRSxBhVM5NAGGWQ08UYbWpxRgwxOtMHGEVhI0QITbMhBxxdnVJEEEVJUkQZbZEyZkZhiyFFGZ2GI4cIYbjYWRmFbwMBCRTj86edfLMwAw1IiiHGZDjC4AENlctgB2Wwi1FHHmr_pNEYMZdxQZ0szmBEDSjPcQENLNuwkUwxjhJqTDYDVUNdDaUAmQg4xuBCSC3650BANbMnxRa0Z4apro73-ylYdYWQkpR5psMFGGC_U4CgIKFzBXJt3zAGCE1SAEEOjMOwAgrZu3GQuHuqCEClDMFgLQwogHFGGdG-8UNa4jz4KghFpyGkGeS-MKy9bYzz1mxNPsPWGsAlnxDBbbCgsQhFOsFmGHV_IeRtDud2Awwyh0feQHGd4FlkNOOR1EMdxLoRDoCK8_EUbb5CBmWiVifjGQqS9URQNcslBXh59nVzGosAJR5xxcMpJp514tvECW3NE-uYbdOz5cAt1uJEGHS3EMIMLZPj0EBkWH_RF2mzR0cZnN8BAw5Uk-SmC3L7FkKrdeNsAww0hMUVGx2UM9sWedAMuQ94Pbbw4GwjRUdQWM9CAaJ2F1bx0U2xMJFfFC-k9Bmow9KFAQA%3D%3D&s=28aee6fdefae81903b3a5c88bef9aeafbd06c12a33926195f5b8c9261f54acbd1670452760&w=t&r=1&d=8&priv=false
136.243.83.47200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XIEEMjh4wyOWC0uGFjjJkWNMLUyNEChxgxOFrMGJOjhg0aNsLckBFGhoiHc8SkIaNQxxYRMER0eRimzpiMNMrIsGFGzIyYJWWMQRkDB8scZDqOtCEDxlWVYmji-AmRjJ2FNx7CqSOGoowccSHCgbOQhowaDkXMgTNRBw0YOXAczvFwTBu-OmTgMFuxrZmFMmY8FOPGDUUbNnDY0CyijRuMDGfIKCvXNOoYNGJ0fVhHDhu7NW7YDFzHp46BdOjAmaPjxYs7El2wSeNmzYsxy8es-TGmR5k8StAkUfNmBpMhSuxsf4OniZ4sc5K4CZLmiRonObjUgQFjKvQ00of2aFijxRc4b6SRxxliUJGHEF_UcMcaTNDQxBRl0WEGG0vcAQMeS6hBAxtURBFEFmiQIccTUoixBh5G3LEEFVOEQcMXTVxBlBN5DCEGDCLC0MQdNyBhAxJpQBGFHnc4MYYbRRSxBhVM5NAGGWQ08UYbWpxRgwxOtMHGEVhI0QITbMhBxxdnVJEEEVJUkQZbZEyZkZhiyFFGZ2GI4cIYbjYWRmFbwMBCRTj86edfLMwAw1IiiHGZDjC4AENlctgB2Wwi1FHHmr_pNEYMZdxQZ0szmBEDSjPcQENLNuwkUwxjhJqTDYDVUNdDaUAmQg4xuBCSC3650BANbMnxRa0Z4apro73-ylYdYWQkpR5psMFGGC_U4CgIKFzBXJt3zAGCE1SAEEOjMOwAgrZu3GQuHuqCEClDMFgLQwogHFGGdG-8UNa4jz4KghFpyGkGeS-MKy9bYzz1mxNPsPWGsAlnxDBbbCgsQhFOsFmGHV_IeRtDud2Awwyh0feQHGd4FlkNOOR1EMdxLoRDoCK8_EUbb5CBmWiVifjGQqS9URQNcslBXh59nVzGosAJR5xxcMpJp514tvECW3NE-uYbdOz5cAt1uJEGHS3EMIMLZPj0EBkWH_RF2mzR0cZnN8BAw5Uk-SmC3L7FkKrdeNsAww0hMUVGx2UM9sWedAMuQ94Pbbw4GwjRUdQWM9CAaJ2F1bx0U2xMJFfFC-k9Bmow9KFAQA%3D%3D&s=28aee6fdefae81903b3a5c88bef9aeafbd06c12a33926195f5b8c9261f54acbd1670452760&w=t&r=1&d=8&priv=false
IP 136.243.83.47:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XIEEMjh4wyOWC0uGFjjJkWNMLUyNEChxgxOFrMGJOjhg0aNsLckBFGhoiHc8SkIaNQxxYRMER0eRimzpiMNMrIsGFGzIyYJWWMQRkDB8scZDqOtCEDxlWVYmji-AmRjJ2FNx7CqSOGoowccSHCgbOQhowaDkXMgTNRBw0YOXAczvFwTBu-OmTgMFuxrZmFMmY8FOPGDUUbNnDY0CyijRuMDGfIKCvXNOoYNGJ0fVhHDhu7NW7YDFzHp46BdOjAmaPjxYs7El2wSeNmzYsxy8es-TGmR5k8StAkUfNmBpMhSuxsf4OniZ4sc5K4CZLmiRonObjUgQFjKvQ00of2aFijxRc4b6SRxxliUJGHEF_UcMcaTNDQxBRl0WEGG0vcAQMeS6hBAxtURBFEFmiQIccTUoixBh5G3LEEFVOEQcMXTVxBlBN5DCEGDCLC0MQdNyBhAxJpQBGFHnc4MYYbRRSxBhVM5NAGGWQ08UYbWpxRgwxOtMHGEVhI0QITbMhBxxdnVJEEEVJUkQZbZEyZkZhiyFFGZ2GI4cIYbjYWRmFbwMBCRTj86edfLMwAw1IiiHGZDjC4AENlctgB2Wwi1FHHmr_pNEYMZdxQZ0szmBEDSjPcQENLNuwkUwxjhJqTDYDVUNdDaUAmQg4xuBCSC3650BANbMnxRa0Z4apro73-ylYdYWQkpR5psMFGGC_U4CgIKFzBXJt3zAGCE1SAEEOjMOwAgrZu3GQuHuqCEClDMFgLQwogHFGGdG-8UNa4jz4KghFpyGkGeS-MKy9bYzz1mxNPsPWGsAlnxDBbbCgsQhFOsFmGHV_IeRtDud2Awwyh0feQHGd4FlkNOOR1EMdxLoRDoCK8_EUbb5CBmWiVifjGQqS9URQNcslBXh59nVzGosAJR5xxcMpJp514tvECW3NE-uYbdOz5cAt1uJEGHS3EMIMLZPj0EBkWH_RF2mzR0cZnN8BAw5Uk-SmC3L7FkKrdeNsAww0hMUVGx2UM9sWedAMuQ94Pbbw4GwjRUdQWM9CAaJ2F1bx0U2xMJFfFC-k9Bmow9KFAQA%3D%3D&s=28aee6fdefae81903b3a5c88bef9aeafbd06c12a33926195f5b8c9261f54acbd1670452760&w=t&r=1&d=8&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=a7c1e7ab-83f1-4374-8672-31c3f6a6555b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 22:39:21 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
1ed960d6ad.fa479896c7.com/in/show/?mid=3442475261868249994&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1238912481&sid=2424105939&cid=2703&price=0.014&is_cpm=0&cpm=0&ecpm=0.10456494653246513&crid=49675&crtid=f4bc8cd691515e1eeae62c073e5070e3&tcid=0&out_id=0&ver=8.6.1&ver_c=&refdom=vjav.com&hostname=auc-inpage-hz-6-a&site_id=3150&spot_id=50&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1670510360&created_at=2022-12-07&is_native=1&auction_queue=0&burl=0hxKord8Olo65Fyp51XiUF-8ppIUK-1VTThadlDf8x1M8B-FH2MdPg&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7350&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0035962592270153055&placement_type_id=&skin_test=0&verify_hash=1909ad39f07dfd9476fd76555037a345&score=81.30361258317