Report - anfillada.ru/seks-mami-m-sina.html

Report Overview

Visited public
2024-08-12 15:18:21
Tags
URL
anfillada.ru/seks-mami-m-sina.html
Finishing URL
anfillada.ru/seks-mami-m-sina.html
IP / ASN
172.67.213.166
#13335 CLOUDFLARENET
Title
Русское порно: мама и сын это инцест? лучший

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Sent	Received	IP
cs10.ipoldest.com	unknown	944 B	37 kB	193.200.65.12
gsimvqfghc.com	unknown	1.0 kB	106 kB	116.202.32.33
pushadvert.bid	unknown	417 B	468 B	185.177.94.180
c.checkporno.link	unknown	1.4 kB	97 kB	104.26.14.18
o.pki.goog	unknown	2.0 kB	4.2 kB	142.250.74.131
st.365ittictic.com	unknown	474 B	428 kB	185.76.9.19
pics.365-cdn.com	unknown	470 B	36 kB	185.76.9.19
r11.o.lencr.org	unknown	654 B	1.8 kB	23.33.119.27
fap-guru.pro	268482	423 B	47 kB	104.21.74.111
octo25.me	unknown	964 B	81 kB	188.114.96.1
r10.o.lencr.org	unknown	2.6 kB	7.1 kB	23.33.119.57
s1.rusvideos.mobi	unknown	526 B	46 kB	104.27.206.87
newrotatormarch23.bid	unknown	918 B	26 kB	95.216.65.102
drankticket.com	unknown	406 B	2.5 kB	193.200.64.24
fonts.googleapis.com	8877	532 B	5.6 kB	142.250.74.106
you.pornobolt.live	unknown	515 B	50 kB	104.26.14.171
static.rusvideos.vip	unknown	517 B	53 kB	104.27.202.88
ebalka.tube	unknown	1.4 kB	34 kB	104.26.7.161
fonts.gstatic.com	unknown	2.2 kB	55 kB	216.58.207.227
img.24xxx.love	unknown	436 B	77 kB	188.114.97.1
img.porno666.work	unknown	477 B	19 kB	51.158.156.126
www.ebalka.link	unknown	1.4 kB	43 kB	104.26.2.22
ipoldest.com	unknown	876 B	31 kB	193.200.65.68
sexmamki.org	unknown	397 B	0 B	0.0.0.0
img.pvvstream.pro	unknown	2.2 kB	160 kB	172.67.69.254
anfillada.ru	unknown	6.6 kB	277 kB	172.67.213.166
super.rusvideos.co	unknown	518 B	39 kB	172.67.68.26
cs11.ipoldest.com	unknown	953 B	32 kB	193.200.65.13
mamochki.info	unknown	398 B	0 B	0.0.0.0
st.ebtictic.com	unknown	1.4 kB	94 kB	185.76.9.18
st.tiictiictiir.com	unknown	467 B	33 kB	185.76.9.22
sex-studentki.live	217963	435 B	128 kB	172.67.195.245

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-08-12	medium	gsimvqfghc.com	Sinkholed
2024-08-12	medium	gsimvqfghc.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	From	Size	First Seen	Last Seen
	anfillada.ru/seks-mami-m-sina.html	ScriptElement	2.2 kB	2024-08-19	2024-08-19
Pretty URL anfillada.ru/seks-mami-m-sina.html IP 172.67.213.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 13:42 Last Seen2024-08-19 13:42 Times Seen1 Hash 720b4874ba053084de4fda3762c6469a d481be2ba7582879720b15bb8ff8b8a5c82cb8cf bc7bab169ef6268384f533a0007802b62fc134d05433a0dc3a8550054cce4cd5 Loading...

	newrotatormarch23.bid/13ph6.min.js?e3a7cc2	ScriptElement	76 kB	2024-07-20	2025-06-17
Pretty URL newrotatormarch23.bid/13ph6.min.js?e3a7cc2 IP 95.216.65.102 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-20 20:49 Last Seen2025-06-17 02:36 Times Seen25 Hash ddc2e47a290747e40a6657633a9006cc dd8718108b1f434afbd5662d42f63469acb417dc d9be6490b4b510322526bea21a050c61e238d629060e13c2b62fe47f4e997b88 Loading...

	unknown	ScriptElement	120 B	2024-08-19	2024-12-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 13:42 Last Seen2024-12-14 03:49 Times Seen4 Hash 14f4ceeddfb79741d5a3333c3bc40ddc 9ee06cf4a488fde888f49e7e0ae6e8d7ae67c55f 52976d08fd66ce9a52702d206c9d192b09703e8d05d697604de08ce88753d96f Loading...

	anfillada.ru/wp-content/themes/popularis/assets/js/customscript.js?ver=1.0.13	ScriptElement	3.2 kB	2023-03-13	2025-06-16
Pretty URL anfillada.ru/wp-content/themes/popularis/assets/js/customscript.js?ver=1.0.13 IP 172.67.213.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:06 Last Seen2025-06-16 06:29 Times Seen21 Hash ad64afe982a5d54e23191d24ac58fa4c 9517c383c90b0a1baacb19e1082f6300ae8368e5 e77f3fb3db221080063ae05da7ed2c414390248bc747aa1e83504a961e5f15ba Loading...

	gsimvqfghc.com/script.js	ScriptElement	105 kB	2024-07-20	2025-03-11
Pretty URL gsimvqfghc.com/script.js IP 116.202.32.33 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-20 20:49 Last Seen2025-03-11 19:56 Times Seen16 Hash e5fe79b50ef34a0b3c2d0378d2942e30 4d449a376c9dc8033b4df8a5965c694de65eafd0 41e5ff0c9e796f8c5aee81b38400456ce5b386b5b37e1a1e4c6c880919244a35 Loading...

	ipoldest.com/present/brother.js?26904&mode=list&u=null&r=0.8938857241335354	ScriptElement	463 B	2024-08-19	2024-08-19
Pretty URL ipoldest.com/present/brother.js?26904&mode=list&u=null&r=0.8938857241335354 IP 193.200.65.68 ASN #6681 Giveme Cloud Sp Z O O Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 13:42 Last Seen2024-08-19 13:42 Times Seen1 Hash b6c73b455c0806e2662f60de81c51eec a936e63b76142ca2019c8bddc8b6b7a4b2822a0a 2a14fe7cd0bb7eb42fdc0975c0a3af561156619c80da489f92258ff9448f3e11 Loading...

	unknown	ScriptElement	841 B	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 13:42 Last Seen2024-08-19 13:42 Times Seen1 Hash 933e5a372ef8b7e7f84a3d67140da638 32cebf699831938ea75c348a7a4369caacc5b611 57d1c7566afd797ac4fa7a712b6b184903826baafee9f1b5ac8b76055f96d179 Loading...

	drankticket.com/services/?id=161449	ScriptElement	2.4 kB	2024-08-19	2024-08-19
Pretty URL drankticket.com/services/?id=161449 IP 193.200.64.24 ASN #6681 Giveme Cloud Sp Z O O Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 13:42 Last Seen2024-08-19 13:42 Times Seen1 Hash 2fb714226f48cc7f678d64d449815cc9 163a1d2f67c219dacd7e19fbb712dff8a5899ee1 8dae1fdbfc01f26d77547b0ed469366b40b5e7d89794c0834dd9b022bdc5c723 Loading...

	anfillada.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	ScriptElement	97 kB	2023-03-07	2025-06-20
Pretty URL anfillada.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp IP 172.67.213.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-20 05:17 Times Seen6794 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

	anfillada.ru/wp-content/themes/popularis/assets/js/bootstrap.min.js?ver=3.3.7	ScriptElement	7.2 kB	2023-03-07	2025-06-19
Pretty URL anfillada.ru/wp-content/themes/popularis/assets/js/bootstrap.min.js?ver=3.3.7 IP 172.67.213.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-06-19 05:13 Times Seen165 Hash 16326695037164aed77714170fc87efb b2609f9229c8b6ff0170602075b4aabcc04c690f acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285 Loading...

	anfillada.ru/wp-includes/js/wp-embed.min.js?ver=6.3	ScriptElement	1.4 kB	2023-03-07	2025-06-20
Pretty URL anfillada.ru/wp-includes/js/wp-embed.min.js?ver=6.3 IP 172.67.213.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-06-20 03:01 Times Seen353 Hash 04133d37cfd0f08267530b905a5ffff3 6eb207e57c92ee341f57998cb191e5c9dc4fc738 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b Loading...

	pushadvert.bid/code/gfswmzlfme5ha3ddf4zdaojs	ScriptElement	10 B	2023-03-07	2025-06-19
Pretty URL pushadvert.bid/code/gfswmzlfme5ha3ddf4zdaojs IP 185.177.94.180 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-19 12:23 Times Seen2171 Hash f495e69f2e9edc75eeae7dd3ea78a747 a89e38bbe70fa2de5db9d578975abd4e9dcda52e 8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c Loading...

	unknown	ScriptElement	120 B	2024-08-19	2024-10-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 13:42 Last Seen2024-10-21 04:29 Times Seen3 Hash eca56e5aee44cfd9162833ef7b7daab4 808cf2dc9aa17e57df0c6611e5b2455effc2c9d0 f7fafa4a6172572bb955182e3cf2392b4445706904e8ed2c0eb8e14b083515ec Loading...

	unknown	ScriptElement	120 B	2024-08-19	2024-10-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 13:42 Last Seen2024-10-21 04:29 Times Seen3 Hash ff3ff2441b29ae2eb5a87f4f097408c8 b5868cb7832aaf178ea3e8e870d0ef7b0465fba4 dfd40fd5d1a8dbe7616ff719d3e88e12679ae4f551bd56335fe4227b054e52b2 Loading...

	unknown	ScriptElement	649 B	2024-08-19	2025-06-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 13:42 Last Seen2025-06-07 10:49 Times Seen4 Hash 4262f3ccde7447c47480186b78575605 e74f70ed286566d45ea8c493476c1364caeb0c59 35a1991f19deb242bf3c61c211d44bbf18a2f709d594e13bf1c06d8c6199125c Loading...

	ipoldest.com/present/brother5.js?26904a0.1644617668285706	ScriptElement	30 kB	2024-08-19	2024-08-19
Pretty URL ipoldest.com/present/brother5.js?26904a0.1644617668285706 IP 193.200.65.68 ASN #6681 Giveme Cloud Sp Z O O Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 13:42 Last Seen2024-08-19 13:42 Times Seen1 Hash ea6a6827ae7efd2bc9a909d5e4fb61a6 cee39b11b32f7442e09440679d100737a5c10c75 1f4be3e4fcc9c1b5ad61f4970b06dc2bac1c3313109949252441e72c8fbf7351 Loading...

	anfillada.ru/seks-mami-m-sina.html	ScriptElement	507 B	2024-08-19	2025-06-10
Pretty URL anfillada.ru/seks-mami-m-sina.html IP 172.67.213.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 13:42 Last Seen2025-06-10 18:39 Times Seen6 Hash 8bdb3dc4ba5ca6f994439da53c8e30a8 40a8554b778e672c9bab735d47f0eaaf500baacf 20580da58c8a75029076e45209cc834ac3baffb5ff3200914e975afd811ff3a8 Loading...

	anfillada.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	ScriptElement	10 kB	2023-03-07	2025-06-20
Pretty URL anfillada.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 172.67.213.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-20 05:24 Times Seen15863 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	anfillada.ru/seks-mami-m-sina.html	ScriptElement	303 B	2023-03-07	2025-06-20
Pretty URL anfillada.ru/seks-mami-m-sina.html IP 172.67.213.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:23 Last Seen2025-06-20 01:02 Times Seen387 Hash 5c6ab4d8b6fa1ed2dfc457c7263571f6 56228504795015a7ed1670334d6b1d2d5f7ae7b4 97b71360bf0de0c829cefb4830ce057a4047de0f290fffb324c2dfce96c2d9d2 Loading...

	anfillada.ru/wp-content/themes/popularis/assets/js/mmenu-light.js?ver=1.1	ScriptElement	4.2 kB	2023-03-13	2025-06-16
Pretty URL anfillada.ru/wp-content/themes/popularis/assets/js/mmenu-light.js?ver=1.1 IP 172.67.213.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:06 Last Seen2025-06-16 06:29 Times Seen22 Hash 61c46f7343c7c4e0f8ae77c18cae8546 c866418bfb2111b1a5c0967bc6f1bb6f5bfbe0fe 6aa68b99e95d0356240b62723e6685748bc4e705f0b5817a35e989f0e8343b08 Loading...

	unknown	ScriptElement	120 B	2024-08-19	2024-10-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 13:42 Last Seen2024-10-21 04:29 Times Seen3 Hash e8b198ba861025d5ac8693013506eaa7 04f8bb1a39334363cf3b3d3869033744caa76425 21aaee58e6ba320a5000e36879745f6b13486e5228bca1d4bbf95789c1887f77 Loading...

	octo25.me/lhzbsrfkjf/js/9486?r=&88621	ScriptElement	78 kB	2024-06-08	2024-08-19
Pretty URL octo25.me/lhzbsrfkjf/js/9486?r=&88621 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-08 23:16 Last Seen2024-08-19 20:28 Times Seen15 Hash 8f71b16a16c92a895949d9c003e1841b 61e8b9889c80163023f9e744fae03bf978ce9787 f3b68931163e9486d25c469c1761edd6b7720e6c06f193c714397c253187f06a Loading...