298&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1238912481%26spot_id%3D50%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fvjav.com%252F%26idzone%3D4438152%26sid%3D1886&ml=&tag_ab=c&original_bid=0.014&user_fp=0&v2_track=0&url=falxRFAaglxelE1IRU8B0oKTokcfgVcvbWSToGJ44tFtZr9Qummky4XOzb8HDQEcZw2vwVPpfY64yKiB7wQJ_rDTy9nZ49oKvMAndg7YjeqXsLKwTrEu88XHziqjIBJGvyvcB--dIPCcQJYqO_A5MmQpmRLhxeq3WeMROSxWwoGBVe41UF063r6T5iaOjecvBLx4xhu7CVXfR3Qi2aswZ0b22tYsqxZwlm1JxqdQsAEs1y29tJKvmXX4vJVI_-JW-iAPxlBCZ--tyehQbUIwqtffIrJyO6poUJYWQLnK8l_pjSrpiAEhP-H3dQe31oV9Wy44NuVKmgOoA3QuUFTzJr5-mBnZSKg3J0k-7VA_DJrSMTIrEPNgKI6M5ZmuVzHKJmdVwiSCm3tO5BPoD7wrp1u9RAk8pcUxnidQMRQtHvWPQrm4X-zsE0UDYkQlueQGdzlPK5vtV56d4mygU2ujQrhTQrafbqsbSX8jr9uquOqbnaUWMa7l4FRV9Vq0LYGnxR9zeJ8yWEwNAifwgGUi0X2ebG4EWt66rH6Wqhl0N1tQbOlFPMo1CM06qEWWEFIg8OX2OlmuQFlY90V-GWICyHpTeQKNms-yYQBDwDLWBhtMfAwY25hhQ1mjhwsAACgh6SdgpbIuVnWMEz824wcAXDHEISSpFV5j9gQU1IyD&image_url=https%3A%2F%2Fimgdelnw.com%2Fie%3Fv%3D4%26c%3Ddr4TUNxZBv0K8lZ07U5oIcg84tIXw4du0pyOYwTdhr2afZtmaB7Sy39hLtwD_MvYRrsyZYrz4yOBtwnNJ8Q_P4_vPecChVokx2q5Z_sGefoFAA6fGUlW8YSQH0Pzm9X5puxoSjVDK2BlW96qh6R5DN6F9wOzWKgZ8tDB1eQtYO9ruS32QRudAZx-0YkkpazdWvW4ljXKdB3BjLI1Sf5eESVj8jPNc2aCCMd-CRjBJms_SKpxUGRyXHZzZS4lJNJo4GfFbpA_Zo5hqLlKtqH5_NZP3TP1BxQDt4nROBPjfHVnSPWx73vjAmn7F7DMXQem0IVmKTf8qy4hh3HpOMMWmyqK-D33mcpDzEBh8l8jGz_4w7Wkf1hX1qBDZFztUBfuFnmP36xn8sXHUMhCoTQNBN4vrCUtLfFdVmNQg90kew%3D%3D&skin_id=4&vertical_id=5&real_bid=0.01197&pr=&user_keywords=&auc_type=1&aid=291&ext_cid=0&device_theme=light&keywords=Japanese,Adult&label_ids=4,90,5&cpa=a013f922-4801-4c1c-ab33-c5599a458559&format=social-scale-b_r-body
157.90.84.246200 OK 0 B URL HTTP/2 1ed960d6ad.fa479896c7.com/in/show/?mid=3442475261868249994&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1238912481&sid=2424105939&cid=2703&price=0.014&is_cpm=0&cpm=0&ecpm=0.10456494653246513&crid=49675&crtid=f4bc8cd691515e1eeae62c073e5070e3&tcid=0&out_id=0&ver=8.6.1&ver_c=&refdom=vjav.com&hostname=auc-inpage-hz-6-a&site_id=3150&spot_id=50&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1670510360&created_at=2022-12-07&is_native=1&auction_queue=0&burl=0hxKord8Olo65Fyp51XiUF-8ppIUK-1VTThadlDf8x1M8B-FH2MdPg&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7350&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0035962592270153055&placement_type_id=&skin_test=0&verify_hash=1909ad39f07dfd9476fd76555037a345&score=81.30361258317298&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1238912481%26spot_id%3D50%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fvjav.com%252F%26idzone%3D4438152%26sid%3D1886&ml=&tag_ab=c&original_bid=0.014&user_fp=0&v2_track=0&url=falxRFAaglxelE1IRU8B0oKTokcfgVcvbWSToGJ44tFtZr9Qummky4XOzb8HDQEcZw2vwVPpfY64yKiB7wQJ_rDTy9nZ49oKvMAndg7YjeqXsLKwTrEu88XHziqjIBJGvyvcB--dIPCcQJYqO_A5MmQpmRLhxeq3WeMROSxWwoGBVe41UF063r6T5iaOjecvBLx4xhu7CVXfR3Qi2aswZ0b22tYsqxZwlm1JxqdQsAEs1y29tJKvmXX4vJVI_-JW-iAPxlBCZ--tyehQbUIwqtffIrJyO6poUJYWQLnK8l_pjSrpiAEhP-H3dQe31oV9Wy44NuVKmgOoA3QuUFTzJr5-mBnZSKg3J0k-7VA_DJrSMTIrEPNgKI6M5ZmuVzHKJmdVwiSCm3tO5BPoD7wrp1u9RAk8pcUxnidQMRQtHvWPQrm4X-zsE0UDYkQlueQGdzlPK5vtV56d4mygU2ujQrhTQrafbqsbSX8jr9uquOqbnaUWMa7l4FRV9Vq0LYGnxR9zeJ8yWEwNAifwgGUi0X2ebG4EWt66rH6Wqhl0N1tQbOlFPMo1CM06qEWWEFIg8OX2OlmuQFlY90V-GWICyHpTeQKNms-yYQBDwDLWBhtMfAwY25hhQ1mjhwsAACgh6SdgpbIuVnWMEz824wcAXDHEISSpFV5j9gQU1IyD&image_url=https%3A%2F%2Fimgdelnw.com%2Fie%3Fv%3D4%26c%3Ddr4TUNxZBv0K8lZ07U5oIcg84tIXw4du0pyOYwTdhr2afZtmaB7Sy39hLtwD_MvYRrsyZYrz4yOBtwnNJ8Q_P4_vPecChVokx2q5Z_sGefoFAA6fGUlW8YSQH0Pzm9X5puxoSjVDK2BlW96qh6R5DN6F9wOzWKgZ8tDB1eQtYO9ruS32QRudAZx-0YkkpazdWvW4ljXKdB3BjLI1Sf5eESVj8jPNc2aCCMd-CRjBJms_SKpxUGRyXHZzZS4lJNJo4GfFbpA_Zo5hqLlKtqH5_NZP3TP1BxQDt4nROBPjfHVnSPWx73vjAmn7F7DMXQem0IVmKTf8qy4hh3HpOMMWmyqK-D33mcpDzEBh8l8jGz_4w7Wkf1hX1qBDZFztUBfuFnmP36xn8sXHUMhCoTQNBN4vrCUtLfFdVmNQg90kew%3D%3D&skin_id=4&vertical_id=5&real_bid=0.01197&pr=&user_keywords=&auc_type=1&aid=291&ext_cid=0&device_theme=light&keywords=Japanese,Adult&label_ids=4,90,5&cpa=a013f922-4801-4c1c-ab33-c5599a458559&format=social-scale-b_r-body
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=3442475261868249994&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1238912481&sid=2424105939&cid=2703&price=0.014&is_cpm=0&cpm=0&ecpm=0.10456494653246513&crid=49675&crtid=f4bc8cd691515e1eeae62c073e5070e3&tcid=0&out_id=0&ver=8.6.1&ver_c=&refdom=vjav.com&hostname=auc-inpage-hz-6-a&site_id=3150&spot_id=50&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1670510360&created_at=2022-12-07&is_native=1&auction_queue=0&burl=0hxKord8Olo65Fyp51XiUF-8ppIUK-1VTThadlDf8x1M8B-FH2MdPg&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7350&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0035962592270153055&placement_type_id=&skin_test=0&verify_hash=1909ad39f07dfd9476fd76555037a345&score=81.30361258317298&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1238912481%26spot_id%3D50%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fvjav.com%252F%26idzone%3D4438152%26sid%3D1886&ml=&tag_ab=c&original_bid=0.014&user_fp=0&v2_track=0&url=falxRFAaglxelE1IRU8B0oKTokcfgVcvbWSToGJ44tFtZr9Qummky4XOzb8HDQEcZw2vwVPpfY64yKiB7wQJ_rDTy9nZ49oKvMAndg7YjeqXsLKwTrEu88XHziqjIBJGvyvcB--dIPCcQJYqO_A5MmQpmRLhxeq3WeMROSxWwoGBVe41UF063r6T5iaOjecvBLx4xhu7CVXfR3Qi2aswZ0b22tYsqxZwlm1JxqdQsAEs1y29tJKvmXX4vJVI_-JW-iAPxlBCZ--tyehQbUIwqtffIrJyO6poUJYWQLnK8l_pjSrpiAEhP-H3dQe31oV9Wy44NuVKmgOoA3QuUFTzJr5-mBnZSKg3J0k-7VA_DJrSMTIrEPNgKI6M5ZmuVzHKJmdVwiSCm3tO5BPoD7wrp1u9RAk8pcUxnidQMRQtHvWPQrm4X-zsE0UDYkQlueQGdzlPK5vtV56d4mygU2ujQrhTQrafbqsbSX8jr9uquOqbnaUWMa7l4FRV9Vq0LYGnxR9zeJ8yWEwNAifwgGUi0X2ebG4EWt66rH6Wqhl0N1tQbOlFPMo1CM06qEWWEFIg8OX2OlmuQFlY90V-GWICyHpTeQKNms-yYQBDwDLWBhtMfAwY25hhQ1mjhwsAACgh6SdgpbIuVnWMEz824wcAXDHEISSpFV5j9gQU1IyD&image_url=https%3A%2F%2Fimgdelnw.com%2Fie%3Fv%3D4%26c%3Ddr4TUNxZBv0K8lZ07U5oIcg84tIXw4du0pyOYwTdhr2afZtmaB7Sy39hLtwD_MvYRrsyZYrz4yOBtwnNJ8Q_P4_vPecChVokx2q5Z_sGefoFAA6fGUlW8YSQH0Pzm9X5puxoSjVDK2BlW96qh6R5DN6F9wOzWKgZ8tDB1eQtYO9ruS32QRudAZx-0YkkpazdWvW4ljXKdB3BjLI1Sf5eESVj8jPNc2aCCMd-CRjBJms_SKpxUGRyXHZzZS4lJNJo4GfFbpA_Zo5hqLlKtqH5_NZP3TP1BxQDt4nROBPjfHVnSPWx73vjAmn7F7DMXQem0IVmKTf8qy4hh3HpOMMWmyqK-D33mcpDzEBh8l8jGz_4w7Wkf1hX1qBDZFztUBfuFnmP36xn8sXHUMhCoTQNBN4vrCUtLfFdVmNQg90kew%3D%3D&skin_id=4&vertical_id=5&real_bid=0.01197&pr=&user_keywords=&auc_type=1&aid=291&ext_cid=0&device_theme=light&keywords=Japanese,Adult&label_ids=4,90,5&cpa=a013f922-4801-4c1c-ab33-c5599a458559&format=social-scale-b_r-body HTTP/1.1
Host: 1ed960d6ad.fa479896c7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:21 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aeb6c94161e6f7437b52f67fe5e1fd0c
6ef407bf2c55c5a545d3471babd8baed4b8166cd
703abbe16e072103f30d0958c80343fca4eff6ce2dba31a421d38af50c784b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "703ABBE16E072103F30D0958C80343FCA4EFF6CE2DBA31A421D38AF50C784B33"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11411
Expires: Thu, 08 Dec 2022 01:49:32 GMT
Date: Wed, 07 Dec 2022 22:39:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aeb6c94161e6f7437b52f67fe5e1fd0c
6ef407bf2c55c5a545d3471babd8baed4b8166cd
703abbe16e072103f30d0958c80343fca4eff6ce2dba31a421d38af50c784b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "703ABBE16E072103F30D0958C80343FCA4EFF6CE2DBA31A421D38AF50C784B33"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11411
Expires: Thu, 08 Dec 2022 01:49:32 GMT
Date: Wed, 07 Dec 2022 22:39:21 GMT
Connection: keep-alive
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
138.201.236.216200 OK 590 B URL HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP 138.201.236.216:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 22:39:21 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
imgdelnw.com/ie?v=4&c=dr4TUNxZBv0K8lZ07U5oIcg84tIXw4du0pyOYwTdhr2afZtmaB7Sy39hLtwD_MvYRrsyZYrz4yOBtwnNJ8Q_P4_vPecChVokx2q5Z_sGefoFAA6fGUlW8YSQH0Pzm9X5puxoSjVDK2BlW96qh6R5DN6F9wOzWKgZ8tDB1eQtYO9ruS32QRudAZx-0YkkpazdWvW4ljXKdB3BjLI1Sf5eESVj8jPNc2aCCMd-CRjBJms_SKpxUGRyXHZzZS4lJNJo4GfFbpA_Zo5hqLlKtqH5_NZP3TP1BxQDt4nROBPjfHVnSPWx73vjAmn7F7DMXQem0IVmKTf8qy4hh3HpOMMWmyqK-D33mcpDzEBh8l8jGz_4w7Wkf1hX1qBDZFztUBfuFnmP36xn8sXHUMhCoTQNBN4vrCUtLfFdVmNQg90kew==