		Size	First Seen	Last Seen
	#1 Eval - b828ba0cbaf64a62785ef4a625481bb3	206 B	2024-08-19 13:42	2024-08-19 13:42
Pretty Observations First Seen2024-08-19 13:42 Last Seen2024-08-19 13:42 Times Seen1 Hash b828ba0cbaf64a62785ef4a625481bb3 31ba4bc3a03abc55c99802adab3a372a8dd73425 5aad1ba3730cb34477fbbe666dd0f1a8e63363c790d7e0119a224fd5e0e16c14 Loading...

	#2 Eval - ed431c4a4ef0c50d1dbba5b619417597	1.6 kB	2024-08-19 13:42	2024-08-19 13:42
Pretty Observations First Seen2024-08-19 13:42 Last Seen2024-08-19 13:42 Times Seen1 Hash ed431c4a4ef0c50d1dbba5b619417597 0ecb6bc326759e8e251bc54ffb46d19241d655fe ee202af30f34b8375b87fca120667e95f89416e7f43736312145b6b6fefec80e Loading...

HTTP Transactions (78)

URL IP Response Size

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c2c08f8e2c667f91e7ee939f41a7ca06
159557c63c8c8ef725ae9b3fec75d5f1810b40d8
68059941cc11a454898b59b485e702d97abe8025bd02657174e26ec24eb68c81

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "68059941CC11A454898B59B485E702D97ABE8025BD02657174E26EC24EB68C81"
Last-Modified: Sun, 11 Aug 2024 06:56:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Mon, 12 Aug 2024 19:00:30 GMT
Date: Mon, 12 Aug 2024 15:17:53 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
14927ac0fa718432ac5839f70891b90c
fa1224f50929eaf13800f1cefb874e57ebdd9c12
83614f2bb6b89c6f08c23a06ca037a68eb6557d42829cd1504eae2ddca77739a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "83614F2BB6B89C6F08C23A06CA037A68EB6557D42829CD1504EAE2DDCA77739A"
Last-Modified: Sun, 11 Aug 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16480
Expires: Mon, 12 Aug 2024 19:52:33 GMT
Date: Mon, 12 Aug 2024 15:17:53 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
920e4f3a49784056e5c5faa263b2f6a7
5070431826e2f4b1988fff3b3e6ff8a4e1a97919
037a14a94c65f88afcab57eae3fc805e8115b35825ec9659f173442b45918e8e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "037A14A94C65F88AFCAB57EAE3FC805E8115B35825EC9659F173442B45918E8E"
Last-Modified: Sun, 11 Aug 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14166
Expires: Mon, 12 Aug 2024 19:14:00 GMT
Date: Mon, 12 Aug 2024 15:17:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fa9d9a7703999cfc274f02dcaadb4561
eb147c3d5cebb3001dfeb1e60aa7054d1f2ca51c
1f147459e31f4e1f2f37449a98c122615b2ad8051ac691d52f0fb1cf2892a35c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1F147459E31F4E1F2F37449A98C122615B2AD8051AC691D52F0FB1CF2892A35C"
Last-Modified: Sun, 11 Aug 2024 06:57:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21537
Expires: Mon, 12 Aug 2024 21:16:51 GMT
Date: Mon, 12 Aug 2024 15:17:54 GMT
Connection: keep-alive

GET img.pvvstream.pro/preview/n6Rut9ZDFgBihmejr9M-ng/-167791898_456239025/sun9-2.userapi.com/c845123/v845123880/1fb2f1/nkJHcE1Nwdw.jpg

172.67.69.254

200 OK

14 kB

URL GET HTTP/2
img.pvvstream.pro/preview/n6Rut9ZDFgBihmejr9M-ng/-167791898_456239025/sun9-2.userapi.com/c845123/v845123880/1fb2f1/nkJHcE1Nwdw.jpg
IP
172.67.69.254:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectpvvstream.pro
Fingerprint66:D0:5C:7D:E3:11:C5:83:EF:06:25:54:63:FD:4A:F9:84:DD:A4:07
ValidityFri, 28 Jun 2024 05:16:13 GMT - Thu, 26 Sep 2024 05:16:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x450, components 3
Size
14 kB (13601 bytes)
Hash
42c84bf826a7715896758f6e102def4d
cbdd96236e146e9513481913da69783e965dd9ce
6cfe191d4ceb5e3b15b0dae41eba485174e258cc2ed4f7f3c508546d4d868855

HTTP Headers

GET /preview/n6Rut9ZDFgBihmejr9M-ng/-167791898_456239025/sun9-2.userapi.com/c845123/v845123880/1fb2f1/nkJHcE1Nwdw.jpg HTTP/1.1
Host: img.pvvstream.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: image/jpeg
content-length: 13601
cache-control: max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=13978
access-control-allow-headers: X-Quic
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 07 May 2019 20:58:07 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 3302881
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LEizmS9UCTlhDzifHb4XDTjmCoIAmectALCOCwfPP6tj8o05ljT2lgFizDK%2BcTF90Tk%2FCHzjyEeGj61ADeC4an5mx317KKAKaTZmiaR9HmaB%2B0MoP0o89xGZOCDNXCBwdWAe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a9b2ab50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET img.pvvstream.pro/preview/pp0bHHmB_y-NliDyNLHvNQ/251763459_168621637/sun9-47.userapi.com/c851324/v851324180/c9fd0/N1Cby1Ln3ME.jpg

172.67.69.254

200 OK

30 kB

URL GET HTTP/2
img.pvvstream.pro/preview/pp0bHHmB_y-NliDyNLHvNQ/251763459_168621637/sun9-47.userapi.com/c851324/v851324180/c9fd0/N1Cby1Ln3ME.jpg
IP
172.67.69.254:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectpvvstream.pro
Fingerprint66:D0:5C:7D:E3:11:C5:83:EF:06:25:54:63:FD:4A:F9:84:DD:A4:07
ValidityFri, 28 Jun 2024 05:16:13 GMT - Thu, 26 Sep 2024 05:16:12 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 800x450, components 3
Size
30 kB (29717 bytes)
Hash
36ced23201a58b59bb5384e5f993e459
6b2d2d1cf3162b8c53d2e37227e274659edd89cf
09f6284f5ee6ec7be75acbac6db9f913a529974122e56e43e99c10a13a2316e3

HTTP Headers

GET /preview/pp0bHHmB_y-NliDyNLHvNQ/251763459_168621637/sun9-47.userapi.com/c851324/v851324180/c9fd0/N1Cby1Ln3ME.jpg HTTP/1.1
Host: img.pvvstream.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: image/jpeg
content-length: 29717
cache-control: max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
access-control-allow-headers: X-Quic
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 01 Mar 2019 23:30:08 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 464840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yHjno2Zi%2FKc%2FM6Vm%2Fdc7uRpWPca4IGcSf6rAxybnzjRpMuaSc3wcPmkauQVa7kjxBxZYfvZGyO3j45l096t0odXFwedtGitNGTl%2Fi%2BQhQIpijwWHs%2FKplC1nyNys5Cjs3fKe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a9b2bb50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET img.pvvstream.pro/preview/6-zRfE1ynfmDS_SRLiRzWA/-197634591_456239378/sun9-64.userapi.com/lsW-HfR3r-m4pR5RVOXuL71ey0UH0Skf8QdLtQ/t1iza2VaII0.jpg

172.67.69.254

200 OK

9.1 kB

URL GET HTTP/2
img.pvvstream.pro/preview/6-zRfE1ynfmDS_SRLiRzWA/-197634591_456239378/sun9-64.userapi.com/lsW-HfR3r-m4pR5RVOXuL71ey0UH0Skf8QdLtQ/t1iza2VaII0.jpg
IP
172.67.69.254:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectpvvstream.pro
Fingerprint66:D0:5C:7D:E3:11:C5:83:EF:06:25:54:63:FD:4A:F9:84:DD:A4:07
ValidityFri, 28 Jun 2024 05:16:13 GMT - Thu, 26 Sep 2024 05:16:12 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3
Size
9.1 kB (9052 bytes)
Hash
4c9ed1f19bef6915789140260adb68f8
efe3702e6e2ec9ffaa62216d1055501f20de60ab
4547c917385c435c7d09df4a742c8c78e38f13a801b3add5991a6eb487a28bfb

HTTP Headers

GET /preview/6-zRfE1ynfmDS_SRLiRzWA/-197634591_456239378/sun9-64.userapi.com/lsW-HfR3r-m4pR5RVOXuL71ey0UH0Skf8QdLtQ/t1iza2VaII0.jpg HTTP/1.1
Host: img.pvvstream.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: image/jpeg
content-length: 9052
cache-control: max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=9234
access-control-allow-headers: X-Quic
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-trace-id: DPI4aU801mCjXUpmSo7HjUcDEM61Kw
last-modified: Wed, 13 Mar 2024 15:34:10 GMT
cf-cache-status: HIT
age: 3305101
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6t3H3v%2F6NT9knPkv3k%2BvHHxQNqpeo2r2gyXNbRf5t9uzykOesPmKk3Cr5YVGZTjgcsB9yaNIZYrHp4XdoLL27UtH6mGnGlimBDy3Ig9XP5DnJZcArWS%2BwLBXFhbXnQQOaIyU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a8b29b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET img.pvvstream.pro/preview/-4alpDvgL1EQEyiTCm6MlQ/-135050256_456255963/sun9-76.userapi.com/c841429/v841429203/3c50f/wnNhu-c0_as.jpg

172.67.69.254

200 OK

104 kB

URL GET HTTP/2
img.pvvstream.pro/preview/-4alpDvgL1EQEyiTCm6MlQ/-135050256_456255963/sun9-76.userapi.com/c841429/v841429203/3c50f/wnNhu-c0_as.jpg
IP
172.67.69.254:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectpvvstream.pro
Fingerprint66:D0:5C:7D:E3:11:C5:83:EF:06:25:54:63:FD:4A:F9:84:DD:A4:07
ValidityFri, 28 Jun 2024 05:16:13 GMT - Thu, 26 Sep 2024 05:16:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x451, components 3
Size
104 kB (103787 bytes)
Hash
151ca0122826111a3f9cc158cce0a869
7be9f45447c31715a093aab1b90c678d0194a730
686e835ccdef4c88fd5b2f46329ce549ca36633ac4fb095cf75502325687bbab

HTTP Headers

GET /preview/-4alpDvgL1EQEyiTCm6MlQ/-135050256_456255963/sun9-76.userapi.com/c841429/v841429203/3c50f/wnNhu-c0_as.jpg HTTP/1.1
Host: img.pvvstream.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: image/jpeg
content-length: 103787
cache-control: max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=113979
access-control-allow-headers: X-Quic
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 20 Nov 2017 11:05:16 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2702295
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1smDky9aaObwzNXOqmhFC1ulJpCSPsMwhF%2Fjs11gx52BHCM3egu1x3Bbvabn2VJsd28opzzwLaFRggC6JTnTg%2BEr9o%2B9NoyrFIZ%2FMPM9ky60wHwHxeGaMTK1pSvU5FoKiNSR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a9b3ab50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET c.checkporno.link/contents/videos_screenshots/13000/13058/640x360/8.jpg

104.26.14.18

200 OK

26 kB

URL GET HTTP/2
c.checkporno.link/contents/videos_screenshots/13000/13058/640x360/8.jpg
IP
104.26.14.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectcheckporno.link
Fingerprint42:CA:F4:FE:18:6F:26:E7:DC:A7:D4:51:F9:95:FD:92:E6:07:56:3C
ValidityFri, 28 Jun 2024 06:23:39 GMT - Thu, 26 Sep 2024 06:23:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3
Size
26 kB (25584 bytes)
Hash
24f8a6ddb8f3158e01f39f5420136a95
bee02831f2e9153d36d9691c27bdc40722a6f34b
a24fe39b950d1306dcc0a7d70fb07ca15e246279505bb9988d830f5bd95112b5

HTTP Headers

GET /contents/videos_screenshots/13000/13058/640x360/8.jpg HTTP/1.1
Host: c.checkporno.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 25584
last-modified: Wed, 05 Jun 2024 21:12:01 GMT
etag: "6660d4a1-63f0"
expires: Mon, 19 Aug 2024 15:17:54 GMT
cache-control: max-age=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gM9WzVGjlpFNDKgsYN8U0UTix9U9cWFzoRHgZnuOnw0QpOsseltDpoxmtYc%2BYu1CbFinF%2FwK%2BAkMIxE51S5dsCHoaKYV08cOra%2F%2BFc9q6ATjib0U%2BpGTBs6hwLmdmuBH2cY3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a8e6256a2-OSL
X-Firefox-Spdy: h2

GET c.checkporno.link/contents/videos_screenshots/13000/13329/640x360/10.jpg

104.26.14.18

200 OK

33 kB

URL GET HTTP/2
c.checkporno.link/contents/videos_screenshots/13000/13329/640x360/10.jpg
IP
104.26.14.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectcheckporno.link
Fingerprint42:CA:F4:FE:18:6F:26:E7:DC:A7:D4:51:F9:95:FD:92:E6:07:56:3C
ValidityFri, 28 Jun 2024 06:23:39 GMT - Thu, 26 Sep 2024 06:23:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3
Size
33 kB (32710 bytes)
Hash
873a860240a9dc1e40c3dc203a41c079
86229412131f0310b622398a337dee6b2cd1c232
c3d9f5450c5223210aa191973e8b98433e0cc435906ed32f0d22706ec1796cb6

HTTP Headers

GET /contents/videos_screenshots/13000/13329/640x360/10.jpg HTTP/1.1
Host: c.checkporno.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 32710
last-modified: Thu, 06 Jun 2024 19:25:02 GMT
etag: "66620d0e-7fc6"
expires: Mon, 19 Aug 2024 15:17:54 GMT
cache-control: max-age=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rV0HLZ4eHu1N2qU3NFZb7XUAymcvl%2Bhv8jLKVHvbdZ4hPUQWzprXFcqYEhAVUvEuCgKf4jkbZJ6%2B36coZFhEs5DfXAfEb8OQYceVq6T6jUfSNHNGa35jNWn%2FcgUSEzsKaPHz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a9e6c56a2-OSL
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3876063379e57dbf599d7df5b237421c
00bd6f6d473b358b17690d2bf897ba3561b04216
1553b7bef66a2bc19d410010e64a67633ac1a4c085ddeaed16e9aa2cbeb08cc3

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Aug 2024 15:17:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET c.checkporno.link/contents/videos_screenshots/12000/12498/640x360/7.jpg

104.26.14.18

200 OK

36 kB

URL GET HTTP/2
c.checkporno.link/contents/videos_screenshots/12000/12498/640x360/7.jpg
IP
104.26.14.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectcheckporno.link
Fingerprint42:CA:F4:FE:18:6F:26:E7:DC:A7:D4:51:F9:95:FD:92:E6:07:56:3C
ValidityFri, 28 Jun 2024 06:23:39 GMT - Thu, 26 Sep 2024 06:23:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3
Size
36 kB (36493 bytes)
Hash
aae6126aae74fb9e45862d342b62ef59
54a0cc49132ba6c33196035516d5848109826fcc
8591992fdbbe547c7c078f3cb83ec0068cd403800f4b7a73136cfe73ee53f45c

HTTP Headers

GET /contents/videos_screenshots/12000/12498/640x360/7.jpg HTTP/1.1
Host: c.checkporno.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 36493
last-modified: Fri, 08 Mar 2024 09:15:02 GMT
etag: "65ead716-8e8d"
expires: Mon, 19 Aug 2024 15:17:55 GMT
cache-control: max-age=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vXyQKF%2BCqMLe08GdtK%2FBmCmHVo33DAkQ5btapiASk8%2Bh7EOsVsq8AsjHc%2FOrIBIgcnkVqbfqtlLYQpv1sVHJ%2FLdArbNtvY5i036RqxApkPzzDt%2FLH6y7CU7z3drUanRUc83u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a9e6356a2-OSL
X-Firefox-Spdy: h2

GET st.ebtictic.com/contents/videos_screenshots/20000/20000/720x406/1.jpg

185.76.9.18

200 OK

30 kB

URL GET HTTP/2
st.ebtictic.com/contents/videos_screenshots/20000/20000/720x406/1.jpg
IP
185.76.9.18:443
ASN
#60068 Datacamp Limited

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subject1149318661.rsc.cdn77.org
FingerprintFD:EE:29:1B:F8:47:59:82:33:37:93:A4:B3:27:2E:38:03:4E:8F:EF
ValiditySat, 29 Jun 2024 18:52:10 GMT - Fri, 27 Sep 2024 18:52:09 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 720x406, Scaling: [none]x[none], YUV color, decoders should clamp
Size
30 kB (30154 bytes)
Hash
c6e8df131fab71ed22205aa5c6dd91d0
47a05c4653d45f521cb0cb22518067561ea3a706
397f18a19e0952a5c8de7805b856a8b3eec2825927ad03fd831b56493ea5f18d

HTTP Headers

GET /contents/videos_screenshots/20000/20000/720x406/1.jpg HTTP/1.1
Host: st.ebtictic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 30154
last-modified: Wed, 14 Feb 2024 17:59:51 GMT
etag: "65ccff97-75ca"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3eFNkAAwBuUwKAQH33gIAAAwBnJIhJwHXl0QBAA
x-77-nzt-ray: c0a4cc289034cfe9a327ba66c9f09b02
x-accel-expires: @2032177078
x-accel-date: 1716900907
x-77-cache: HIT
x-77-age: 6574968
server: CDN77-Turbo
timing-allow-origin: *
x-accel-date-max: 1716900907
x-cache: HIT
x-age: 6574968
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

GET st.ebtictic.com/contents/videos_screenshots/31000/31015/720x406/1.jpg

185.76.9.18

200 OK

28 kB

URL GET HTTP/2
st.ebtictic.com/contents/videos_screenshots/31000/31015/720x406/1.jpg
IP
185.76.9.18:443
ASN
#60068 Datacamp Limited

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subject1149318661.rsc.cdn77.org
FingerprintFD:EE:29:1B:F8:47:59:82:33:37:93:A4:B3:27:2E:38:03:4E:8F:EF
ValiditySat, 29 Jun 2024 18:52:10 GMT - Fri, 27 Sep 2024 18:52:09 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 720x406, Scaling: [none]x[none], YUV color, decoders should clamp
Size
28 kB (28054 bytes)
Hash
8a7eabd704ab9e3cefbd856bfcd50804
1f11ea15c33126bdda271b9b07766af6d9b66184
c1909367dcce3e0e7168cc0dedca9a5b23a6b540890313f441996a6272fd1d79

HTTP Headers

GET /contents/videos_screenshots/31000/31015/720x406/1.jpg HTTP/1.1
Host: st.ebtictic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 28054
last-modified: Wed, 14 Feb 2024 18:23:38 GMT
etag: "65cd052a-6d96"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3gVVkAAwBuUwKCQH33wAAAAwBJRPCLgH3SkQBAA
x-77-nzt-ray: c0a4cc289034cfe9a327ba66c1c1a602
x-accel-expires: @2032177145
x-accel-date: 1716900386
x-77-cache: HIT
x-77-age: 6575489
server: CDN77-Turbo
timing-allow-origin: *
x-accel-date-max: 1716900386
x-cache: HIT
x-age: 6575489
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

GET st.ebtictic.com/contents/videos_screenshots/31000/31771/720x406/1.jpg

185.76.9.18

200 OK

34 kB

URL GET HTTP/2
st.ebtictic.com/contents/videos_screenshots/31000/31771/720x406/1.jpg
IP
185.76.9.18:443
ASN
#60068 Datacamp Limited

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subject1149318661.rsc.cdn77.org
FingerprintFD:EE:29:1B:F8:47:59:82:33:37:93:A4:B3:27:2E:38:03:4E:8F:EF
ValiditySat, 29 Jun 2024 18:52:10 GMT - Fri, 27 Sep 2024 18:52:09 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 720x406, Scaling: [none]x[none], YUV color, decoders should clamp
Size
34 kB (33612 bytes)
Hash
5606c8091ef95e9bb933506fd7d03b63
d34e55e99ee3eba6ce116ae2d6e8c82ed5a51d5b
6b6741512342e1fdb5519976664f881a0eab08fc0d52269689bfe8f07cf4878f

HTTP Headers

GET /contents/videos_screenshots/31000/31771/720x406/1.jpg HTTP/1.1
Host: st.ebtictic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 33612
last-modified: Wed, 14 Feb 2024 18:25:33 GMT
etag: "65cd059d-834c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3olVkAAwBuUwKCQH31gAAAAwBJRPCLgH3MkQBAA
x-77-nzt-ray: c0a4cc289034cfe9a327ba66d879fb02
x-accel-expires: @2032177145
x-accel-date: 1716900353
x-77-cache: HIT
x-77-age: 6575522
server: CDN77-Turbo
timing-allow-origin: *
x-accel-date-max: 1716900353
x-cache: HIT
x-age: 6575522
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

GET anfillada.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

172.67.213.166

200 OK

40 kB

URL GET HTTP/3
anfillada.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
gzip compressed data, max speed, from Unix
Size
40 kB (39903 bytes)
Hash
076e3f4dae82bb74e0dcae73555d8c43
06d702cfda68137d530ae3978855c673e681b124
afa324806f9a4d227ae5076c8dc532236ae417a2715f64989db5164dfd5ce7c4

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 21 Jul 2024 02:16:34 GMT
etag: W/"669c6f82-17a69"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCtg9ysX00HQsuweJhxC8YAwtk3u6CG7Vxd62TB5R06i9QDdnnBxyqlc9tyHXBFhvPRtSdSiJFmKHfl0beT98cTBA6PvCOcnAA1wF8FSrlPfQzHclcl%2Fv0TFVf74VWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a0ca656c7-OSL
alt-svc: h3=":443"; ma=86400

GET pics.365-cdn.com/contents/videos_screenshots/0/373/720x406/1.jpg

185.76.9.19

200 OK

35 kB

URL GET HTTP/2
pics.365-cdn.com/contents/videos_screenshots/0/373/720x406/1.jpg
IP
185.76.9.19:443
ASN
#60068 Datacamp Limited

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subject1348948721.rsc.cdn77.org
Fingerprint65:DB:A8:89:C2:AD:26:26:2A:31:47:C8:0C:76:50:7A:B7:71:08:75
ValiditySat, 29 Jun 2024 18:52:15 GMT - Fri, 27 Sep 2024 18:52:14 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 720x406, Scaling: [none]x[none], YUV color, decoders should clamp
Size
35 kB (35336 bytes)
Hash
8ca7aab753a4fb9b3a91f60a509c41bd
10d68b6b7974f211f5f11ee27ab7460f7c01697a
cad40d425c1bbbe5e27c6e8608432865f27572036b5d3a0c04a103dfb4a98dde

HTTP Headers

GET /contents/videos_screenshots/0/373/720x406/1.jpg HTTP/1.1
Host: pics.365-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 35336
last-modified: Wed, 14 Feb 2024 17:15:25 GMT
etag: "65ccf52d-8a08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQHXZ2lWAAwBuUwKEwH3nhkyAAwBisclwQH3yJxkAA
x-77-nzt-ray: c0a4cc288035e3eba327ba66acb0a804
x-accel-expires: @2023295702
x-accel-date: 1717812796
x-77-cache: HIT
x-77-age: 5663079
server: CDN77-Turbo
timing-allow-origin: *
x-accel-date-max: 1717812796
x-cache: HIT
x-age: 5663079
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.33.119.27

504 B

URL
r11.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
88f4f8e0de68f70568396921f97233ba
815d7b45dc9094dd8c5e3046915e3e7f0132a3c7
83399823b1ee22c83d8a6ef13a90e63d841b11b2b7f0ecfcd1adab6599f21e46

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "83399823B1EE22C83D8A6EF13A90E63D841B11B2B7F0ECFCD1ADAB6599F21E46"
Last-Modified: Sat, 10 Aug 2024 01:05:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9939
Expires: Mon, 12 Aug 2024 18:03:34 GMT
Date: Mon, 12 Aug 2024 15:17:55 GMT
Connection: keep-alive

GET st.365ittictic.com/contents/videos_screenshots/5000/5664/preview.jpg

185.76.9.19

200 OK

428 kB

URL GET HTTP/2
st.365ittictic.com/contents/videos_screenshots/5000/5664/preview.jpg
IP
185.76.9.19:443
ASN
#60068 Datacamp Limited