138.201.194.90301 Moved Permanently 0 B URL HTTP/1.1 imgdelnw.com/ie?v=4&c=dr4TUNxZBv0K8lZ07U5oIcg84tIXw4du0pyOYwTdhr2afZtmaB7Sy39hLtwD_MvYRrsyZYrz4yOBtwnNJ8Q_P4_vPecChVokx2q5Z_sGefoFAA6fGUlW8YSQH0Pzm9X5puxoSjVDK2BlW96qh6R5DN6F9wOzWKgZ8tDB1eQtYO9ruS32QRudAZx-0YkkpazdWvW4ljXKdB3BjLI1Sf5eESVj8jPNc2aCCMd-CRjBJms_SKpxUGRyXHZzZS4lJNJo4GfFbpA_Zo5hqLlKtqH5_NZP3TP1BxQDt4nROBPjfHVnSPWx73vjAmn7F7DMXQem0IVmKTf8qy4hh3HpOMMWmyqK-D33mcpDzEBh8l8jGz_4w7Wkf1hX1qBDZFztUBfuFnmP36xn8sXHUMhCoTQNBN4vrCUtLfFdVmNQg90kew==
IP 138.201.194.90:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=dr4TUNxZBv0K8lZ07U5oIcg84tIXw4du0pyOYwTdhr2afZtmaB7Sy39hLtwD_MvYRrsyZYrz4yOBtwnNJ8Q_P4_vPecChVokx2q5Z_sGefoFAA6fGUlW8YSQH0Pzm9X5puxoSjVDK2BlW96qh6R5DN6F9wOzWKgZ8tDB1eQtYO9ruS32QRudAZx-0YkkpazdWvW4ljXKdB3BjLI1Sf5eESVj8jPNc2aCCMd-CRjBJms_SKpxUGRyXHZzZS4lJNJo4GfFbpA_Zo5hqLlKtqH5_NZP3TP1BxQDt4nROBPjfHVnSPWx73vjAmn7F7DMXQem0IVmKTf8qy4hh3HpOMMWmyqK-D33mcpDzEBh8l8jGz_4w7Wkf1hX1qBDZFztUBfuFnmP36xn8sXHUMhCoTQNBN4vrCUtLfFdVmNQg90kew== HTTP/1.1
Host: imgdelnw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Wed, 07 Dec 2022 22:39:21 GMT
content-length: 0
location: https://img.vmmcdn.com/get/96038712/71049_image.png
x-app-id: 14
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 98f40e255b435f5aae33cf7f28b2f30c
0ebeb82975f83ee49450c80bbdc1b7261d3548ab
9d5e5e03cc0b23d75f687683ae1c39f564743a5cafc6d8e38e741052a0f01c30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D5E5E03CC0B23D75F687683AE1C39F564743A5CAFC6D8E38E741052A0F01C30"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10980
Expires: Thu, 08 Dec 2022 01:42:21 GMT
Date: Wed, 07 Dec 2022 22:39:21 GMT
Connection: keep-alive
imgdelnw.com/ie?v=4&c=SbvaU0acCfYdsuIQefu-DK6raRSF-qYXlgUsB2gGyo9M26h5VcPCTabZ0eT-RoOCRFkU6KRyB1oLz2R4zquxBtat0dDpnfV8FFre0zjN5Z7PC_BxCO4bPQCLCgY5hPPmB4f1mRNH4rGbFc10OO9tE40VVAoPr9K0auK6UHpg9MssNLzDLR4OIihsXPXiTJ1840i42uVDaEK42PDIWMrlH-ExHvMbYSUGTz2QIqQuf_YN7FqM8ZOCJrMTUxPhsRS8tHaiokJWpk1pZ007g6yprCVh5UUTBRF4PyRvfj9CfydE-nH2O6ooIU452Vx6Ck31Jmpqd3iuW5FRyy5btyWMcJWbPtZ47w0P3XecefQAGlADTnR2ADuLUwgfswyDESzzX2WmAuUo3B8zAOZSBGElJPkH1kFn_QYzorRVFLqP&v1=457&v2=49675&cpa=ab863794-dd0e-41db-ab24-909b474c6931&format=social-scale-b_r-body
138.201.194.90301 Moved Permanently 0 B URL HTTP/1.1 imgdelnw.com/ie?v=4&c=SbvaU0acCfYdsuIQefu-DK6raRSF-qYXlgUsB2gGyo9M26h5VcPCTabZ0eT-RoOCRFkU6KRyB1oLz2R4zquxBtat0dDpnfV8FFre0zjN5Z7PC_BxCO4bPQCLCgY5hPPmB4f1mRNH4rGbFc10OO9tE40VVAoPr9K0auK6UHpg9MssNLzDLR4OIihsXPXiTJ1840i42uVDaEK42PDIWMrlH-ExHvMbYSUGTz2QIqQuf_YN7FqM8ZOCJrMTUxPhsRS8tHaiokJWpk1pZ007g6yprCVh5UUTBRF4PyRvfj9CfydE-nH2O6ooIU452Vx6Ck31Jmpqd3iuW5FRyy5btyWMcJWbPtZ47w0P3XecefQAGlADTnR2ADuLUwgfswyDESzzX2WmAuUo3B8zAOZSBGElJPkH1kFn_QYzorRVFLqP&v1=457&v2=49675&cpa=ab863794-dd0e-41db-ab24-909b474c6931&format=social-scale-b_r-body
IP 138.201.194.90:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=SbvaU0acCfYdsuIQefu-DK6raRSF-qYXlgUsB2gGyo9M26h5VcPCTabZ0eT-RoOCRFkU6KRyB1oLz2R4zquxBtat0dDpnfV8FFre0zjN5Z7PC_BxCO4bPQCLCgY5hPPmB4f1mRNH4rGbFc10OO9tE40VVAoPr9K0auK6UHpg9MssNLzDLR4OIihsXPXiTJ1840i42uVDaEK42PDIWMrlH-ExHvMbYSUGTz2QIqQuf_YN7FqM8ZOCJrMTUxPhsRS8tHaiokJWpk1pZ007g6yprCVh5UUTBRF4PyRvfj9CfydE-nH2O6ooIU452Vx6Ck31Jmpqd3iuW5FRyy5btyWMcJWbPtZ47w0P3XecefQAGlADTnR2ADuLUwgfswyDESzzX2WmAuUo3B8zAOZSBGElJPkH1kFn_QYzorRVFLqP&v1=457&v2=49675&cpa=ab863794-dd0e-41db-ab24-909b474c6931&format=social-scale-b_r-body HTTP/1.1
Host: imgdelnw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Wed, 07 Dec 2022 22:39:21 GMT
content-length: 0
location: https://img.vmmcdn.com/get/54661559/71049_icon.png
x-app-id: 14
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f9c80b79c5d2d9b9feca6fb937fdcf3
89e9710036abd84832f5ee6ea8f5de72b83f2c40
8fdfd9eb70cba4af5aa40a337618f45f545b26a0ce757d165de55c76946cac7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FDFD9EB70CBA4AF5AA40A337618F45F545B26A0CE757D165DE55C76946CAC7A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4638
Expires: Wed, 07 Dec 2022 23:56:39 GMT
Date: Wed, 07 Dec 2022 22:39:21 GMT
Connection: keep-alive
img.vmmcdn.com/get/96038712/71049_image.png
138.201.51.142200 OK 50 kB URL HTTP/1.1 img.vmmcdn.com/get/96038712/71049_image.png