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subject1348948721.rsc.cdn77.org
Fingerprint65:DB:A8:89:C2:AD:26:26:2A:31:47:C8:0C:76:50:7A:B7:71:08:75
ValiditySat, 29 Jun 2024 18:52:15 GMT - Fri, 27 Sep 2024 18:52:14 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 3840x2160, components 3
Size
428 kB (427713 bytes)
Hash
825b3c8a44ce0b4a4aa33464ad9210b2
ece1b3438faf48037015f82ad084bd37403d9cb8
1610b98627256ab4f9c6795c1fb2ba146fc697d50fa6e0fe27d36e246e4235eb

HTTP Headers

GET /contents/videos_screenshots/5000/5664/preview.jpg HTTP/1.1
Host: st.365ittictic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 427713
last-modified: Wed, 29 Mar 2023 00:00:08 GMT
etag: "64237f88-686c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3T/UXAAwBuUwKEwH330UTAAwBnJIhHwH35pjBAA
x-77-nzt-ray: c0a4cc288035e3eba327ba66b04d9c0f
x-accel-expires: @2023315087
x-accel-date: 1721905748
x-77-cache: HIT
x-77-age: 1570127
server: CDN77-Turbo
timing-allow-origin: *
x-accel-date-max: 1721905748
x-cache: HIT
x-age: 1570127
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

GET you.pornobolt.live/pornobolt-kartinki/huge-porno-incest-mama-reshila-probratsya-nochyu-k-synu-i-zastavit-ego-traxnutsya.jpg

104.26.14.171

200 OK

49 kB

URL GET HTTP/2
you.pornobolt.live/pornobolt-kartinki/huge-porno-incest-mama-reshila-probratsya-nochyu-k-synu-i-zastavit-ego-traxnutsya.jpg
IP
104.26.14.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectpornobolt.live
FingerprintF3:71:92:4C:5E:D6:FA:72:B6:EB:37:26:7E:66:30:E0:29:96:E3:56
ValidityWed, 31 Jul 2024 03:08:53 GMT - Tue, 29 Oct 2024 03:08:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 640x360, components 3
Size
49 kB (49447 bytes)
Hash
e7e99f3bed29dec196fab2dc5eab3930
a8c98a6fe00a556f30f542b95586a19443f40d4e
5b36d0a82f66d3512931113f2db61ad140039eaf2e538a00e2bad5d53e2ab22c

HTTP Headers

GET /pornobolt-kartinki/huge-porno-incest-mama-reshila-probratsya-nochyu-k-synu-i-zastavit-ego-traxnutsya.jpg HTTP/1.1
Host: you.pornobolt.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 49447
cache-control: max-age=31708800
cf-bgj: imgq:100,h2pri
cf-polished: origSize=52646
access-control-allow-origin: *
etag: "6363aa32-cda6"
expires: Mon, 07 Jul 2025 09:17:59 GMT
last-modified: Thu, 03 Nov 2022 11:46:58 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 3304796
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3NGBWhdEQxmrJNULBHVgpcHVUqgL%2BRf2daag6CYCutH3EQF7OiqtaJINhvJ%2Box3qDzPVp0XmF2NTb44DFKqWfItj%2BgEv%2BemouhT%2FxBcYkJFtyPBBqudDj7VOE%2FWks0oodt4FpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5d5b3db51d-OSL
X-Firefox-Spdy: h2

GET img.24xxx.love/base/61/1/60032/1-540x360.jpg

188.114.97.1

200 OK

76 kB

URL GET HTTP/2
img.24xxx.love/base/61/1/60032/1-540x360.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subject24xxx.love
Fingerprint5F:1D:CC:BE:65:07:F2:4F:3E:FA:A0:97:76:26:B3:EB:E5:06:A5:FC
ValiditySun, 14 Jul 2024 08:58:30 GMT - Sat, 12 Oct 2024 08:58:29 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x360, components 3
Size
76 kB (76438 bytes)
Hash
6c613a80c25bf14a93af37e5b02cd5d7
8cfd62c6daf338cffdf527dda6ed576a14848074
f313334c748a3cf544715d3ac0d8ecefd58d5d3295d84fe4594a5fb736e4fa8b

HTTP Headers

GET /base/61/1/60032/1-540x360.jpg HTTP/1.1
Host: img.24xxx.love
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 76438
last-modified: Fri, 05 Feb 2021 22:40:23 GMT
etag: "601dc957-12a96"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 902249
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hVf8pmIp7EEFfjotstW3jPgChzOxKeGpQhoI%2BQ2MXCUIQV7O%2F1rNvvGUh2ixNjtjtWSmE67QzLxUhrDmmvs6tI73UrM6UQ3tKlfnKo0vz2WNbAk00ZNJQyFGUMSLe4X15g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5d6f22b4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET s1.rusvideos.mobi/porno-kartinki/roliki/ogromnaya-neobuzdannyj-incest-s-synom-podaril-pyshnoj-mamochke-nastoyashhee-udovletvorenie.jpg

104.27.206.87

200 OK

46 kB

URL GET HTTP/2
s1.rusvideos.mobi/porno-kartinki/roliki/ogromnaya-neobuzdannyj-incest-s-synom-podaril-pyshnoj-mamochke-nastoyashhee-udovletvorenie.jpg
IP
104.27.206.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectrusvideos.mobi
Fingerprint90:F9:AB:CE:70:EB:8D:0D:FA:5B:8F:2B:3E:F5:C4:B2:CB:47:34:5B
ValidityTue, 09 Jul 2024 13:38:05 GMT - Mon, 07 Oct 2024 13:38:04 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 640x360, components 3
Size
46 kB (45492 bytes)
Hash
5271a4d09ea021db50e7f45f96aecd63
b70304028c5cb0cca1b7b0ef1fe753f7f47a52f9
24072d1099ce212674106aee858184205590575efed64b05525d84469d6937b0

HTTP Headers

GET /porno-kartinki/roliki/ogromnaya-neobuzdannyj-incest-s-synom-podaril-pyshnoj-mamochke-nastoyashhee-udovletvorenie.jpg HTTP/1.1
Host: s1.rusvideos.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 45492
cache-control: max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=47754
access-control-allow-origin: *
etag: "6363bae6-ba8a"
expires: Thu, 13 Mar 2025 15:33:28 GMT
last-modified: Thu, 03 Nov 2022 12:58:14 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 3305534
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewU6h1BEwK4ak2b0tmM1Xvd8EUz3GM2nZ6QQBGVg88CYrAeLalUQO6AOwOj4J5A3iIZC2bPH6JFo%2BFLFrvuLXA%2B6Nf8v%2FG8PXymxia0iE6LrqkF3xWlkdc52WFYtRaMbAPAz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8b216f5deecc0b59-OSL
X-Firefox-Spdy: h2

GET static.rusvideos.vip/porno-kartinki/roliki/ogromnaya-rasputnaya-machexa-pozvolila-pasynku-dvazhdy-konchit-radi-molchaniya.jpg

104.27.202.88

200 OK

52 kB

URL GET HTTP/2
static.rusvideos.vip/porno-kartinki/roliki/ogromnaya-rasputnaya-machexa-pozvolila-pasynku-dvazhdy-konchit-radi-molchaniya.jpg
IP
104.27.202.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectrusvideos.vip
FingerprintA6:B6:0D:CE:7A:F2:4E:77:EA:B1:27:04:75:96:53:9E:C7:DF:4C:FB
ValidityThu, 08 Aug 2024 11:59:13 GMT - Wed, 06 Nov 2024 11:59:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 640x360, components 3
Size
52 kB (52288 bytes)
Hash
9a531b5001d35e61b53ab99ee5291514
e39063682ba8aafc068a0969f12b4e12f527259b
dd83ca12b60a764be8bf6d7c0d1bc1707d8af8153a1e829b455ea18e475996c1

HTTP Headers

GET /porno-kartinki/roliki/ogromnaya-rasputnaya-machexa-pozvolila-pasynku-dvazhdy-konchit-radi-molchaniya.jpg HTTP/1.1
Host: static.rusvideos.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 52288
cache-control: max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=55072
access-control-allow-origin: *
etag: "6686d40f-d720"
expires: Fri, 11 Jul 2025 07:41:23 GMT
last-modified: Thu, 04 Jul 2024 16:55:43 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2792186
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JlBQFuee6LVTEdeSWU%2FBoyn7mOpS39T9SxtiOCRXWPB6AgcQygdtVbabk8v1U3R4FmCjAbaaW3Bi1AC8EQk0ON77hL2ak7TPfg89wtpw0Hlbs%2FZTAn8SbMwSxf6cNdGMDODg3uKQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8b216f5e0d99569d-OSL
X-Firefox-Spdy: h2

GET super.rusvideos.co/porno-kartinki/roliki/ogromnaya-lina-migurt-povelas-na-ugovory-syna-i-razdvinula-nogi-na-kuxonnom-stole.jpg

172.67.68.26

200 OK

38 kB

URL GET HTTP/2
super.rusvideos.co/porno-kartinki/roliki/ogromnaya-lina-migurt-povelas-na-ugovory-syna-i-razdvinula-nogi-na-kuxonnom-stole.jpg
IP
172.67.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectrusvideos.co
Fingerprint17:EC:55:6F:68:A3:6B:8F:2C:9C:DC:67:77:9D:61:58:CE:6C:73:9A
ValidityThu, 27 Jun 2024 16:19:12 GMT - Wed, 25 Sep 2024 16:19:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 640x360, components 3
Size
38 kB (37833 bytes)
Hash
335939f1b3e7021d5567de8519cc16d0
b242c2d6402955a019b4e348abda4a0d96deeaa8
64b15b03f118583df37e2b5cabefdd50649a9279b78342a6fedd4351ab7b5e04

HTTP Headers

GET /porno-kartinki/roliki/ogromnaya-lina-migurt-povelas-na-ugovory-syna-i-razdvinula-nogi-na-kuxonnom-stole.jpg HTTP/1.1
Host: super.rusvideos.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 37833
cache-control: max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=39665
access-control-allow-origin: *
etag: "66857f3a-9af1"
expires: Fri, 11 Jul 2025 07:28:42 GMT
last-modified: Wed, 03 Jul 2024 16:41:30 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2792938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RpsUjluGLmuByQd%2Fi9wHqPUFLGxka1%2FwHfwoVvvI0J2ezrj5%2BvqPSpFXV1Xul6gIBo3o0op1eyY7yH15yl4x6y7YQ0Tpg6sUrfphHp%2Fln%2Fh2o6mQkUsTPbQQHfrZsfP9D11ZoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8b216f5e1a225695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET img.porno666.work/contents/videos_screenshots/15000/15357/533x300/1.jpg

51.158.156.126

200 OK

18 kB

URL GET HTTP/2
img.porno666.work/contents/videos_screenshots/15000/15357/533x300/1.jpg
IP
51.158.156.126:443
ASN
#12876 Scaleway S.a.s.

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectimg.porno666.work
Fingerprint2C:30:35:12:14:51:01:31:E8:D2:85:A2:14:23:1F:F9:86:41:BE:12
ValiditySun, 04 Aug 2024 23:45:44 GMT - Sat, 02 Nov 2024 23:45:43 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 533x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
18 kB (18450 bytes)
Hash
5d972ea9ace9c553aa90ede825c4f0ff
ff87cbb8900805357c8fe4e83e263f663e8296db
285d333fbfcf023f1e9e4b8ba26b7ea0c805504a6225029c2e9c1f779af9712d

HTTP Headers

GET /contents/videos_screenshots/15000/15357/533x300/1.jpg HTTP/1.1
Host: img.porno666.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 18450
last-modified: Thu, 04 Jul 2024 03:25:27 GMT
etag: "66861627-4812"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

GET st.tiictiictiir.com/contents/videos_screenshots/334000/334518/720x406/1.jpg

185.76.9.22

200 OK

32 kB

URL GET HTTP/2
st.tiictiictiir.com/contents/videos_screenshots/334000/334518/720x406/1.jpg
IP
185.76.9.22:443
ASN
#60068 Datacamp Limited

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subject1910963678.rsc.cdn77.org
Fingerprint0A:24:31:CA:8C:03:E3:2F:E8:6E:70:E4:6A:CB:AA:3B:F7:08:6A:43
ValiditySat, 29 Jun 2024 16:50:51 GMT - Fri, 27 Sep 2024 16:50:50 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 720x406, Scaling: [none]x[none], YUV color, decoders should clamp
Size
32 kB (32444 bytes)
Hash
63fb3fb712a04590747f9e410eff12b4
f0b21a1c1e5c3c282cff6d459548713d8d86d0d0
bde4102e44cb421959a7e6ce597165b4381ca53bb5d67a0c1f4d46fc8b36d456

HTTP Headers

GET /contents/videos_screenshots/334000/334518/720x406/1.jpg HTTP/1.1
Host: st.tiictiictiir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 32444
last-modified: Thu, 15 Feb 2024 00:49:01 GMT
etag: "65cd5f7d-7ebc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3BCFFAAwBuUwKEwH3TlgyAAwBnJIhHwHXREAtAA
x-77-nzt-ray: af585630f170cf9ea327ba662718dd20
x-accel-expires: @2028040461
x-accel-date: 1718945439
x-77-cache: HIT
x-77-age: 4530436
server: CDN77-Turbo
timing-allow-origin: *
x-accel-date-max: 1718945439
x-cache: HIT
x-age: 4530436
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

GET sex-studentki.live/images/6462_screen.jpg?0

172.67.195.245

200 OK

128 kB

URL GET HTTP/2
sex-studentki.live/images/6462_screen.jpg?0
IP
172.67.195.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectsex-studentki.live
Fingerprint58:EA:8A:A0:E3:48:CD:69:F7:94:75:2B:99:06:01:4C:3B:91:77:8A
ValiditySat, 10 Aug 2024 07:39:36 GMT - Fri, 08 Nov 2024 07:39:35 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3
Size
128 kB (127591 bytes)
Hash
d7cb1cadb2bea2fe97557eae0ee40330
fb7251b8b6e1b48cf85315cf260496eb20c4e893
63438dd0dd7a197f4ce7308e32131543ab15ebb51c9bb8098d0def6981099475

HTTP Headers

GET /images/6462_screen.jpg?0 HTTP/1.1
Host: sex-studentki.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 127591
last-modified: Mon, 21 Sep 2020 19:51:10 GMT
etag: "5f69042e-1f267"
expires: Mon, 19 Aug 2024 15:17:55 GMT
cache-control: max-age=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvomfWMIz6uZJU%2FJIlvHcuP%2BgqQKNwGhI5nQ6baQV%2FCpisS226kHnkxRyNjIcbyrPHhPTTgtMcdHS5Xcnxrkrqzh%2FFLNOKgyra%2B50U46roODqvItu%2BN7QY2DNmLJJvzOUpMuu%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5de9fd56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fap-guru.pro/images/9947.jpg?00

104.21.74.111

200 OK

46 kB

URL GET HTTP/2
fap-guru.pro/images/9947.jpg?00
IP
104.21.74.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectfap-guru.pro
Fingerprint2C:53:F3:37:6B:77:AC:37:4F:A4:BA:A1:E8:47:0D:14:F7:43:16:89
ValidityFri, 12 Jul 2024 02:44:16 GMT - Thu, 10 Oct 2024 02:44:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 376x252, components 3
Size
46 kB (46016 bytes)
Hash
917154fa693a73638492a3b1038fbcd8
ef5fb532e434d0c9203ec033a838a69571d672a3
cf35c341b24ae4babf6e558b59fc55b41a1c08d1f738fe0434576e058eba9676

HTTP Headers

GET /images/9947.jpg?00 HTTP/1.1
Host: fap-guru.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 46016
last-modified: Tue, 18 Jul 2023 03:33:25 GMT
etag: "64b60805-b3c0"
expires: Mon, 19 Aug 2024 15:17:55 GMT
cache-control: max-age=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awT71wornBYGgcGnL2OqpbHMKnqKgZvmuZdZjBdLv7frtNnf3z1Lk%2FHJVmyavvuoStxvv5DABU2V1Yb0wewdh7IbXydhwugmnrLY7pog9xrtnNQHpC0ZBAQ0pnrAmwc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5e2e250b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3876063379e57dbf599d7df5b237421c
00bd6f6d473b358b17690d2bf897ba3561b04216
1553b7bef66a2bc19d410010e64a67633ac1a4c085ddeaed16e9aa2cbeb08cc3

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Aug 2024 15:17:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET newrotatormarch23.bid/13ph6.min.js?e3a7cc2

95.216.65.102

200 OK

23 kB

URL GET HTTP/2
newrotatormarch23.bid/13ph6.min.js?e3a7cc2
IP
95.216.65.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectnewrotatormarch23.bid
FingerprintC1:43:BA:3A:04:D8:D2:77:16:3B:5E:53:19:34:05:41:C8:85:DF:FB
ValidityFri, 12 Jul 2024 17:34:46 GMT - Thu, 10 Oct 2024 17:34:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (63958), with no line terminators
Size
23 kB (23438 bytes)
Hash
3669ea49d9e2ad53ab5d9798828115db
222048557aa19586d82bc5ce5f9bd8a6c47e63b2
2252dc738f3d60792791ade721f6af3aa97406077c4e9ee3fcf960c134ec9608

HTTP Headers

GET /13ph6.min.js?e3a7cc2 HTTP/1.1
Host: newrotatormarch23.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
cache-control: max-age=300
expires: Mon, 12-Aug-2024 18:22:55 EEST
duration: 2915263
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2

GET www.ebalka.link/contents/videos_screenshots/46000/46181/preview.jpg

104.26.2.22

200 OK

20 kB

URL GET HTTP/2
www.ebalka.link/contents/videos_screenshots/46000/46181/preview.jpg
IP
104.26.2.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectebalka.link
FingerprintB8:C5:12:88:4E:AB:68:91:FA:CE:27:B6:85:A6:85:64:8A:70:3F:DC
ValidityWed, 31 Jul 2024 06:12:40 GMT - Tue, 29 Oct 2024 06:12:39 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 300x240, components 3
Size
20 kB (19975 bytes)
Hash
b3b4d26db91e4357f3a437a8d53554fd
789ee0b7cc07b8adac15e764f4fcf5162d600fef
a1e83aa25b906490826b94eaa68d56051555350a2385889a615fe4d4f52364bf

HTTP Headers

GET /contents/videos_screenshots/46000/46181/preview.jpg HTTP/1.1
Host: www.ebalka.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anfillada.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: image/jpeg
content-length: 19975
cache-control: max-age=31536000
cf-bgj: h2pri
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
etag: "5d65644c-4e07"
expires: Sat, 09 Aug 2025 16:59:24 GMT
last-modified: Tue, 27 Aug 2019 17:11:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 253111
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XLsF3uHMakqB3WNdRfe2FRzWpPqnEo2%2FbFKzuiD6XcEfoLjPB2%2F4WR6wD3DcGBacjblobM%2BjOiqoDHlmSx9vib7GCd%2BkBcaCfLXdfkZYTV%2FdOsNYmzk2olVdq6dVRDsZlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f603de15688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
018ab2dba1b3634df22fb7a3b4a843e4
9bf18db2873b69312ff9ee629e32e0ab0f901c4a
8c678e4227479b6627c51ff8cef6d856d13f633fb86e0ad8bf5d6f885248b150

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Aug 2024 15:17:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
018ab2dba1b3634df22fb7a3b4a843e4
9bf18db2873b69312ff9ee629e32e0ab0f901c4a
8c678e4227479b6627c51ff8cef6d856d13f633fb86e0ad8bf5d6f885248b150

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Aug 2024 15:17:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
018ab2dba1b3634df22fb7a3b4a843e4
9bf18db2873b69312ff9ee629e32e0ab0f901c4a
8c678e4227479b6627c51ff8cef6d856d13f633fb86e0ad8bf5d6f885248b150

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Aug 2024 15:17:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16324, version 1.0
Size
16 kB (16324 bytes)
Hash
f43fa5b4f6366eae0039e4e49db645de
d7fec074ba8b6e69bec4a995ea722d3d1513ad43
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

HTTP Headers

GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anfillada.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Aug 2024 08:23:52 GMT
expires: Sat, 09 Aug 2025 08:23:52 GMT
cache-control: public, max-age=31536000
age: 284043
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuHMR6WR.woff2

216.58.207.227

200 OK

9.3 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuHMR6WR.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9276, version 1.0
Size
9.3 kB (9276 bytes)
Hash
b14bff0d7c479a295233fcf4aec05e8c
ae78b83f7782583f94acd6348d4be844985ccd0d
8bf6481fd9ca6cf5ea01c350f2e9a71321c5e4b99a116418ab2c9f0c4c01af81

HTTP Headers

GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuHMR6WR.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anfillada.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Aug 2024 03:11:47 GMT
expires: Sun, 10 Aug 2025 03:11:47 GMT
cache-control: public, max-age=31536000
age: 216368
last-modified: Tue, 19 Apr 2022 18:41:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuHMR6WR.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuHMR6WR.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10800, version 1.0
Size
11 kB (10800 bytes)
Hash
6d9d0bddb868f2299504e7aa3de4ad12
d1eccb375f0bcd664204a4389db938c2bbe6749a
998691c2c0c408e5cbf98147176c36679708ce66b26b77f3fc30b83fa5bab311

HTTP Headers

GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuHMR6WR.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anfillada.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Aug 2024 08:24:39 GMT
expires: Tue, 12 Aug 2025 08:24:39 GMT
cache-control: public, max-age=31536000
age: 24796
last-modified: Tue, 19 Apr 2022 18:07:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14964, version 1.0
Size
15 kB (14964 bytes)
Hash
44b4e1e6aecc684d11fe7501dd36df19
59e2710168a0d6889a24eaaa5134114f7e258461
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

HTTP Headers

GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anfillada.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Aug 2024 09:25:34 GMT
expires: Thu, 07 Aug 2025 09:25:34 GMT
cache-control: public, max-age=31536000
age: 453141
last-modified: Tue, 19 Apr 2022 18:08:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
018ab2dba1b3634df22fb7a3b4a843e4
9bf18db2873b69312ff9ee629e32e0ab0f901c4a
8c678e4227479b6627c51ff8cef6d856d13f633fb86e0ad8bf5d6f885248b150

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Aug 2024 15:17:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET anfillada.ru/wp-content/themes/popularis/assets/js/mmenu-light.js?ver=1.1

172.67.213.166

200 OK

9.0 kB

URL GET HTTP/3
anfillada.ru/wp-content/themes/popularis/assets/js/mmenu-light.js?ver=1.1
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
gzip compressed data, max speed, from Unix
Size
9.0 kB (8988 bytes)
Hash
59f26287fa15b7bc95cd69a983f81fa8
0211b83b408ad3b0277b7709525972444df87323
8f51244efd9dd7f683b7ad4833223c71181006dac2bcec48c9630f5405356700

HTTP Headers

GET /wp-content/themes/popularis/assets/js/mmenu-light.js?ver=1.1 HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 21 Jul 2024 02:16:34 GMT
etag: W/"669c6f82-1075"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WrEmaVBOehzW1Sbpic3gOu0ab%2BwnJv8tTLNgcsjlY5wKtVFp9kClf6%2B3fFFSNE6LWtg1Q0JDeyV0EHnSYxj1ClDALIt3qRQ9d2KkH4xD1YNXBnJwfUQYsl5M0pad5Eo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a6d0d56c7-OSL
alt-svc: h3=":443"; ma=86400

GET ebalka.tube/contents/videos_screenshots/46000/46181/preview.jpg

104.26.7.161

301 Moved Permanently

12 kB

URL GET HTTP/2
ebalka.tube/contents/videos_screenshots/46000/46181/preview.jpg
IP
104.26.7.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectebalka.tube
FingerprintDA:42:98:56:78:70:0D:AC:A6:38:A4:46:71:12:8C:8A:60:DC:D0:D2
ValiditySat, 03 Aug 2024 07:31:39 GMT - Fri, 01 Nov 2024 07:31:38 GMT

File type
data
Size
12 kB (12407 bytes)
Hash
0d2e6276cfe4a66689a68670a290605f
d9702db53ae5e9c3f939bda2c2e20ec7d8bd281c
09a5786713eac1bf029dd644f52baeabc7a8dea5190438b4fd7e72db102b2d6b

HTTP Headers

GET /contents/videos_screenshots/46000/46181/preview.jpg HTTP/1.1
Host: ebalka.tube
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: text/html
location: https://www.ebalka.link/contents/videos_screenshots/46000/46181/preview.jpg
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2oZsXBTj5OT3mdPpK7g0m%2FQrjdLj7DS0Y9yGZt%2FNw1KXKnEOTMkfz6%2FeEW1GV9ha9NtkolMEialeU%2FYGV3c3PWwkGywc4dBuc%2BH9JQL7XeqmjBfvL3f0ujf82fm0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5d6a4eb500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
4977017d56d4a0bd2b1aed3152c4e20b
2d15e2d156586b3f1eae79055f83d2d63b22cf92
1e424db5bcdfac9d459468f70f163bf0ac1468559d16f46902880af017ef2220

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1E424DB5BCDFAC9D459468F70F163BF0AC1468559D16F46902880AF017EF2220"
Last-Modified: Sat, 10 Aug 2024 15:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5034
Expires: Mon, 12 Aug 2024 16:41:50 GMT
Date: Mon, 12 Aug 2024 15:17:56 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.27