IP 138.201.51.142:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 720x480, components 3\012- data
Hash 8a623e2c2f5ff57ac200c617f80c2f61
84ee241dd3a6463395147b596772ef9433318dba
07be740dcfd3eabc34ded2b37bbd9cbb761160504c578b172af50242e1ce6a8f
GET /get/96038712/71049_image.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 22:39:21 GMT
Content-Type: image/png
Content-Length: 50495
Connection: keep-alive
Last-Modified: Sat, 27 Nov 2021 11:12:16 GMT
Cache-Control: public, max-age=604800
ETag: "61a21290-c53f"
X-Proxy-Cache: HIT
Accept-Ranges: bytes
js.wpshsdk.com/npc/sdk/push/styles.css
45.133.44.25200 OK 1.1 kB URL HTTP/2 js.wpshsdk.com/npc/sdk/push/styles.css
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (3179)
Hash 8b9ea1eb5d343e9b1a1cbad3e939a8bf
899569fab9911b7b19b52c9d97c60d79788e7f88
a3e6a9faf6478398b86d012a368e73db642af966339817fae27acfa645e61c86
GET /npc/sdk/push/styles.css HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:21 GMT
content-type: text/css
server: nginx/1.18.0
last-modified: Tue, 30 Aug 2022 09:15:33 GMT
etag: W/"630dd535-10f4"
content-encoding: gzip
expires: Wed, 07 Dec 2022 22:44:21 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
img.vmmcdn.com/get/54661559/71049_icon.png
138.201.51.142200 OK 77 kB URL HTTP/1.1 img.vmmcdn.com/get/54661559/71049_icon.png
IP 138.201.51.142:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e40bebadddf9f24d3473604087b72b61
9b18cd68b37aa261fd07341fa561f31621451138
b09761af91e52adb991dcaa32c2c407f222f91b2aa188296ae124082a5ea1ef9
GET /get/54661559/71049_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 22:39:21 GMT
Content-Type: image/png
Content-Length: 77160
Connection: keep-alive
Last-Modified: Sat, 27 Nov 2021 11:12:16 GMT
Cache-Control: public, max-age=604800
ETag: "61a21290-12d68"
X-Proxy-Cache: HIT
Accept-Ranges: bytes
rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoyNDM0MCwidHlwZSI6InBvcCIsImlkem9uZSI6MSwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MjQzNDAsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIyNDM0MCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NjI0Mzl9fQ==
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoyNDM0MCwidHlwZSI6InBvcCIsImlkem9uZSI6MSwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MjQzNDAsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIyNDM0MCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NjI0Mzl9fQ==
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoyNDM0MCwidHlwZSI6InBvcCIsImlkem9uZSI6MSwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MjQzNDAsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIyNDM0MCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NjI0Mzl9fQ== HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:22 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=9211311309057302760&pid=0&site=24340&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-10&site_id=0&spot_id=24340&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=99&ml=&tag_ab=&ttl=&space_id=24340&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D24340%26source%3D0%26idzone%3D1%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D24340%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DStraight%252CBig%2520Tits%252CMILF%252CJapanese%252CAsian%252CCreampie%252FNakadashi%252CTeacher%252FSensei%252CStep%2520Fantasy%26spot_id%3D24340%26p%3Dhttps%253A%252F%252Fvjav.com%252Fvideos%252F181898%252Fjapanese-mom-seduce-daugther-s-teacher%252F%26katds_labels%3D%26btype%3D0%26score%3D99%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=9211311309057302760&pid=0&site=24340&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-10&site_id=0&spot_id=24340&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=99&ml=&tag_ab=&ttl=&space_id=24340&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D24340%26source%3D0%26idzone%3D1%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D24340%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DStraight%252CBig%2520Tits%252CMILF%252CJapanese%252CAsian%252CCreampie%252FNakadashi%252CTeacher%252FSensei%252CStep%2520Fantasy%26spot_id%3D24340%26p%3Dhttps%253A%252F%252Fvjav.com%252Fvideos%252F181898%252