504 B

URL
r11.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
84b363d4fd89feee8744986599fbb8d4
d52086c91d9a75bf5c5d1bb46895b216676d85ce
6aa41021c81fe449ed605ebec0574a4829cb75bffa37b7a0bcf29545ad80dd8e

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "6AA41021C81FE449ED605EBEC0574A4829CB75BFFA37B7A0BCF29545AD80DD8E"
Last-Modified: Sun, 11 Aug 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20521
Expires: Mon, 12 Aug 2024 20:59:57 GMT
Date: Mon, 12 Aug 2024 15:17:56 GMT
Connection: keep-alive

GET drankticket.com/services/?id=161449

193.200.64.24

200 OK

2.4 kB

URL GET HTTP/1.1
drankticket.com/services/?id=161449
IP
193.200.64.24:443
ASN
#6681 Giveme Cloud Sp Z O O

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectdrankticket.com
FingerprintCE:8A:3A:89:20:E7:DF:67:E0:CC:AF:80:CF:04:B6:D5:54:3B:35:86
ValidityTue, 06 Aug 2024 06:44:13 GMT - Mon, 04 Nov 2024 06:44:12 GMT

File type
JavaScript source, ASCII text, with very long lines (2360), with no line terminators
Size
2.4 kB (2360 bytes)
Hash
2fb714226f48cc7f678d64d449815cc9
163a1d2f67c219dacd7e19fbb712dff8a5899ee1
8dae1fdbfc01f26d77547b0ed469366b40b5e7d89794c0834dd9b022bdc5c723

HTTP Headers

GET /services/?id=161449 HTTP/1.1
Host: drankticket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Aug 2024 15:17:56 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2360
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
204e22a2ff3fd43ca425f1eca2939675
28fd2e3853405517b74bab7d6bc6f09f99ed8875
1efd38b4426d56730fbbcc37f4d5d8ed7a64bf512dd53bb714408ecbeab275f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1EFD38B4426D56730FBBCC37F4D5D8ED7A64BF512DD53BB714408ECBEAB275F2"
Last-Modified: Sun, 11 Aug 2024 14:11:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4921
Expires: Mon, 12 Aug 2024 16:39:58 GMT
Date: Mon, 12 Aug 2024 15:17:57 GMT
Connection: keep-alive

GET ipoldest.com/present/brother5.js?26904a0.1644617668285706

193.200.65.68

200 OK

30 kB

URL GET HTTP/1.1
ipoldest.com/present/brother5.js?26904a0.1644617668285706
IP
193.200.65.68:443
ASN
#6681 Giveme Cloud Sp Z O O

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectipoldest.com
Fingerprint24:CE:B4:7D:E8:2E:70:F5:8F:93:15:14:E8:ED:A0:EB:20:8C:C1:7F
ValidityTue, 23 Jul 2024 11:26:01 GMT - Mon, 21 Oct 2024 11:26:00 GMT

File type
Unicode text, UTF-8 text, with very long lines (2416)
Size
30 kB (29905 bytes)
Hash
ea6a6827ae7efd2bc9a909d5e4fb61a6
cee39b11b32f7442e09440679d100737a5c10c75
1f4be3e4fcc9c1b5ad61f4970b06dc2bac1c3313109949252441e72c8fbf7351

HTTP Headers

GET /present/brother5.js?26904a0.1644617668285706 HTTP/1.1
Host: ipoldest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Aug 2024 15:17:57 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

POST newrotatormarch23.bid/13ph6.json

95.216.65.102

200 OK

1.7 kB

URL POST HTTP/2
newrotatormarch23.bid/13ph6.json
IP
95.216.65.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectnewrotatormarch23.bid
FingerprintC1:43:BA:3A:04:D8:D2:77:16:3B:5E:53:19:34:05:41:C8:85:DF:FB
ValidityFri, 12 Jul 2024 17:34:46 GMT - Thu, 10 Oct 2024 17:34:45 GMT

File type
JSON text data
Size
1.7 kB (1692 bytes)
Hash
8ff013d6ca9d1d2cc3811379e8ac9593
bbbc63fcfdb69a367f386065dbf91e3504e7fe94
36422b4b4e7ca27595ba6ba2b3d1d7376b8f3045218bc707a4e513a1852ccde3

HTTP Headers

POST /13ph6.json HTTP/1.1
Host: newrotatormarch23.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 206
Origin: https://anfillada.ru
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Aug 2024 15:17:56 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2

GET cs11.ipoldest.com/files/audio.mp3?domain=anfillada.ru

193.200.65.13

200 OK

11 kB

URL GET HTTP/1.1
cs11.ipoldest.com/files/audio.mp3?domain=anfillada.ru
IP
193.200.65.13:443
ASN
#6681 Giveme Cloud Sp Z O O

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectipoldest.com
Fingerprint24:CE:B4:7D:E8:2E:70:F5:8F:93:15:14:E8:ED:A0:EB:20:8C:C1:7F
ValidityTue, 23 Jul 2024 11:26:01 GMT - Mon, 21 Oct 2024 11:26:00 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo
Size
11 kB (10999 bytes)
Hash
982715f2420bbfa867e4e3dd47777838
ef59c8412bc0f3542f133c8a1f4b51192737adff
8f6fe530630792e5d9116987cf1a4f109d4f4ee07ec95f5ca2493a8e59a416ea

HTTP Headers

GET /files/audio.mp3?domain=anfillada.ru HTTP/1.1
Host: cs11.ipoldest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anfillada.ru
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Cookie: uuid=17234758773657061172
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Aug 2024 15:17:57 GMT
Content-Type: audio/mpeg
Content-Length: 10999
Last-Modified: Thu, 06 May 2021 19:20:02 GMT
Connection: keep-alive
ETag: "60944162-2af7"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://anfillada.ru
Accept-Ranges: bytes

GET cs10.ipoldest.com/content/59842/3456453_2.webp

193.200.65.12

200 OK

23 kB

URL GET HTTP/1.1
cs10.ipoldest.com/content/59842/3456453_2.webp
IP
193.200.65.12:443
ASN
#6681 Giveme Cloud Sp Z O O

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectipoldest.com
Fingerprint24:CE:B4:7D:E8:2E:70:F5:8F:93:15:14:E8:ED:A0:EB:20:8C:C1:7F
ValidityTue, 23 Jul 2024 11:26:01 GMT - Mon, 21 Oct 2024 11:26:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp
Size
23 kB (22878 bytes)
Hash
3f2eae0900adf3abc80f0cb480a038e4
8f218c0792b3e282d73bb8efed0e16545a1371e1
128f3cf33a8416edd518dbe77c0a8ac67b6bc844d8cdac5860f0afe09e97726d

HTTP Headers

GET /content/59842/3456453_2.webp HTTP/1.1
Host: cs10.ipoldest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Cookie: uuid=17234758773657061172
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Aug 2024 15:17:57 GMT
Content-Type: image/webp
Content-Length: 22878
Last-Modified: Wed, 05 Jun 2024 07:21:10 GMT
Connection: keep-alive
Cache-Control: public, max-age=28800
ETag: "666011e6-595e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: OPTIONS, POST, GET
Access-Control-Allow-Headers: Content-Type
Accept-Ranges: bytes

GET cs10.ipoldest.com/content/59842/3456453.webp

193.200.65.12

200 OK

13 kB

URL GET HTTP/1.1
cs10.ipoldest.com/content/59842/3456453.webp
IP
193.200.65.12:443
ASN
#6681 Giveme Cloud Sp Z O O

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectipoldest.com
Fingerprint24:CE:B4:7D:E8:2E:70:F5:8F:93:15:14:E8:ED:A0:EB:20:8C:C1:7F
ValidityTue, 23 Jul 2024 11:26:01 GMT - Mon, 21 Oct 2024 11:26:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
13 kB (13332 bytes)
Hash
c8992a938050acb3e0428f73c67caa0e
ce94ea2ada58d3968d6a774874543ae0a199768e
d661fd52a5aaa0de4df42d9faeceec5e449761b6d6639d656c2b106138233b14

HTTP Headers

GET /content/59842/3456453.webp HTTP/1.1
Host: cs10.ipoldest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Cookie: uuid=17234758773657061172
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Aug 2024 15:17:57 GMT
Content-Type: image/webp
Content-Length: 13332
Last-Modified: Wed, 05 Jun 2024 07:21:10 GMT
Connection: keep-alive
Cache-Control: public, max-age=28800
ETag: "666011e6-3414"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: OPTIONS, POST, GET
Access-Control-Allow-Headers: Content-Type
Accept-Ranges: bytes

GET cs11.ipoldest.com/files/inpage/sprite.svg

193.200.65.13

200 OK

21 kB

URL GET HTTP/1.1
cs11.ipoldest.com/files/inpage/sprite.svg
IP
193.200.65.13:443
ASN
#6681 Giveme Cloud Sp Z O O

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectipoldest.com
Fingerprint24:CE:B4:7D:E8:2E:70:F5:8F:93:15:14:E8:ED:A0:EB:20:8C:C1:7F
ValidityTue, 23 Jul 2024 11:26:01 GMT - Mon, 21 Oct 2024 11:26:00 GMT

File type
SVG Scalable Vector Graphics image
Size
21 kB (20730 bytes)
Hash
98d972b362228d8f5dc70b671499490c
bacb5db76634262af0aee07561ed7a4e66005c19
13dbf87dd28bf5ef81ffa7ca883bb2b10ccca4544534a758f55d69808089b7e0

HTTP Headers

GET /files/inpage/sprite.svg HTTP/1.1
Host: cs11.ipoldest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Cookie: uuid=17234758773657061172
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Aug 2024 15:17:57 GMT
Content-Type: image/svg+xml
Content-Length: 20730
Last-Modified: Sat, 21 Aug 2021 15:17:14 GMT
Connection: keep-alive
ETag: "612118fa-50fa"
Expires: Tue, 13 Aug 2024 15:17:57 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

GET anfillada.ru/favicon.ico

172.67.213.166

200 OK

3.9 kB

URL GET HTTP/3
anfillada.ru/favicon.ico
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
gzip compressed data, max speed, from Unix
Size
3.9 kB (3858 bytes)
Hash
38dad026c6e33238afc640dad5b8e893
ccfb58de3532697f3bf3f81ebbc0d084f54a2701
2ec3d09ca2f60850f753b5a7b61e045c085b93f38d2679f88afcdf2067a62c3b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:56 GMT
content-type: image/x-icon
last-modified: Thu, 01 Aug 2024 04:16:35 GMT
etag: W/"66ab0c23-809c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6p3Bxu4Mnlj3f0OCVfN%2BAo64nNtVglOEezJRNknC9tJVFLcpattW2fvWw3RGzcHZbZrxPzZUac1VuQdX8T5xskKpK3afAyu3y%2BS%2F%2Fl59pISvEwYm9AbCyoi5OCzvFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f62af3356c7-OSL
alt-svc: h3=":443"; ma=86400

GET gsimvqfghc.com/json/?3b278fa=191472ada4a-18b688d6a77&358fa2e=16406&5088a48=143201%2C700%20143204%2C700%20140876%2C700

116.202.32.33

422 Unprocessable Entity

0 B

URL GET HTTP/2
gsimvqfghc.com/json/?3b278fa=191472ada4a-18b688d6a77&358fa2e=16406&5088a48=143201%2C700%20143204%2C700%20140876%2C700
IP
116.202.32.33:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectzyjbvnxiig.com
Fingerprint55:59:D5:B9:B6:47:CF:48:79:74:DF:D4:38:E3:BF:12:01:0B:E3:FD
ValidityMon, 05 Aug 2024 14:07:58 GMT - Sun, 03 Nov 2024 14:07:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /json/?3b278fa=191472ada4a-18b688d6a77&358fa2e=16406&5088a48=143201%2C700%20143204%2C700%20140876%2C700 HTTP/1.1
Host: gsimvqfghc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anfillada.ru/
Content-Type: text/plain
X-Real-Url: https://anfillada.ru/seks-mami-m-sina.html
X-Language: en-us
Origin: https://anfillada.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 422 Unprocessable Entity
server: nginx/1.18.0
date: Mon, 12 Aug 2024 15:17:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: X-Real-Url, Content-Type
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://anfillada.ru
x-adsbid-request: gxvjp2iopn4ug083
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b3cb4fa78d48efd3475d6c2225a3a440
d25b7736221fe0073288e3ec4950389761ae2a06
799a896dc6357139a345e649d5cc7560ec07901f5a272e102018cb4dc18aebd7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "799A896DC6357139A345E649D5CC7560EC07901F5A272E102018CB4DC18AEBD7"
Last-Modified: Sun, 11 Aug 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19128
Expires: Mon, 12 Aug 2024 20:36:45 GMT
Date: Mon, 12 Aug 2024 15:17:57 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b3cb4fa78d48efd3475d6c2225a3a440
d25b7736221fe0073288e3ec4950389761ae2a06
799a896dc6357139a345e649d5cc7560ec07901f5a272e102018cb4dc18aebd7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "799A896DC6357139A345E649D5CC7560EC07901F5A272E102018CB4DC18AEBD7"
Last-Modified: Sun, 11 Aug 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19128
Expires: Mon, 12 Aug 2024 20:36:45 GMT
Date: Mon, 12 Aug 2024 15:17:57 GMT
Connection: keep-alive