Fjapanese-mom-seduce-daugther-s-teacher%252F%26katds_labels%3D%26btype%3D0%26score%3D99%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=9211311309057302760&pid=0&site=24340&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-10&site_id=0&spot_id=24340&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=99&ml=&tag_ab=&ttl=&space_id=24340&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D24340%26source%3D0%26idzone%3D1%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D24340%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DStraight%252CBig%2520Tits%252CMILF%252CJapanese%252CAsian%252CCreampie%252FNakadashi%252CTeacher%252FSensei%252CStep%2520Fantasy%26spot_id%3D24340%26p%3Dhttps%253A%252F%252Fvjav.com%252Fvideos%252F181898%252Fjapanese-mom-seduce-daugther-s-teacher%252F%26katds_labels%3D%26btype%3D0%26score%3D99%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=9211311309057302760&pid=0&site=24340&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=vjav.com&hostname=auc-banner-hz-10&site_id=0&spot_id=24340&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=99&ml=&tag_ab=&ttl=&space_id=24340&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D24340%26source%3D0%26idzone%3D1%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D24340%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DStraight%252CBig%2520Tits%252CMILF%252CJapanese%252CAsian%252CCreampie%252FNakadashi%252CTeacher%252FSensei%252CStep%2520Fantasy%26spot_id%3D24340%26p%3Dhttps%253A%252F%252Fvjav.com%252Fvideos%252F181898%252Fjapanese-mom-seduce-daugther-s-teacher%252F%26katds_labels%3D%26btype%3D0%26score%3D99%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&stratagem=&ssp=3756 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vjav.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:22 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=24340&source=0&idzone=1&w=1&h=1&mo=&ve=&site_id=24340&utm1=&utm2=&utm3=&utm4=&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&spot_id=24340&p=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&katds_labels=&btype=0&score=99&bf=0.0001
X-Firefox-Spdy: h2
btds.zog.link/in/912/?sid=24340&source=0&idzone=1&w=1&h=1&mo=&ve=&site_id=24340&utm1=&utm2=&utm3=&utm4=&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&spot_id=24340&p=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&katds_labels=&btype=0&score=99&bf=0.0001
109.206.182.60302 Found 0 B URL HTTP/2 btds.zog.link/in/912/?sid=24340&source=0&idzone=1&w=1&h=1&mo=&ve=&site_id=24340&utm1=&utm2=&utm3=&utm4=&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&spot_id=24340&p=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&katds_labels=&btype=0&score=99&bf=0.0001
IP 109.206.182.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/912/?sid=24340&source=0&idzone=1&w=1&h=1&mo=&ve=&site_id=24340&utm1=&utm2=&utm3=&utm4=&ad_tags=Straight%2CBig%20Tits%2CMILF%2CJapanese%2CAsian%2CCreampie%2FNakadashi%2CTeacher%2FSensei%2CStep%20Fantasy&spot_id=24340&p=https%3A%2F%2Fvjav.com%2Fvideos%2F181898%2Fjapanese-mom-seduce-daugther-s-teacher%2F&katds_labels=&btype=0&score=99&bf=0.0001 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vjav.com/
Connection: keep-alive
Cookie: 952.0=1; 912.0=1; 1624.0=1; 1625.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:22 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://cdn.1vag.com/1x1.png
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 912.0=1; expires=Thu, 08 Dec 2022 22:39:22 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 695bf85d4ffb7a022bd5b74b00b81329
44234d001d7d4f4b6e61682a3dda0a9b33f43561
e7d20f837d4ca634e3e904eb54018f7d5a6a25fa8c46d38b325a07ffd0029ece
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7D20F837D4CA634E3E904EB54018F7D5A6A25FA8C46D38B325A07FFD0029ECE"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2953
Expires: Wed, 07 Dec 2022 23:28:36 GMT
Date: Wed, 07 Dec 2022 22:39:23 GMT
Connection: keep-alive
cdn.1vag.com/1x1.png
45.133.44.25200 OK 68 B IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /1x1.png HTTP/1.1
Host: cdn.1vag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vjav.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:23 GMT
content-type: image/png
content-length: 68
server: nginx/1.20.1
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: e0cea73041c202c45e6ab3a8b14597f5
expires: Wed, 07 Dec 2022 23:39:23 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg4MCwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDgwOCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4ODAsIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6NSwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTZ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIyOTg4MCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0NDN9fQ==
162.55.139.130200 OK 0 B URL HTTP/2 rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg4MCwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDgwOCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4ODAsIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6NSwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTZ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIyOTg4MCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0NDN9fQ==
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg4MCwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDgwOCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4ODAsIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6NSwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTZ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIyOTg4MCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0NDN9fQ== HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
a.exosrv.com/ads.js
185.76.9.16200 OK 0 B IP 185.76.9.16:0
ASN #60068 Datacamp Limited
GET /ads.js HTTP/1.1
Host: a.exosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:18 GMT
content-type: application/javascript
etag: W/"b60fdcc211f42a1f246a8c80b56"
expires: Tue, 06 Dec 2022 16:39:09 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1670452804
server: CDN77-Turbo
x-77-nzt: AblMCQ02Bwz/AioAAA
x-77-nzt-ray: c0a4cc283e48e73e161691633b667626
x-cache: HIT
x-age: 10754
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
vast.yomeno.xyz/vast
109.206.176.75200 OK 0 B IP 109.206.176.75:0
POST /vast HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json; charset=utf-8
Content-Length: 581
Origin: https://vjav.com
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
access-control-allow-credentials: true
access-control-allow-origin: https://vjav.com
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NSwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2MiwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzUsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzUiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ1fX0=
162.55.139.130200 OK 0 B URL HTTP/2 rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NSwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2MiwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzUsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzUiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ1fX0=
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NSwidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2MiwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzUsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzUiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ1fX0= HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
vjav.com/videos/181898/japanese-mom-seduce-daugther-s-teacher/
172.64.194.7200 OK 0 B URL HTTP/2 vjav.com/videos/181898/japanese-mom-seduce-daugther-s-teacher/
IP 172.64.194.7:0
GET /videos/181898/japanese-mom-seduce-daugther-s-teacher/ HTTP/1.1
Host: vjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
access-control-allow-origin: *
set-cookie: kt_lang=en; expires=Sat, 02-Dec-2023 22:39:20 GMT; Max-Age=31104000; path=/; domain=.vjav.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kv%2FjTChmRKHPBc68E6la3p9bkclihiuBurcNlyF%2FC%2FghlJPo%2BId0eo6jNzZSkZZkjsyorYULUS0J0MUjL2K56hFOzqrrJt%2FiTg%2BJurRTGxLmNe4vu%2B2rPt6Og%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7760c1a8ca1a775c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NywidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2OCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzcsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzciLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ4fX0=
162.55.139.130200 OK 0 B URL HTTP/2 rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NywidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2OCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzcsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzciLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ4fX0=
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjoyOTg3NywidHlwZSI6InBvcCIsImlkem9uZSI6MTkyMDc2OCwiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4NzcsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMjk4NzciLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdmphdi5jb20vdmlkZW9zLzE4MTg5OC9qYXBhbmVzZS1tb20tc2VkdWNlLWRhdWd0aGVyLXMtdGVhY2hlci8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjcwNDUyNzU5NDQ4fX0= HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk3LCJzcGFjZWlkIjoyOTg4NCwidHlwZSI6InBvcCIsImlkem9uZSI6MzY2OTc2MywiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4ODQsIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MTIsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjcyOCwiaCI6OTB9fV0sInNpdGUiOnsiaWQiOiIyOTg4NCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0Mzh9fQ==
162.55.139.130200 OK 0 B URL HTTP/2 rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk3LCJzcGFjZWlkIjoyOTg4NCwidHlwZSI6InBvcCIsImlkem9uZSI6MzY2OTc2MywiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4ODQsIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MTIsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjcyOCwiaCI6OTB9fV0sInNpdGUiOnsiaWQiOiIyOTg4NCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0Mzh9fQ==
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk3LCJzcGFjZWlkIjoyOTg4NCwidHlwZSI6InBvcCIsImlkem9uZSI6MzY2OTc2MywiYWRfdGFncyI6IlN0cmFpZ2h0JTJDQmlnJTIwVGl0cyUyQ01JTEYlMkNKYXBhbmVzZSUyQ0FzaWFuJTJDQ3JlYW1waWUlMkZOYWthZGFzaGklMkNUZWFjaGVyJTJGU2Vuc2VpJTJDU3RlcCUyMEZhbnRhc3kiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6Mjk4ODQsIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MTIsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU2fSwiYmFubmVyIjp7InciOjcyOCwiaCI6OTB9fV0sInNpdGUiOnsiaWQiOiIyOTg4NCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly92amF2LmNvbS92aWRlb3MvMTgxODk4L2phcGFuZXNlLW1vbS1zZWR1Y2UtZGF1Z3RoZXItcy10ZWFjaGVyLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NzA0NTI3NTk0Mzh9fQ== HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
sw.wpu.sh/npc/sdk/common/service-worker.js
45.133.44.24200 OK 0 B URL HTTP/2 sw.wpu.sh/npc/sdk/common/service-worker.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/common/service-worker.js HTTP/1.1
Host: sw.wpu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vjav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 07 Dec 2022 09:51:40 GMT
etag: W/"6390622c-158c"
content-encoding: gzip
expires: Wed, 07 Dec 2022 22:44:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/common/core.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/common/core.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/common/core.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vjav.com/
Origin: https://vjav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:20 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 07 Dec 2022 09:51:40 GMT
etag: W/"6390622c-18792"
content-encoding: gzip
expires: Wed, 07 Dec 2022 22:44:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sw.wpu.sh/npc/sdk/common/service-worker.js
45.133.44.25200 OK 0 B URL HTTP/2 sw.wpu.sh/npc/sdk/common/service-worker.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/common/service-worker.js HTTP/1.1
Host: sw.wpu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 22:39:21 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 07 Dec 2022 09:51:40 GMT
etag: W/"6390622c-158c"
content-encoding: gzip
expires: Wed, 07 Dec 2022 22:44:21 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2