GET anfillada.ru/wp-includes/js/wp-embed.min.js?ver=6.3

172.67.213.166

200 OK

1.4 kB

URL GET HTTP/3
anfillada.ru/wp-includes/js/wp-embed.min.js?ver=6.3
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
ASCII text, with very long lines (1438), with no line terminators
Size
1.4 kB (1399 bytes)
Hash
e26cb960d949cb40b6b317344776c5ef
4a6465155b54bb34153aa91ef743137e3a03bbc7
10fdc1c93259f417864f0f6e7c0b9e24ca295db0ed0e9653dd15d2c04d240290

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=6.3 HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 21 Jul 2024 02:16:34 GMT
etag: W/"669c6f82-577"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guo%2FIwAkKDzecbD2aHE84JwJmyAxh1kVYIXRBPqJf08bXpH%2BFaPXKS7%2BWoPjsuicDovbrsUpr61lEFfjPm0F5kPVDgSIUaUjL%2FsnrOueTTw0Oew0Yy5NTQpic7K31XY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a6d1256c7-OSL
alt-svc: h3=":443"; ma=86400

GET octo25.me/lhzbsrfkjf/js/9486?r=&88621

188.114.96.1

200 OK

78 kB

URL GET HTTP/2
octo25.me/lhzbsrfkjf/js/9486?r=&88621
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectocto25.me
Fingerprint89:4A:09:BF:5A:1B:17:3B:88:A8:5C:D3:A0:24:2F:96:01:0F:E3:96
ValidityFri, 02 Aug 2024 06:46:41 GMT - Thu, 31 Oct 2024 06:46:40 GMT

File type

Size
78 kB (77881 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lhzbsrfkjf/js/9486?r=&88621 HTTP/1.1
Host: octo25.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:56 GMT
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 16:36:15 GMT
etag: W/"66b250ff-13039"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jlzyGmj7nisho4lQk%2BiJWpxogG4ZyYVU7QT%2BFtrbga4MOu6UTK4yN6CBKGJYI7HhuFYEa0J1m9MXHCyPf7y5%2FI8K0zVImljLo87g%2FTxyTjrrYGfe1wYv6bjmUlc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b216f643c210b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET anfillada.ru/seks-mami-m-sina.html

172.67.213.166

200 OK

23 kB

URL User Request GET HTTP/2
anfillada.ru/seks-mami-m-sina.html
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type

Size
23 kB (22738 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seks-mami-m-sina.html HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gitOPpAziMuXeWE8rmJze%2FAad8SarVWi3c4DI9Q0NBfXZEOykYC3VJyhngVe0ZcaB3CJzzsZYe33nJvubI3kENDzRS0ZXfFPvhSzBnmiioOAMOpZAw4JUIgmq%2FwI4ZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b216f56df9b5697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET anfillada.ru/wp-content/themes/popularis/style.css?ver=6.3

172.67.213.166

200 OK

20 kB

URL GET HTTP/3
anfillada.ru/wp-content/themes/popularis/style.css?ver=6.3
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
ASCII text, with very long lines (374)
Size
20 kB (20507 bytes)
Hash
4f45d3801087fb1b4d09fc9d34d68a47
abde39a9075ae166e0c72ba60fe1c65805c76be3
83393643e8688585c7326ce25550c3ce36c13d62facaabe29781fa095210c8fd

HTTP Headers

GET /wp-content/themes/popularis/style.css?ver=6.3 HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: text/css
last-modified: Sun, 21 Jul 2024 02:16:28 GMT
etag: W/"669c6f7c-501b"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gSIhttpbkVjAgm7nbdIxvZvoX4F7ox9bT6bTK6p8mhHATaAm1OHQOK3PupJwXsMkIvl%2BEbXYQoNEKAYAzilBgebK5Ah5%2F9dK79EUpBeFJbon8tjx3OXbAs7ejJCtJ6w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f59fc9256c7-OSL
alt-svc: h3=":443"; ma=86400

GET ipoldest.com/present/brother.js?26904&mode=list&u=null&r=0.8938857241335354

193.200.65.68

200 OK

463 B

URL GET HTTP/1.1
ipoldest.com/present/brother.js?26904&mode=list&u=null&r=0.8938857241335354
IP
193.200.65.68:443
ASN
#6681 Giveme Cloud Sp Z O O

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectipoldest.com
Fingerprint24:CE:B4:7D:E8:2E:70:F5:8F:93:15:14:E8:ED:A0:EB:20:8C:C1:7F
ValidityTue, 23 Jul 2024 11:26:01 GMT - Mon, 21 Oct 2024 11:26:00 GMT

File type
Unicode text, UTF-8 text, with very long lines (424), with no line terminators
Size
463 B (463 bytes)
Hash
b6c73b455c0806e2662f60de81c51eec
a936e63b76142ca2019c8bddc8b6b7a4b2822a0a
2a14fe7cd0bb7eb42fdc0975c0a3af561156619c80da489f92258ff9448f3e11

HTTP Headers

GET /present/brother.js?26904&mode=list&u=null&r=0.8938857241335354 HTTP/1.1
Host: ipoldest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Aug 2024 15:17:57 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 463
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=17234758773657061172; expires=Wed, 12-Aug-2026 15:17:57 GMT; Max-Age=63072000; path=/; samesite=None; domain=.ipoldest.com; secure

GET anfillada.ru/wp-content/themes/popularis-writer/style.css?ver=1.0.2

172.67.213.166

200 OK

4.9 kB

URL GET HTTP/3
anfillada.ru/wp-content/themes/popularis-writer/style.css?ver=1.0.2
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
ASCII text, with very long lines (5046), with no line terminators
Size
4.9 kB (4890 bytes)
Hash
1054db927558a842faee409f8d0d344d
ac3649ca149b9b9d0c72c2a3bd66b92da4b8a096
9b3d394bed5b28bbca4f7bec3b493f251556002faf8907568eeed16a290ae46e

HTTP Headers

GET /wp-content/themes/popularis-writer/style.css?ver=1.0.2 HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: text/css
last-modified: Sun, 21 Jul 2024 02:16:28 GMT
etag: W/"669c6f7c-131a"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2x5pIsAX7dcJ9oROCnhJGsmiCiXTvyIaFPrW5BQYCHm10saEhNOcrLdPyq4ZTfnQc%2FTDgZ5rT4OAY6TDzw7YvtdHm%2B33rdDZE5xBiI%2BVjHaY9RYciBG7dGTqNbKFxUw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f59fc9356c7-OSL
alt-svc: h3=":443"; ma=86400

GET anfillada.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

172.67.213.166

200 OK

10 kB

URL GET HTTP/3
anfillada.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
JavaScript source, ASCII text, with very long lines (9959)
Size
10 kB (10056 bytes)
Hash
7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 21 Jul 2024 02:16:34 GMT
etag: W/"669c6f82-2748"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7F40VOiXzMysoEfiuj4Ylgiydd6154e6V0jyFan3dNK27UXdBDUFhrDqFXPGGW6TAHsUJTeihDzg62rbsBBKxm8bCEinXd0gZDzAzOvnZQRUYBjA8u2Toegl9G7yLEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a0cb056c7-OSL
alt-svc: h3=":443"; ma=86400

GET ebalka.tube/contents/videos_screenshots/62000/62852/preview_preview_l.mp4.jpg

104.26.7.161

301 Moved Permanently

7.7 kB

URL GET HTTP/2
ebalka.tube/contents/videos_screenshots/62000/62852/preview_preview_l.mp4.jpg
IP
104.26.7.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectebalka.tube
FingerprintDA:42:98:56:78:70:0D:AC:A6:38:A4:46:71:12:8C:8A:60:DC:D0:D2
ValiditySat, 03 Aug 2024 07:31:39 GMT - Fri, 01 Nov 2024 07:31:38 GMT

File type

Size
7.7 kB (7700 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /contents/videos_screenshots/62000/62852/preview_preview_l.mp4.jpg HTTP/1.1
Host: ebalka.tube
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: text/html
location: https://www.ebalka.link/contents/videos_screenshots/62000/62852/preview_preview_l.mp4.jpg
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FvWO%2FIZUfsKCOCuwxtFOppwOje0fxRHy5n6XWI6ez7PlWlapBhSJTZXbtGUPSlAOott6A2MJt4xrCShF6K92Fq%2Bpl4k50EZuiGzX%2FPq%2B%2FcgBb3eGEjepjBJexGM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5deb40b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET anfillada.ru/wp-content/themes/popularis/assets/css/mmenu-light.css?ver=1.1

172.67.213.166

200 OK

5.0 kB

URL GET HTTP/3
anfillada.ru/wp-content/themes/popularis/assets/css/mmenu-light.css?ver=1.1
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
ASCII text, with very long lines (5424), with no line terminators
Size
5.0 kB (5008 bytes)
Hash
68cff661ac9b7d00deec9a85c2bbdaf2
21959c5cf84bbf6b9767abdd295f57e38fe91049
0f87e17892e8066cf3d5cce3dcf8b6cc5a9cd9af5b2cb2aa3b95132aab993db7

HTTP Headers

GET /wp-content/themes/popularis/assets/css/mmenu-light.css?ver=1.1 HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: text/css
last-modified: Sun, 21 Jul 2024 02:16:28 GMT
etag: W/"669c6f7c-1390"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4CgMpRkvsnOBH0oo5gbWVGiy%2B8RId1a3UVIGRfjCT%2FcYU7wV1Gk7PRbTc9ouK6V2d9I%2FcdQZ%2BWUrND1pP0JYSquz2COpqby7NOLTmDplICw7J4qBp45G2AYcaN%2BolM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f59fc9556c7-OSL
alt-svc: h3=":443"; ma=86400

GET pushadvert.bid/code/gfswmzlfme5ha3ddf4zdaojs

185.177.94.180

200 OK

10 B

URL GET HTTP/2
pushadvert.bid/code/gfswmzlfme5ha3ddf4zdaojs
IP
185.177.94.180:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subject0.xxxmedia.bid
FingerprintE0:E8:90:20:08:A7:18:38:63:8E:EA:99:3C:A3:81:1F:A8:2B:81:51
ValidityThu, 01 Aug 2024 19:22:40 GMT - Wed, 30 Oct 2024 19:22:39 GMT

File type
ASCII text, with no line terminators
Size
10 B (10 bytes)
Hash
f495e69f2e9edc75eeae7dd3ea78a747
a89e38bbe70fa2de5db9d578975abd4e9dcda52e
8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c

HTTP Headers

GET /code/gfswmzlfme5ha3ddf4zdaojs HTTP/1.1
Host: pushadvert.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=a2aada35-e0f8-4e53-aa41-0b5a6c245bf3; expires=Wed, 11-Sep-2024 15:17:55 GMT; Max-Age=2592000; path=/; SameSite=None; domain=pushadvert.bid; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

GET sexmamki.org/uploads/images6562.jpg

0.0.0.0

0 B

URL GET
sexmamki.org/uploads/images6562.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://anfillada.ru/seks-mami-m-sina.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images6562.jpg HTTP/1.1
Host: sexmamki.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET anfillada.ru/wp-content/themes/popularis/assets/css/font-awesome.min.css?ver=4.7.0

172.67.213.166

200 OK

31 kB

URL GET HTTP/3
anfillada.ru/wp-content/themes/popularis/assets/css/font-awesome.min.css?ver=4.7.0
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /wp-content/themes/popularis/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: text/css
last-modified: Sun, 21 Jul 2024 02:16:28 GMT
etag: W/"669c6f7c-7918"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzsn3N5HIFTqoiV685w4zSNC1xCQ62HCPymW%2BOur26ihnRHyH1OXdb0Q3e3ReW%2FU59fSDcMEUD8852gBzYrn1n5bYDb3ZtyPjeXtSx9jUBsNAmaBMMkJ%2BaCkAhyRlLc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a0c9856c7-OSL
alt-svc: h3=":443"; ma=86400

GET anfillada.ru/wp-content/themes/popularis/assets/js/bootstrap.min.js?ver=3.3.7

172.67.213.166

200 OK

7.2 kB

URL GET HTTP/3
anfillada.ru/wp-content/themes/popularis/assets/js/bootstrap.min.js?ver=3.3.7
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
JavaScript source, ASCII text, with very long lines (7448), with no line terminators
Size
7.2 kB (7200 bytes)
Hash
f3b235b700128dd85632eac68ff21c13
ebf5fd1660ea883625d246074dd369db882d6c2a
3ac35599506d74860d903090f32f5a9ee2954548e069802ba3a16e181d45da09

HTTP Headers

GET /wp-content/themes/popularis/assets/js/bootstrap.min.js?ver=3.3.7 HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 21 Jul 2024 02:16:34 GMT
etag: W/"669c6f82-1c20"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewi0KtLaIH1epk7igD6NV%2FAGbLilwjPI8kvmG%2FUmM%2BdKhq5w1yUUK%2BaD7BLcFTnxq1BUm%2FzaXxVNVCeRn%2BYQge4S%2BtIOZ%2FVyhtGi7s1r59Zt65cja2GbMPof3MoPkq0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a6d0f56c7-OSL
alt-svc: h3=":443"; ma=86400

GET ebalka.tube/contents/videos_screenshots/100000/100254/preview_preview_l.mp4.jpg

104.26.7.161

301 Moved Permanently

12 kB

URL GET HTTP/2
ebalka.tube/contents/videos_screenshots/100000/100254/preview_preview_l.mp4.jpg
IP
104.26.7.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectebalka.tube
FingerprintDA:42:98:56:78:70:0D:AC:A6:38:A4:46:71:12:8C:8A:60:DC:D0:D2
ValiditySat, 03 Aug 2024 07:31:39 GMT - Fri, 01 Nov 2024 07:31:38 GMT

File type

Size
12 kB (12252 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /contents/videos_screenshots/100000/100254/preview_preview_l.mp4.jpg HTTP/1.1
Host: ebalka.tube
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: text/html
location: https://www.ebalka.link/contents/videos_screenshots/100000/100254/preview_preview_l.mp4.jpg
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bu5x6%2BVzaeXCMssth%2FmQH%2FZLqpVojE%2FfTSIevZB%2BZ3uehg%2BQTcYtG6hXo3sYOlfvT%2BnMIbXzThJaJkFtUP0SouCnupJfB5YKbmX%2FpfUNjdHuA8FGWg0q03svkf7m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5d6a55b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET anfillada.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.3

172.67.213.166

200 OK

42 kB

URL GET HTTP/3
anfillada.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.3
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
ASCII text, with very long lines (41467), with no line terminators
Size
42 kB (41467 bytes)
Hash
9eeddc51b0b4a2580a959042d50f826e
e42006973f24baf82c96ee3ae594eedfa1719f82
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.3 HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: text/css
last-modified: Sun, 21 Jul 2024 02:16:28 GMT
etag: W/"669c6f7c-a1fb"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gJKFSNrfD%2B1mhNM2Iw1ZGTZ55Ombc0yC%2BbIQUiw3TapnzUjGF0rwgrQBcIFY6LejB4htwdbX3lvSqWhgyeJ4ezlRsWslFxX7JopvRJ0RsU%2F90e5sexqYd0McSINhfWM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f59fc8956c7-OSL
alt-svc: h3=":443"; ma=86400

GET mamochki.info/uploads/images6825.jpg

0.0.0.0

0 B

URL GET
mamochki.info/uploads/images6825.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://anfillada.ru/seks-mami-m-sina.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images6825.jpg HTTP/1.1
Host: mamochki.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET anfillada.ru/wp-content/themes/popularis/assets/css/bootstrap.css?ver=3.3.7

172.67.213.166

200 OK

68 kB

URL GET HTTP/3
anfillada.ru/wp-content/themes/popularis/assets/css/bootstrap.css?ver=3.3.7
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
assembler source, ASCII text, with very long lines (540)
Size
68 kB (67731 bytes)
Hash
15b438005129873f522c957d10c22c7b
c1206a57463167cd8b3bf5f234c7701c3c26f159
b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2

HTTP Headers

GET /wp-content/themes/popularis/assets/css/bootstrap.css?ver=3.3.7 HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:54 GMT
content-type: text/css
last-modified: Sun, 21 Jul 2024 02:16:28 GMT
etag: W/"669c6f7c-10893"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtEA8AO1YcvnBFRwL%2FPRmtXMdqpbDsqHch3udR3x22X8h8QBE9%2B6FuJJ7oR6IJTC17UHXReE61ncjebjunL%2BnwuUN3cdSigKXvwLSJroasrRyaUfu3yxNyCb1jehS8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f59fc8e56c7-OSL
alt-svc: h3=":443"; ma=86400

GET gsimvqfghc.com/script.js

116.202.32.33

200 OK

105 kB

URL GET HTTP/2
gsimvqfghc.com/script.js
IP
116.202.32.33:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerLet's Encrypt
Subjectzyjbvnxiig.com
Fingerprint55:59:D5:B9:B6:47:CF:48:79:74:DF:D4:38:E3:BF:12:01:0B:E3:FD
ValidityMon, 05 Aug 2024 14:07:58 GMT - Sun, 03 Nov 2024 14:07:57 GMT

File type

Size
105 kB (105409 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script.js HTTP/1.1
Host: gsimvqfghc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 12 Aug 2024 15:17:56 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=1800
x-adsbid-request: g4zmlnetyawc
content-encoding: gzip
X-Firefox-Spdy: h2

GET octo25.me/get-pro/9486?source=&page=https%3A%2F%2Fanfillada.ru%2Fseks-mami-m-sina.html&res_type=desktop&fingerprint=60fa2ca3ec1520726c2361f1e2f89fc5&255330

188.114.96.1

200 OK

1.6 kB

URL GET HTTP/3
octo25.me/get-pro/9486?source=&page=https%3A%2F%2Fanfillada.ru%2Fseks-mami-m-sina.html&res_type=desktop&fingerprint=60fa2ca3ec1520726c2361f1e2f89fc5&255330
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectocto25.me
Fingerprint89:4A:09:BF:5A:1B:17:3B:88:A8:5C:D3:A0:24:2F:96:01:0F:E3:96
ValidityFri, 02 Aug 2024 06:46:41 GMT - Thu, 31 Oct 2024 06:46:40 GMT

File type
ASCII text, with very long lines (1696), with no line terminators
Size
1.6 kB (1596 bytes)
Hash
d04ecd0dc116578d45f8a479ae039179
54364c8505c7dc84fac07c3b04c7fca5dd4f3038
62a2f4c75559bee07fb39bd21e4b5b2143a7ad9f0652fcda20328d4d2a52a18a

HTTP Headers

GET /get-pro/9486?source=&page=https%3A%2F%2Fanfillada.ru%2Fseks-mami-m-sina.html&res_type=desktop&fingerprint=60fa2ca3ec1520726c2361f1e2f89fc5&255330 HTTP/1.1
Host: octo25.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anfillada.ru
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:57 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://anfillada.ru
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F7B8BqlXN3BlD%2BzWIKSrfUXKjHppJY%2Fel49cs%2FvQrpMY71WD6iM%2FYMYPevcwXVZuA7%2Bw8zS8A9wcVzQ4xmSKQoIDryceApwGadvdrw4zpkw4T2yE8FddltTxH4c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b216f656953b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET fonts.googleapis.com/css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese

142.250.74.106

200 OK

5.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
ASCII text, with very long lines (5068), with no line terminators
Size
5.0 kB (4956 bytes)
Hash
ec4bca611842cd13cfd6feba64afaacf
064d0e71b5457d449fcf378faf17430329cf603f
dceeab8e3e31991c6ddb86d0a56d3b2e70862b7de5e576176f09035f9329415e

HTTP Headers

GET /css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Aug 2024 15:17:55 GMT
date: Mon, 12 Aug 2024 15:17:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET anfillada.ru/wp-content/themes/popularis/assets/js/customscript.js?ver=1.0.13

172.67.213.166

200 OK

3.2 kB

URL GET HTTP/3
anfillada.ru/wp-content/themes/popularis/assets/js/customscript.js?ver=1.0.13
IP
172.67.213.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectanfillada.ru
FingerprintC0:6D:C5:3D:3C:F8:7D:F0:3F:37:03:A4:34:D9:4D:4F:30:E1:B1:6D
ValidityTue, 30 Jul 2024 18:29:36 GMT - Mon, 28 Oct 2024 18:29:35 GMT

File type
JavaScript source, ASCII text, with very long lines (3354), with no line terminators
Size
3.2 kB (3232 bytes)
Hash
9f0071dbe0c55c152682f8b0eb18eb25
48245e9314e52e753b40482d0d7bb97007217225
5890e940e0bf74a3207deeb95f34c2a6dea310ce3dd778a8843e80e00814e21b

HTTP Headers

GET /wp-content/themes/popularis/assets/js/customscript.js?ver=1.0.13 HTTP/1.1
Host: anfillada.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anfillada.ru/seks-mami-m-sina.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:17:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 21 Jul 2024 02:16:34 GMT
etag: W/"669c6f82-ca0"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cmvWn91B1kSY7agqdyUPKRwxwqFsmVGgORkSG3q%2FRUuPuXQ1s1RNyOh4QMcOn3Gs%2BN97qN%2F96OvPfE%2B%2Ft6A6daG1o5PQHdw%2BIpDiPGHTngl%2BtnOrYIkczuluxQlp4rA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f5a6d1056c7-OSL
alt-svc: h3=":443"; ma=86400

GET www.ebalka.link/contents/videos_screenshots/62000/62852/preview_preview_l.mp4.jpg

104.26.2.22

200 OK

7.7 kB

URL GET HTTP/2
www.ebalka.link/contents/videos_screenshots/62000/62852/preview_preview_l.mp4.jpg
IP
104.26.2.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectebalka.link
FingerprintB8:C5:12:88:4E:AB:68:91:FA:CE:27:B6:85:A6:85:64:8A:70:3F:DC
ValidityWed, 31 Jul 2024 06:12:40 GMT - Tue, 29 Oct 2024 06:12:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 426x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.7 kB (7700 bytes)
Hash
2d2f10832e2abce52a06590165ff0ae0
6b93de26b3a5e1af9fd4b5b39dba452c08b123e0
bfe005f7d656a0bc976de00e7b9a6d4c015699d1c12e992a98b07998cc18beeb

HTTP Headers

GET /contents/videos_screenshots/62000/62852/preview_preview_l.mp4.jpg HTTP/1.1
Host: www.ebalka.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anfillada.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:56 GMT
content-type: image/jpeg
content-length: 7700
last-modified: Thu, 14 Mar 2024 05:32:04 GMT
etag: "65f28bd4-1e14"
expires: Tue, 12 Aug 2025 15:17:56 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YldMJh4DVULatMJZkuArM8dLuRzRhtmNy3ZYQh7o3x20lU9ybxSGq5zphzaTwy4X5Z5jROJv4c9OgbdyOUz8NJBZYjBmgMhsw%2BAygo4s3vvmrLPyWiXh4igBeQJgBguQzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f604def5688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.ebalka.link/contents/videos_screenshots/100000/100254/preview_preview_l.mp4.jpg

104.26.2.22

200 OK

12 kB

URL GET HTTP/2
www.ebalka.link/contents/videos_screenshots/100000/100254/preview_preview_l.mp4.jpg
IP
104.26.2.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anfillada.ru/seks-mami-m-sina.html
Certificate
IssuerGoogle Trust Services
Subjectebalka.link
FingerprintB8:C5:12:88:4E:AB:68:91:FA:CE:27:B6:85:A6:85:64:8A:70:3F:DC
ValidityWed, 31 Jul 2024 06:12:40 GMT - Tue, 29 Oct 2024 06:12:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 426x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (12252 bytes)
Hash
c061d69c9612e5088c7e2911438dd5c8
aea523d40338dc118289fd9ec5c4bcaaec779187
e1aacaa103adf8bbe29aa3d0ad91ecea093391e82d347de37ba5a85a3bfc8485

HTTP Headers

GET /contents/videos_screenshots/100000/100254/preview_preview_l.mp4.jpg HTTP/1.1
Host: www.ebalka.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anfillada.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:17:56 GMT
content-type: image/jpeg
content-length: 12252
last-modified: Fri, 22 Mar 2024 00:15:03 GMT
etag: "65fccd87-2fdc"
expires: Tue, 12 Aug 2025 15:17:56 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nllyMM4dx6SO3x9FYWFKDOvmrWPel3Jl7encV%2F06TgogS2WFfx0uPJ%2FW6wgzoHyfXBgGVpz1p%2FRivpQpqJi9FXlVl2lbYcYk%2F%2FLd%2F5y782LXgqgJSf7BAjjgeBJqCHdPVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b216f606e045688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN