r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4b8b051d555b46b1e9e64faebf91b4ab
bdab7f1f4146f0e7c16665692e4f1edd83c10a24
e069730519f658e767ec8edb57edd8e2b1ccb18d4f0ade0920654eac18f83456
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E069730519F658E767EC8EDB57EDD8E2B1CCB18D4F0ADE0920654EAC18F83456"
Last-Modified: Tue, 17 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6845
Expires: Tue, 17 Jan 2023 14:25:40 GMT
Date: Tue, 17 Jan 2023 12:31:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 405f8f149ccdf0005ca0d890c96a9cb4
64de3200cef76133dfad901d6709697d6842405e
3a10790c397a419450ac2c90b941fd20bc49af1dbaeb34678836306de8febfce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A10790C397A419450AC2C90B941FD20BC49AF1DBAEB34678836306DE8FEBFCE"
Last-Modified: Mon, 16 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5819
Expires: Tue, 17 Jan 2023 14:08:34 GMT
Date: Tue, 17 Jan 2023 12:31:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7488
Expires: Tue, 17 Jan 2023 14:36:24 GMT
Date: Tue, 17 Jan 2023 12:31:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 11:42:17 GMT
content-type: application/json
age: 2959
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HDi4DhctFr22cxUXpzyaCdA8YyHn1zSkxJ+ZicjCd5hDQgwM8qOVn4xMg+hGX/QUkKY2VvlXd5pXPGbV20YwSA==
x-amz-request-id: K7XA26ZNXM2ETSTS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 11:44:59 GMT
age: 2797
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:31:36 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
av.co-vid.win/v/s:/www.liaoai3.xyz/videos/114058/d747e78e2f69b1a01d10ee75591e3c53/title/%E3%80%90%E7%BD%91%E6%9B%9D%E9%97%A8%E3%80%91%E6%B2%B3%E5%8D%97%E7%A6%BD%E5%85%BD%E7%88%B6%E4%BA%B2%E5%B1%85%E7%84%B6%E5%AF%B9%E4%B8%A4%E4%B8%AA%E4%BA%B2%E5%A5%B3%E5%84%BF%E4%B8%8B%E6%89%8B%EF%BC%81%E5%85%B6%E4%B8%AD%E4%B8%80%E4%B8%AA%E5%A5%B3%E5%84%BF%E8%BF%98%E5%B8%AE%E5%BF%99%E5%BD%95%E5%83%8F%EF%BC%81-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91%20[20:42x1280p]
148.72.246.38200 OK 5.2 kB URL HTTP/1.1 av.co-vid.win/v/s:/www.liaoai3.xyz/videos/114058/d747e78e2f69b1a01d10ee75591e3c53/title/%E3%80%90%E7%BD%91%E6%9B%9D%E9%97%A8%E3%80%91%E6%B2%B3%E5%8D%97%E7%A6%BD%E5%85%BD%E7%88%B6%E4%BA%B2%E5%B1%85%E7%84%B6%E5%AF%B9%E4%B8%A4%E4%B8%AA%E4%BA%B2%E5%A5%B3%E5%84%BF%E4%B8%8B%E6%89%8B%EF%BC%81%E5%85%B6%E4%B8%AD%E4%B8%80%E4%B8%AA%E5%A5%B3%E5%84%BF%E8%BF%98%E5%B8%AE%E5%BF%99%E5%BD%95%E5%83%8F%EF%BC%81-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91%20[20:42x1280p]
IP 148.72.246.38:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4186), with CRLF line terminators
Hash 7313bfc1f3937e2b3e7cd1048a2697b5
c2cf6e2380b63f1d5547ff2f530b12d611766c5f
1ef64fade8b75b27f46c55bdeb90313acb3d2e7b83f39f92b5c4a709960bbff7
GET /v/s:/www.liaoai3.xyz/videos/114058/d747e78e2f69b1a01d10ee75591e3c53/title/%E3%80%90%E7%BD%91%E6%9B%9D%E9%97%A8%E3%80%91%E6%B2%B3%E5%8D%97%E7%A6%BD%E5%85%BD%E7%88%B6%E4%BA%B2%E5%B1%85%E7%84%B6%E5%AF%B9%E4%B8%A4%E4%B8%AA%E4%BA%B2%E5%A5%B3%E5%84%BF%E4%B8%8B%E6%89%8B%EF%BC%81%E5%85%B6%E4%B8%AD%E4%B8%80%E4%B8%AA%E5%A5%B3%E5%84%BF%E8%BF%98%E5%B8%AE%E5%BF%99%E5%BD%95%E5%83%8F%EF%BC%81-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91%20[20:42x1280p] HTTP/1.1
Host: av.co-vid.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 17 Jan 2023 12:31:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Host,Accept-Encoding
pdo-line8: host-av.co-vid.win127.0.0.1-myhost-av.co-vid.win127.0.0.1/v/s://www.liaoai3.xyz/videos/114058/d747e78e2f69b1a01d10ee75591e3c53/title/%E3%80%90%E7%BD%91%E6%9B%9D%E9%97%A8%E3%80%91%E6%B2%B3%E5%8D%97%E7%A6%BD%E5%85%BD%E7%88%B6%E4%BA%B2%E5%B1%85%E7%84%B6%E5%AF%B9%E4%B8%A4%E4%B8%AA%E4%BA%B2%E5%A5%B3%E5%84%BF%E4%B8%8B%E6%89%8B%EF%BC%81%E5%85%B6%E4%B8%AD%E4%B8%80%E4%B8%AA%E5%A5%B3%E5%84%BF%E8%BF%98%E5%B8%AE%E5%BF%99%E5%BD%95%E5%83%8F%EF%BC%81-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91%20[20:42x1280p]
phost: av.co-vid.win
line1066: notjp--myhost-av.co-vid.win-filteron-
pdo106: feedvid-, cachefileb-cacpdo6/87/c2/e15d66, lfm-1-17193, lmd-17193, lud-219130, xfvlen-1755102, fsize-197163, played-
pdophp-line408: -; cachetime- 1025.3019314575; ctime- 20230115094205
line1514: method-0: ik-找不|||到网|||页-|||聊爱|||视频|||找不到网页|||聊爱视频找不到网页-聊爱视频: vidlang-cn12510
line1528: method-0: ik-找不|||到网|||页-|||聊爱|||视频|||找不到网页|||聊爱视频找不到网页-聊爱视频: vidlang-cn
pdoline1599: sarray-599cn8080
pdoline1662: notjp-: fvkwcnt-12510
pdoline1666: notjp-: fvkwcnt-599
pdo-line1950: $i-63$load-0.86875
Cache-Control: max-age=283087, public
genre: genre=
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: MISS
Xkey-5950: av.co-vid.win/v/s:/www.liaoai3.xyz/videos/114058/d747e78e2f69b1a01d10ee75591e3c53/title/%E3%80%90%E7%BD%91%E6%9B%9D%E9%97%A8%E3%80%91%E6%B2%B3%E5%8D%97%E7%A6%BD%E5%85%BD%E7%88%B6%E4%BA%B2%E5%B1%85%E7%84%B6%E5%AF%B9%E4%B8%A4%E4%B8%AA%E4%BA%B2%E5%A5%B3%E5%84%BF%E4%B8%8B%E6%89%8B%EF%BC%81%E5%85%B6%E4%B8%AD%E4%B8%80%E4%B8%AA%E5%A5%B3%E5%84%BF%E8%BF%98%E5%B8%AE%E5%BF%99%E5%BD%95%E5%83%8F%EF%BC%81-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91%20[20:42x1280p]-B-av.co-vid.win-av.co-vid.win-cacpdo0---yes
X-Proxy-Cache-g-jp: HIT
Xkey-g-jp2: av.co-vid.win/v/s:/www.liaoai3.xyz/videos/114058/d747e78e2f69b1a01d10ee75591e3c53/title/%E3%80%90%E7%BD%91%E6%9B%9D%E9%97%A8%E3%80%91%E6%B2%B3%E5%8D%97%E7%A6%BD%E5%85%BD%E7%88%B6%E4%BA%B2%E5%B1%85%E7%84%B6%E5%AF%B9%E4%B8%A4%E4%B8%AA%E4%BA%B2%E5%A5%B3%E5%84%BF%E4%B8%8B%E6%89%8B%EF%BC%81%E5%85%B6%E4%B8%AD%E4%B8%80%E4%B8%AA%E5%A5%B3%E5%84%BF%E8%BF%98%E5%B8%AE%E5%BF%99%E5%BD%95%E5%83%8F%EF%BC%81-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91%20[20:42x1280p]-B-av.co-vid.win--my_zone
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 274fa5c5f99fe6db7b1cd1003c69abe3
b85c59724c2477200b2ac2f46cb276d63aba64ea
6cc71ef6f4ddd3cdf129070e391fb6410866754e0bbcdd3667b27d41b3b71572
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4237
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:36 GMT
Last-Modified: Tue, 17 Jan 2023 11:20:59 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 274fa5c5f99fe6db7b1cd1003c69abe3
b85c59724c2477200b2ac2f46cb276d63aba64ea
6cc71ef6f4ddd3cdf129070e391fb6410866754e0bbcdd3667b27d41b3b71572
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2948
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:36 GMT
Last-Modified: Tue, 17 Jan 2023 11:42:28 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 17 Jan 2023 12:17:25 GMT
age: 851
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5224
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:36 GMT
Last-Modified: Tue, 17 Jan 2023 11:04:32 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
cacrip.nakadashi.pw/AV4.us.jpg
172.64.129.21200 OK 8.7 kB URL HTTP/1.1 cacrip.nakadashi.pw/AV4.us.jpg
IP 172.64.129.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3\012- data
Hash edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
NIDS Severity Alert suricata low ET INFO HTTP Request to a *.pw domain
GET /AV4.us.jpg HTTP/1.1
Host: cacrip.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:36 GMT
Content-Type: image/jpeg
Content-Length: 8741
Connection: keep-alive
ETag: "2225-5499bcea176c0"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=360000
X-Proxy-Cache-5950: HIT
Xkey-5950: cacrip./AV4.us.jpg-A-cacrip.nakadashi.pw--cacpdo0---yes
CF-Cache-Status: HIT
Age: 140929
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OyKSPbaT4C3B2bp6UIvGTxPC8BO22AgN3om3ISLi5CFNkV6C%2FTUVRnDYLMeTQNbPZcVL2pElpMk0ckyPxWmFCUBLlDonWKUMhAH3CNJxV4%2BUzQQ%2F2AjTM0QaJXL13onqmh0IkDa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bde68ef23cc-LHR
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 274fa5c5f99fe6db7b1cd1003c69abe3
b85c59724c2477200b2ac2f46cb276d63aba64ea
6cc71ef6f4ddd3cdf129070e391fb6410866754e0bbcdd3667b27d41b3b71572
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4237
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:36 GMT
Last-Modified: Tue, 17 Jan 2023 11:20:59 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
54.149.149.164101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.149.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9avduNez031cwikeW5jPig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rQ13ax9L54QJm+etIV7uCjKgdXg=
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
104.17.24.14200 OK 4.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (10613)
Hash 9653b380e66b38af571efdafa5763f0d
835aa2c117b6b3156a3b439ec302ffa268466c55
3181b9ecf39cca87ae50e71c715a2accc9787ac8655edf1d0fc5195bd688b38f
GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 415705
expires: Sun, 07 Jan 2024 12:31:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ul7W%2BFIgvG9cjhswryKgeU1Zlrn%2FO7oZRVcbVLq%2BbtWv70HJUqsZnySrdX0gPsf79UJd3bRE7GZt7E7vetTqUmRDTCErtMeMAZsAeT5LLkXr6hul92Bz1l8%2BbjJ1fKU3ccppXWdp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78af1be1ba1cb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
151.101.65.229200 OK 67 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP 151.101.65.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (549)
Hash 6479de08f402b26b1998f86398769c93
905e1270234d2ac185e93622fcae00e36a90a8d8
1519be7d34cee9b973d5c28c8b2e7133eaedd72dec825b7de6475b56dd99d7e0
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.256.0
x-jsd-version-type: version
etag: W/"28b56-ECSInNVNzAVmdkHtunwb0yjK3hU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 17 Jan 2023 12:31:37 GMT
age: 36881
x-served-by: cache-fra-eddf8230043-FRA, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 67123
X-Firefox-Spdy: h2
jsjs.gazo.space/mycss/av4.css?3
172.64.98.28200 OK 1.3 kB URL HTTP/1.1 jsjs.gazo.space/mycss/av4.css?3
IP 172.64.98.28:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 55d39b2d0155f6d4ef3be034128f27bb
e21c9b2e878a57898ec2883cf334c057ecdb927c
6650b9e1cbcfe327a56bfefef2bec6ec0aa756ffa3d7ceb2e901dc828d42843d
GET /mycss/av4.css?3 HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"f05-5ef068d702bfd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Cake
Cache-Control: public, max-age=3600000
CF-Cache-Status: HIT
Age: 3337965
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLttj3qB2r1GbPkBdtQZ1%2FaBOi3%2Bpn4F8MHqjeMYyX%2FdomojjWjERM9b9UJLAilcCSf%2FpIbA0yop21d28EuD24Yww23FGs0d58iaclcYF586uSn7PO4FhWcE7BnBS87Fnpo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1be1ce0623b3-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
comments.gazo.space/comments/embed.js?37
172.64.98.28200 OK 6.7 kB URL HTTP/1.1 comments.gazo.space/comments/embed.js?37
IP 172.64.98.28:0
File type ASCII text, with very long lines (14022)
Hash 352c889af2cf2163a866e7e381ae9252
dba161ee742e83c96891e1c3fa8e9a6ecd88ab55
aca3691a6709b371e3dedde66943ed3a1b9a8d2b67734123916d74c1a82e510c
Analyzer Verdict Alert fortinet Phishing
GET /comments/embed.js?37 HTTP/1.1
Host: comments.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=360000
Cf-Bgj: minify
Cf-Polished: origSize=20813
ETag: W/"514d-5e998fd344edc"
X-Proxy-Cache-Rip: HIT
XkeyRip: jcomments./comments/embed.js?37-A-comments.gazo.space--my_zone-yes
CF-Cache-Status: HIT
Age: 270922
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTgok4XEPG7PlaE23b%2FrNYg0r3%2FB7%2FtRQvsBlPQ%2Bys82UHGKgCqHniXPDDJ%2BeeJRzrB46jvrM%2FlgseXhrjd4o7OjvtHOGPFlq6DMLBYiPTuky7bS3DOYbN69uR4WHHiyHXHRDD58"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1be1bffd75c0-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6f4934ef37f04950c15313f2cdc6902d
3ed5b8439867115a06edaf046472ee8d271c33ea
3fb58a81be10df91f59e3f6ceed7d607f77409087515cf675ff0d098c482c574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-620120-3
142.250.74.72200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-620120-3
IP 142.250.74.72:0
File type ASCII text, with very long lines (1921)
Hash 42cc997dbd6734aee0369ab57e51ae03
23af7f2d95e25726e62c04f78e704a39c16e9510
57a831ad4b2c1441e8161d5b4df2e6cdd2f26122352cc1a17b666ae5dd541ea7
GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 17 Jan 2023 12:31:37 GMT
expires: Tue, 17 Jan 2023 12:31:37 GMT
cache-control: private, max-age=900
last-modified: Tue, 17 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44107
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 01:25:53 GMT
expires: Sat, 13 Jan 2024 01:25:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 385544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
172.67.133.62200 OK 1.8 kB URL HTTP/1.1 cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
IP 172.67.133.62:0
File type ASCII text, with very long lines (4505)
Hash 62df3c3b9c50eb48c9bdf36e310babf2
1f69b85084ccd0348dcd55fba839be4f271a591d
883898451b3b4a6a893b54c87b71fe23df90be071936330b23eb2cd6c4f49274
GET /videojs-hotkeys/latest/videojs.hotkeys.min.js HTTP/1.1
Host: cdn.sc.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 02:39:12 GMT
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 5377
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGez6j926YOH5glODs%2FtEtbH50XpAz%2F4NMFbgPilGm0LuS5vzTW9rq%2FtCL9%2B6UF2m2h8hLpSgX22fsXWtuRtaARfejB%2FKThCjJKLp61Yd3WTVyj77MhqqZQz8f8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1be3d841b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash b56925c6ea3069994bd20b8b61767e13
5028260687ecc6ea4fab4f68fde49ca0a6e654de
2565fa0bd434c50a1bc0d925b0b6405ff85289b37a01e2fd12db5f885a6b4e57
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:37 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sat, 21 Jan 2023 09:13:10 GMT
ETag: "5028260687ecc6ea4fab4f68fde49ca0a6e654de"
Last-Modified: Tue, 17 Jan 2023 09:13:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2114
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1be3ec1d0b69-OSL
jsjs.gazo.space/index.php?js=very
172.64.98.28200 OK 60 kB URL HTTP/2 jsjs.gazo.space/index.php?js=very
IP 172.64.98.28:0
File type ASCII text, with no line terminators
Hash e142981ada576f30fd6a01aff363d090
a2bedb32cd905e4202444c15bdeb8823a0e3a838
4c502d5e6dc947249297ab90800d915b0eadfe2e33873c4d89f5f22eee52c597
Analyzer Verdict Alert fortinet Phishing
GET /index.php?js=very HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:37 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsjsgazospacmh--NO-rm2400cb003731024ac46a2a8/index.php?js=very
55nloadrate: 0.390625
cache-control: max-age=360000, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLuV7%2Fu8XEPmI20Fvo0RhUvImkUSsCT3mVFj5F0ewYWOWkihRenzUvHlm5ZKVdrmVWeUaaN8TcI%2BK3ZO%2BMMXgbvKK%2FSzTbmfMFgNx4iWgyXbyW6zqWl2lb5bXAj0VD3LvZw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1bde2b007529-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vjs.zencdn.net/7.8.2/video-js.css
151.101.2.217200 OK 11 kB URL HTTP/2 vjs.zencdn.net/7.8.2/video-js.css
IP 151.101.2.217:0
File type Unicode text, UTF-8 text, with very long lines (5844)
Hash 8e0b9e4f5782827464baaa97ab90792a
25330bf40d7ad79648413156e6680a5c0de064b1
f26b66fc7b0a3f85500fe249594bfec05008ab32b33cd885a67fb588b6eb9ac5
GET /7.8.2/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 21:39:05 GMT
etag: "9d2c20f32d2509c50bdcb9239fb9b62e"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Tue, 17 Jan 2023 12:31:37 GMT
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 3427
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10723
X-Firefox-Spdy: h2
vjs.zencdn.net/7.8.2/video.js
151.101.2.217200 OK 420 kB URL HTTP/2 vjs.zencdn.net/7.8.2/video.js
IP 151.101.2.217:0
File type ASCII text, with very long lines (320)
Size 420 kB (419634 bytes)
Hash 7dbd36f0fcc384a6409db98b80a76dcc
ec256a308360d2b696d874373430c495fdd5b313
33fe4721a551fd6335c11c42d75e828acf4d15dd49de3d93d761d260b5403d47
GET /7.8.2/video.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 21:39:10 GMT
etag: "52c53a33bb2cd149f293eb14fb22505d"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Tue, 17 Jan 2023 12:31:37 GMT
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 419634
X-Firefox-Spdy: h2
mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fwww.liaoai3.xyz%2Fvideos%2F114058%2Fd747e78e2f69b1a01d10ee75591e3c53%2Ftitle%2F%25E3%2580%2590%25E7%25BD%2591%25E6%259B%259D%25E9%2597%25A8%25E3%2580%2591%25E6%25B2%25B3%25E5%258D%2597%25E7%25A6%25BD%25E5%2585%25BD%25E7%2588%25B6%25E4%25BA%25B2%25E5%25B1%2585%25E7%2584%25B6%25E5%25AF%25B9%25E4%25B8%25A4%25E4%25B8%25AA%25E4%25BA%25B2%25E5%25A5%25B3%25E5%2584%25BF%25E4%25B8%258B%25E6%2589%258B%25EF%25BC%2581%25E5%2585%25B6%25E4%25B8%25AD%25E4%25B8%2580%25E4%25B8%25AA%25E5%25A5%25B3%25E5%2584%25BF%25E8%25BF%2598%25E5%25B8%25AE%25E5%25BF%2599%25E5%25BD%2595%25E5%2583%258F%25EF%25BC%2581-%25E8%2581%258A%25E7%2588%25B1%25E8%25A7%2586%25E9%25A2%2591%2520%5B20%3A42x1280p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1099861264272%3Ahid%3A1012360190%3Az%3A0%3Ai%3A20230117123137%3Aet%3A1673958697%3Ac%3A1%3Arn%3A29391509%3Arqn%3A1%3Au%3A167395869793887736%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A126%2C263%2C262%2C1%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673958695642%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673958697%3At%3A%E6%89%BE%E4%B8%8D%E5%88%B0%E7%BD%91%E9%A1%B5-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.250.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fwww.liaoai3.xyz%2Fvideos%2F114058%2Fd747e78e2f69b1a01d10ee75591e3c53%2Ftitle%2F%25E3%2580%2590%25E7%25BD%2591%25E6%259B%259D%25E9%2597%25A8%25E3%2580%2591%25E6%25B2%25B3%25E5%258D%2597%25E7%25A6%25BD%25E5%2585%25BD%25E7%2588%25B6%25E4%25BA%25B2%25E5%25B1%2585%25E7%2584%25B6%25E5%25AF%25B9%25E4%25B8%25A4%25E4%25B8%25AA%25E4%25BA%25B2%25E5%25A5%25B3%25E5%2584%25BF%25E4%25B8%258B%25E6%2589%258B%25EF%25BC%2581%25E5%2585%25B6%25E4%25B8%25AD%25E4%25B8%2580%25E4%25B8%25AA%25E5%25A5%25B3%25E5%2584%25BF%25E8%25BF%2598%25E5%25B8%25AE%25E5%25BF%2599%25E5%25BD%2595%25E5%2583%258F%25EF%25BC%2581-%25E8%2581%258A%25E7%2588%25B1%25E8%25A7%2586%25E9%25A2%2591%2520%5B20%3A42x1280p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1099861264272%3Ahid%3A1012360190%3Az%3A0%3Ai%3A20230117123137%3Aet%3A1673958697%3Ac%3A1%3Arn%3A29391509%3Arqn%3A1%3Au%3A167395869793887736%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A126%2C263%2C262%2C1%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673958695642%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673958697%3At%3A%E6%89%BE%E4%B8%8D%E5%88%B0%E7%BD%91%E9%A1%B5-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 331eb9bdb1c58648aff3acca04232fb2
b693b93f6d279b991463eaf7140756fa03f81022
4e07966d98b2d0186f3eb54f9d8decb51452c66809d638a8027ee38601a08998
GET /watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fwww.liaoai3.xyz%2Fvideos%2F114058%2Fd747e78e2f69b1a01d10ee75591e3c53%2Ftitle%2F%25E3%2580%2590%25E7%25BD%2591%25E6%259B%259D%25E9%2597%25A8%25E3%2580%2591%25E6%25B2%25B3%25E5%258D%2597%25E7%25A6%25BD%25E5%2585%25BD%25E7%2588%25B6%25E4%25BA%25B2%25E5%25B1%2585%25E7%2584%25B6%25E5%25AF%25B9%25E4%25B8%25A4%25E4%25B8%25AA%25E4%25BA%25B2%25E5%25A5%25B3%25E5%2584%25BF%25E4%25B8%258B%25E6%2589%258B%25EF%25BC%2581%25E5%2585%25B6%25E4%25B8%25AD%25E4%25B8%2580%25E4%25B8%25AA%25E5%25A5%25B3%25E5%2584%25BF%25E8%25BF%2598%25E5%25B8%25AE%25E5%25BF%2599%25E5%25BD%2595%25E5%2583%258F%25EF%25BC%2581-%25E8%2581%258A%25E7%2588%25B1%25E8%25A7%2586%25E9%25A2%2591%2520%5B20%3A42x1280p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1099861264272%3Ahid%3A1012360190%3Az%3A0%3Ai%3A20230117123137%3Aet%3A1673958697%3Ac%3A1%3Arn%3A29391509%3Arqn%3A1%3Au%3A167395869793887736%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A126%2C263%2C262%2C1%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673958695642%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673958697%3At%3A%E6%89%BE%E4%B8%8D%E5%88%B0%E7%BD%91%E9%A1%B5-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Tue, 17 Jan 2023 12:31:37 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://av.co-vid.win
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 17-Jan-2023 12:31:37 GMT
last-modified: Tue, 17-Jan-2023 12:31:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js
104.16.125.175200 OK 28 kB URL HTTP/2 unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js
IP 104.16.125.175:0
Hash 0ef1edc7ff408fff4277a759c6bb4aa8
fb26f1784184d38e880ea35279adda61cb394f11
be0357a8282d5e401e8328b3499c7628f5978e6f2367d37b5665710f65eac331
GET /videojs-flash@2.2.1/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:37 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"99ef-EigKzOQZJEjpPjsu+eGt9sbrqUo"
via: 1.1 fly.io
fly-request-id: 01G4XED00012H0FHS4H5YGBK8Y-fra
cf-cache-status: HIT
age: 19408025
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78af1be51e32b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
av.hentaitube.win//cacrip.nakadashi.pw/AV4.us.jpg
172.64.161.18200 OK 2.4 kB URL HTTP/1.1 av.hentaitube.win//cacrip.nakadashi.pw/AV4.us.jpg
IP 172.64.161.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1344), with CRLF, LF line terminators
Hash fa484157d11be435da31d79378293028
9eebf207fd893fda335c58c54b103e6298b52739
5b7d7db83ceb3719062e913fe8831ba4b96506f032aec6fed6d91387d07a7038
GET //cacrip.nakadashi.pw/AV4.us.jpg HTTP/1.1
Host: av.hentaitube.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jsjs.gazo.space/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Host,Accept-Encoding
pdo-line8: host-av.hentaitube.win127.0.0.1-myhost-av.hentaitube.win127.0.0.1//cacrip.nakadashi.pw/AV4.us.jpg
phost: av.hentaitube.win
line1066: notjp--myhost-av.hentaitube.win-filteron-
line2430: notjp-//cacrip.nakadashi.pw/AV4.us.jpg-myhost-av.hentaitube.win-filteron-
Cache-Control: public, max-age=780511798
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: EXPIRED
Xkey-5950: av.//cacrip.nakadashi.pw/AV4.us.jpg-A-av.hentaitube.win-av.hentaitube.win-cacpdo0---yes
X-Proxy-Cache-gla: HIT
Xkey-gla: av.//cacrip.nakadashi.pw/AV4.us.jpg-A-av.hentaitube.win--my_zone
CF-Cache-Status: HIT
Age: 2533105
Last-Modified: Mon, 19 Dec 2022 04:53:13 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjVPsME6yR7L5vIgL%2BEL7%2BzkxBrgX2SApNO5DW5m0ySdmK9V3OECnt9ICALqQGBd0ON9ISRRh9Uo6%2BKrk608242cydSRDQuQhOJmzFHjsRx%2Bm98dOwrtwx9EI%2BP72ZB%2BcWDUbw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78af1be8bee37556-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5411
Expires: Tue, 17 Jan 2023 14:01:49 GMT
Date: Tue, 17 Jan 2023 12:31:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 27 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae65e69c54a64780cb8f1cf9c9741d27
7f5944eb672b46fb595fa054114309e27656a83d
56f30a44327329f14d1ecd2a7c0f9ddde47cbf04db0ea7a26e5924a22bc1c362
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5411
Expires: Tue, 17 Jan 2023 14:01:49 GMT
Date: Tue, 17 Jan 2023 12:31:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad210f0ba6ce6930724549cbba76e83d
e4badc3fbca9913bc11d968dac5cad1f900ff492
ad5f754d5dbe870feabfe090a46838614e96d72e78b9a2a8010ab339c67130be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9529
x-amzn-requestid: 56f2b9a5-91c6-421a-ad84-165376e23dcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm6Fm-oAMFrDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-67a0c1fe6aad6e6b71e50463;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mzmFGVDfMuZte5CJUmchEQIVAuDUKdGfUpm7PRTUqnsP44IcDmbl8A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 53123
etag: "e4badc3fbca9913bc11d968dac5cad1f900ff492"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec0e283376914297c3fb2464ed15a31b
acd84e057b6c618fd3b31915983998c00fe21dc4
3d02b82d8f6a00703de7594f5b34baf0010294c1a7023818344ca341e4ac203c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10660
x-amzn-requestid: ac5d6edc-5228-4318-a99f-c08d3265aa87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3HXpH4PoAMF78Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5ec30-044bf7c40e44de637c0c2dba;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 00:30:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkEloLsB0trkJ9t_rqIbVsZmUi9ytfJ9JdQ-zjs7ZM5smU4xVwvkxA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 00:31:58 GMT
age: 43180
etag: "acd84e057b6c618fd3b31915983998c00fe21dc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fefb1f12a78ad92ed309da2c54984a3c
caf58bf6276e226a20a0d0cf6fc3d422f922eb28
baf6596c635254885f32e423cbc5667694754243f01109cbdbeb54c337b16bc2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14703
x-amzn-requestid: bdc14ffc-297a-4046-9a4f-26d454f6f9be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2trpGZkoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c317-58908dd71980be98200e8f6c;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: J674keESjH0GJBC8A6WnCmsHdxNtHNu5pbsv7EwSFSFMcxVCrZeFrw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 02:43:40 GMT
age: 35278
etag: "caf58bf6276e226a20a0d0cf6fc3d422f922eb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805a998e9a6fc452c152ab9542b6d0cd
0bd57ea7809abfa4136506f565ac8ba45c936406
b24e0b322cacda63e43582e713cb38d80914f6b82c735307188a2ddd9829338f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10736
x-amzn-requestid: 78c83dbb-f641-4ece-bd8d-ce9d524f100d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm5FLvoAMFn1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-73b261b87d3eb7b709161fdf;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hUS-ajMYSYKXI2jsZJApvgUgr0lnbrm02BXZ6rsPS5h0daBcIRtgEw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 53123
etag: "0bd57ea7809abfa4136506f565ac8ba45c936406"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jsjs.gazo.space/index.php?js=av4&advertisement&
172.64.98.28200 OK 44 kB URL HTTP/2 jsjs.gazo.space/index.php?js=av4&advertisement&
IP 172.64.98.28:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (6448), with CRLF line terminators
Hash 629421b1aa233933f3983537b1871287
88771df74144cc7c78faa4f7b02c969cdcb576bc
64266d83f199c10c34aafda2d1701f6fafef944359c09df7c99191c320ba1482
GET /index.php?js=av4&advertisement& HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:36 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsjsgazospacmh--GB-rm2400cb003731024ac46a274/index.php?js=av4&advertisement&
55nloadrate: 0.34625
cache-control: public, max-age=7200, s-max-age=1800
vary: Accept-Encoding
cf-cache-status: HIT
age: 177
last-modified: Tue, 17 Jan 2023 12:28:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foFddRl8YFmAR%2BJPmOI73eFEQva74eh5k4BYp8KXyZ2L6nuuzGvm0O%2FOKTo4PcF9opL75B7kC%2BWQOoqrKFRk96dMS%2FhOyMSoPGZR8CUTcu0MXP%2BxxLe60qe1aniGNdCAeZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1bde2afe7529-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32b9b2c-d57e-40ba-bdaa-0cad85d59f33.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32b9b2c-d57e-40ba-bdaa-0cad85d59f33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e29bab4151d6c143d3cf16e7a34b0390
38f5261653926d95074fa5550af5d77a25ebd74e
84bbdf1850d2d76ebb06c7a84446e4723e62a9d9b8e459ec6b833e5892ef66fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32b9b2c-d57e-40ba-bdaa-0cad85d59f33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8488
x-amzn-requestid: 5e260260-bd4b-44a5-919a-a6085a057c0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq1xkHSiIAMF9zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1033d-2e4e00dd43f10f0e0a3e0ac4;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:07:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jMMpXVZv5S99cInAAttvwEAoUcEDjzHChJMj1dJdVeQFOQEtX5C-cA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 00:27:28 GMT
age: 43450
etag: "38f5261653926d95074fa5550af5d77a25ebd74e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.236avporn.com/wp-content/uploads/2017/07/49.jpg
172.67.178.150200 OK 31 kB URL HTTP/2 www.236avporn.com/wp-content/uploads/2017/07/49.jpg
IP 172.67.178.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 511x287, components 3\012- data
Hash 64a4dbc4920c7ffe35f21c4f24c30fa2
759f85b1d2f772b0a1fd49728a6a0de6921db3b2
843d0a3fb9850ec98626d17711274fdf0ef6dc6023f0fab93e725fef949a10c0
GET /wp-content/uploads/2017/07/49.jpg HTTP/1.1
Host: www.236avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:38 GMT
content-type: image/jpeg
content-length: 30669
last-modified: Fri, 06 Mar 2020 06:08:00 GMT
etag: "5e61e8c0-77cd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3379496
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hokp2xm8TMsU0lN8pOhKrP0bFnyO1jeJAz15J7neG8RiDxfYAeEBLBn9dOAxUMOaiVJhcOXek2C8WHIzNWeAGCz%2FOj6IxkIclc32R%2FzGyYORhv%2BRQJ4Q5MMjL02BYbVlWXNATg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1beb983d0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.extremesexchannels.tv/bvobpro/krpb/tboj/xpj/7511232-th.jpg
172.67.153.106200 OK 27 kB URL HTTP/2 images.extremesexchannels.tv/bvobpro/krpb/tboj/xpj/7511232-th.jpg
IP 172.67.153.106:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 208x168, components 3\012- data
Hash 33e4573e351aca9b0588bbcf5842486a
3a56dae5149cd8c69e05a0a3578ed8ea89d621ef
94067772ca391820cd9b47d4b624bab21e572db95c4ebcb328bc2d87d734e2b3
GET /bvobpro/krpb/tboj/xpj/7511232-th.jpg HTTP/1.1
Host: images.extremesexchannels.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:38 GMT
content-type: image/jpeg
content-length: 27244
last-modified: Mon, 31 Oct 2016 17:04:06 GMT
etag: "58177986-6a6c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 10803487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U97IzA2zvaatyn2RGhs3CSuVUpvsyM%2BaLj69BnuIGJ4LeO1dXQSvqs4TGeaOg59xdFmKeaUEwsXPauASJI5eUKcxNi0EmhmXCg5zm3haXE1lG2iRVTUrYRsC8NkarZXGnJty0pIVKfIUAsh1q9iJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1beb9afbb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.2510porn.com/wp-content/uploads/2019/02/224avporn-1305.jpg
172.67.129.190200 OK 11 kB URL HTTP/2 www.2510porn.com/wp-content/uploads/2019/02/224avporn-1305.jpg
IP 172.67.129.190:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 2b83294619594ba66156e7180dc66347
8a8131de733faa55bc571f68ae8c584a4a670726
9603b8bdf331a0e504884dae6e1b51cfe2eddbc8b9e91feb39b6e82beae960a1
GET /wp-content/uploads/2019/02/224avporn-1305.jpg HTTP/1.1
Host: www.2510porn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:38 GMT
content-type: image/jpeg
content-length: 10632
last-modified: Fri, 20 Aug 2021 09:48:12 GMT
etag: "611f7a5c-2988"
expires: Sun, 15 Jan 2023 07:25:58 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 363939
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdLLP7r353YVA%2FHaFjVJKrzvZBFXB9L8AMxGVb4tvKPjsDCBji4fM8CoFUXnIIi7%2B7KFrmGMN4UmaaC7ygiQA2zXN5LHtoP9hS5vpB6%2F%2FG9M9Gv2jYDUpDa5McMJHp1w8Djc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bebbc80b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.2510porn.com/wp-content/uploads/2019/04/248-1163.jpg
172.67.129.190200 OK 9.7 kB URL HTTP/2 www.2510porn.com/wp-content/uploads/2019/04/248-1163.jpg
IP 172.67.129.190:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 39d232997926cb44cd16daafe5e23f3f
9c14a7fdc20fcbd14cb90bbaf822915c6b008b2b
37544786aa858cc239452efe80644663ddb06f42044251b8b67a4649b07cb7f4
GET /wp-content/uploads/2019/04/248-1163.jpg HTTP/1.1
Host: www.2510porn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:38 GMT
content-type: image/jpeg
content-length: 9701
last-modified: Fri, 20 Aug 2021 09:48:12 GMT
etag: "611f7a5c-25e5"
expires: Mon, 02 Jan 2023 00:17:31 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1512846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lx6R%2FJhl8%2FtOa45dKsqZ1JyZfDCGjKr%2FXP1thQauTu75rZxRgSFolDL2wKU2iep3HNXNCPtt457I3KVNRcNxWvmojR32HUrSKFNbRxkuEuo2SXNuNEBaD%2F4IMOMcHSrvbeh0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bebdca5b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
iv-videos.com/img/thumb/thumb_302912.jpg
172.67.70.25200 OK 36 kB URL HTTP/2 iv-videos.com/img/thumb/thumb_302912.jpg
IP 172.67.70.25:0
File type GIF image data, version 87a, 320 x 180\012- data
Hash 53d5bc68db2a85b436494dbf717edffb
73df798bd8c2cdda22de23d4a80b0e04272091c5
0c7407d300c8267b3c03e3bc3bca504ce27747cd1428908eb806a71329219353
GET /img/thumb/thumb_302912.jpg HTTP/1.1
Host: iv-videos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:38 GMT
content-type: image/jpeg
content-length: 36014
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "5c5051-8cae-58987e9bb7ed0"
expires: Sun, 05 Feb 2023 08:29:32 GMT
last-modified: Thu, 23 May 2019 06:08:38 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 964925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHezo%2F1mggxrUjdKiGiQb2%2Bm3yIHacczlm2hTUP%2F6ytKejHzlb4hNza5xzsB%2FLm%2B%2BqqVRcsjI007v3rwzxq4GQT8R9C4HlXFFmaMCCHKZ5G%2B4FC8yFp5ToFWlzuJy7o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1bec2f5fb4eb-OSL
X-Firefox-Spdy: h2
av.co-vid.win/8
148.72.246.38200 OK 20 kB IP 148.72.246.38:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (44350), with CRLF line terminators
Hash 6ce675df8e1a2bf94bf3b3a30498b99d
814e759a2dc6c59eda36c9477ae8c3d7a3de8893
08df5c1ec9d996ef048470b54849a984baf7e9444cb7c87efe0c586f853a619d
GET /8 HTTP/1.1
Host: av.co-vid.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/v/s:/www.liaoai3.xyz/videos/114058/d747e78e2f69b1a01d10ee75591e3c53/title/%E3%80%90%E7%BD%91%E6%9B%9D%E9%97%A8%E3%80%91%E6%B2%B3%E5%8D%97%E7%A6%BD%E5%85%BD%E7%88%B6%E4%BA%B2%E5%B1%85%E7%84%B6%E5%AF%B9%E4%B8%A4%E4%B8%AA%E4%BA%B2%E5%A5%B3%E5%84%BF%E4%B8%8B%E6%89%8B%EF%BC%81%E5%85%B6%E4%B8%AD%E4%B8%80%E4%B8%AA%E5%A5%B3%E5%84%BF%E8%BF%98%E5%B8%AE%E5%BF%99%E5%BD%95%E5%83%8F%EF%BC%81-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91%20[20:42x1280p]
Cookie: lctcfck=NO; _ym_uid=167395869793887736; _ym_d=1673958697; _ym_visorc=b
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 17 Jan 2023 12:31:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Host,Accept-Encoding
pdo-line8: host-av.co-vid.win127.0.0.1-myhost-av.co-vid.win127.0.0.1/8
phost: av.co-vid.win
line1066: notjp--myhost-av.co-vid.win-filteron-
line2430: notjp-/8-myhost-av.co-vid.win-filteron-
line2504:
line2538: -
xline: 2594host-95281
Cache-Control: max-age=60, public
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: EXPIRED
Xkey-5950: av.co-vid.win/8--av.co-vid.win-av.co-vid.win-cacpdo0---yes
X-Proxy-Cache-g-jp: EXPIRED
Xkey-g-jp2: av.co-vid.win/8--av.co-vid.win--my_zone
cdn1.hotmoza.tv/thumb/a9/bc/c4/a9bcc4c44a9ff5f8d068136011ebd346.jpg
104.21.70.9200 OK 13 kB URL HTTP/2 cdn1.hotmoza.tv/thumb/a9/bc/c4/a9bcc4c44a9ff5f8d068136011ebd346.jpg
IP 104.21.70.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", progressive, precision 8, 320x180, components 3\012- data
Hash 7b8dc27adaf4da9885c3daa09fb89990
f24705062b79e911a2dd3c38768de98e1078e8d7
51bea83835631f2b13ea556c99d3f2739fb8ada1b3359bc0f1b5ff2c144a7379
GET /thumb/a9/bc/c4/a9bcc4c44a9ff5f8d068136011ebd346.jpg HTTP/1.1
Host: cdn1.hotmoza.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:39 GMT
content-type: image/jpeg
content-length: 13176
last-modified: Mon, 21 Mar 2022 07:21:37 GMT
etag: 7b8dc27adaf4da9885c3daa09fb89990
x-timestamp: 1647847296.78494
x-trans-id: tx96e3d01dd993469a8ce35-0062387a05
x-openstack-request-id: tx96e3d01dd993469a8ce35-0062387a05
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 17 Jan 2023 23:14:36 GMT
x-proxy-cache: HIT
cf-cache-status: HIT
age: 134223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHbMGRQUjURigrdsX6ULT7vtQlQAXqTpWQQH9RS7DUzZm5YGNNcfy362J0Q%2BaxqiJv%2B95mjqBaHHm9BR6bzezBG%2FmecqjyneLQ7SvN%2BCDFUk217eRqZe6ipsfirVRt2rB6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bed99f4b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img2.xiangbinjun.com/upload/vod/2019-11-04/157286564614.jpg
54.230.111.89200 OK 620 kB URL HTTP/1.1 img2.xiangbinjun.com/upload/vod/2019-11-04/157286564614.jpg
IP 54.230.111.89:0
Size 620 kB (620255 bytes)
Hash 300fe2d7f9302051eebd124daf8d735c
9f80795c23eec9ad700b443d9fd8d4750fe8f707
13e1779d34b270788b6034b748d0aead849f4fdb8a666ca785c5e4343d49def4
GET /upload/vod/2019-11-04/157286564614.jpg HTTP/1.1
Host: img2.xiangbinjun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 613651
Connection: keep-alive
Server: X
Last-Modified: Mon, 04 Nov 2019 11:41:52 GMT
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 09:00:22 GMT
ETag: "5dc00e80-95d13"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 01aVSezWEf4Nnj0sb7VPorx7l82yNiyuIruTJt9rmVgvyoU46uNBhQ==
Age: 12697
Vary: Accept-Encoding, Origin
www.kp827.com/contents/videos_screenshots/50000/50421/preview.jpg
104.21.73.158200 OK 65 kB URL HTTP/2 www.kp827.com/contents/videos_screenshots/50000/50421/preview.jpg
IP 104.21.73.158:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 568x640, components 3\012- data
Hash 63ea0d97f26692ec52a877f58cf58221
82288684f8f23d0d40c0f25e6316da761e162be7
56a6d077bf91e2ad8aa70942e3fe8f09bd2cb2b60a5202547df52b20f797f9bd
GET /contents/videos_screenshots/50000/50421/preview.jpg HTTP/1.1
Host: www.kp827.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:39 GMT
content-type: image/jpeg
content-length: 65169
last-modified: Fri, 18 Dec 2020 00:46:10 GMT
etag: "5fdbfbd2-fe91"
expires: Thu, 19 Jan 2023 17:00:29 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 2403070
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cbb6k0cx8J%2B%2Fg5%2Bqsbcquc6f6q8MwcRhJ3YQqoDBkrXx62waxjwETscevzqOsB%2BB3txUlh28TMrbcXxmX7Gs4ChRwK%2BqqyiNyV2dsmAGMiZY9a%2Bsa9wsEhXOIO44DlG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bee1ab6b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
page.myfile-host.info/myda.php
150.95.129.59200 OK 0 B URL HTTP/1.1 page.myfile-host.info/myda.php
IP 150.95.129.59:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 20a168248d311efd523b6e30e1f740b5
7d36ec74b0e282ba3ad63b7f63f11661ac5647ea
98e99d5c2614940d58c2279bb1d43295d8359a4fed5d3c9bd963edad03fac82b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5001
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:39 GMT
Etag: "63c5f79d-118"
Last-Modified: Tue, 17 Jan 2023 11:08:19 GMT
Server: ECS (amb/6B8E)
X-Cache: HIT
Content-Length: 280
www.91rb01.com/contents/videos_screenshots/122000/122925/preview.jpg
104.21.89.186200 OK 87 kB URL HTTP/2 www.91rb01.com/contents/videos_screenshots/122000/122925/preview.jpg
IP 104.21.89.186:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 668x1080, components 3\012- data
Hash 6fb472939ef9a0b76b9ecaf9b699c2d3
40691579b1746737bcbce3e851ee662ff7ba8e9f
8841471d7605c6164106e0aa2c064c368be39770a9f6434ce134cb192eac6f60
GET /contents/videos_screenshots/122000/122925/preview.jpg HTTP/1.1
Host: www.91rb01.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:39 GMT
content-type: image/jpeg
content-length: 86637
last-modified: Mon, 05 Sep 2022 07:24:01 GMT
etag: "6315a411-1526d"
expires: Mon, 23 Jan 2023 10:16:06 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 2081733
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsSL7nSKy6y30whD5LMGFDvOpIZkByHqzQqvhASx%2F%2FB2vKqcgd9lgiMUX94yruq9sYSno6Swmyex6ZRXBZBRL54tA56acabpkg%2FJE5BtOVk%2BdUOgHULFb9BOPWmNyfObVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf11d31b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ljcdn.comtucdncom.com/upload/vod/20191217-1/b7638321d30ee035449c14b3020e1f2b.jpg
172.247.77.90200 OK 13 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20191217-1/b7638321d30ee035449c14b3020e1f2b.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 11d49469b67315c9366b6177ae53c573
3b9f9bae101703ec2ddca2df2301a0fa559743e3
a9dedcf64bf3bb17a2201762127d6a2cdcfd3d702ce9ef1d8eb6f52f3b4cb0c1
GET /upload/vod/20191217-1/b7638321d30ee035449c14b3020e1f2b.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:32:48 GMT
Content-Type: image/jpeg
Content-Length: 12663
Last-Modified: Wed, 10 Aug 2022 11:36:06 GMT
Connection: keep-alive
ETag: "62f39826-3177"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash cb5c2cbc8f8c9144fa8ae9ca29c15b9d
bd137af9af508b41323c2fea413c85cbc2b7a5bd
ec8dcd4b874b246ec04060885da315c20f7e1168eefe9a21a74d93d5b27d0256
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=100
Date: Tue, 17 Jan 2023 12:31:39 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 434f857a5847685f9c59d09aef061414
00c5d25d3b96396803affcce1519449b25ee33d1
658509c8da6d687708a60f6c69a3fca7e63fe6a38190e2cf27d7b9354f63611d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=492
Date: Tue, 17 Jan 2023 12:31:39 GMT
Connection: keep-alive
X-N: S
av.anaru.cyou/poster/https://pic32.anzise.com/pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg
172.67.153.184302 Found 0 B URL HTTP/1.1 av.anaru.cyou/poster/https://pic32.anzise.com/pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg
IP 172.67.153.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /poster/https://pic32.anzise.com/pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg HTTP/1.1
Host: av.anaru.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 302 Found
Date: Tue, 17 Jan 2023 12:31:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Host,Accept-Encoding
pdo-line8: host-av.anaru.cyou127.0.0.1-myhost-av.anaru.cyou127.0.0.1/poster/https://pic32.anzise.com/pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg
phost: av.anaru.cyou
line1066: notjp--myhost-av.anaru.cyou-filteron-
Cache-Control: public, max-age=36000000
Location: https://pic32.anzise.com/pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: MISS
Xkey-5950: av.anaru.cyou/poster/https://pic32.anzise.com/pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg--av.anaru.cyou-av.anaru.cyou-cacpdo0---yes
X-Proxy-Cache-g-jp: HIT
Xkey-g-jp2: av.anaru.cyou/poster/https://pic32.anzise.com/pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg--av.anaru.cyou--my_zone
CF-Cache-Status: HIT
Age: 3379487
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MuXqswq8DO5E7p7dsyw1H795gSmcDhmA1DJsAqUrIHog82mqz2Ml54BXhvoYDztUJ3c%2F4Oo7BRIS3wPOyXsdMWu6nS6ITTSg2CeIFh5FNbnY1EB8aOrOOJXbFU6Ppbe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78af1bf1a813b4ff-OSL
alt-svc: h2=":443"; ma=60
thepervs.com/thumbs/32219.jpg
104.21.25.105301 Moved Permanently 0 B URL HTTP/1.1 thepervs.com/thumbs/32219.jpg
IP 104.21.25.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/32219.jpg HTTP/1.1
Host: thepervs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 12:31:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 17 Jan 2023 13:31:39 GMT
Location: https://thepervs.com/thumbs/32219.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kI2i1lvWSw%2FalWPXV7m6WplSoFBmtn%2Bp7nA1EIgC4PDXdkEO3rdee1V%2Bui4%2BbnG%2B3fnR01%2BFMErMTrws%2FN03mpHxpFvaWKiSFXdaoOahaqqg%2Bdh4UCI6KctFTjpQSpU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bf1e821b515-OSL
alt-svc: h2=":443"; ma=60
moav.com/contents/videos_screenshots/19000/19761/preview.jpg
104.21.235.194200 OK 20 kB URL HTTP/2 moav.com/contents/videos_screenshots/19000/19761/preview.jpg
IP 104.21.235.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 10x11, segment length 16, comment: "Lavc59.13.100", baseline, precision 8, 317x469, components 3\012- data
Hash ea0b49f5f612e5be0825cd70e5f5de70
32a8f08f594eb61bd38913240c46f38bbee1c6bc
b85242a8ca997afd8023f100ab92f022edf304ec36049ac08693d078153bacfb
GET /contents/videos_screenshots/19000/19761/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:39 GMT
content-type: image/jpeg
content-length: 19605
last-modified: Mon, 28 Mar 2022 11:01:56 GMT
etag: "624195a4-4c95"
expires: Fri, 20 Jan 2023 02:16:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2369689
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8dElZhx0ir0a%2Bu9oNy4TcY49PvDqtD%2BZOpxcNvOgk1GyofZEa2nG86gkJPF5cwidIfGyYTCisG1QOj0%2FrPuMkigu94zbwhHbERnrP5%2BvLnxEWRb2UYAQDMlpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf1eb0b750d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
104.21.15.225302 Found 0 B URL HTTP/1.1 av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
IP 104.21.15.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg HTTP/1.1
Host: av.dmm.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 302 Found
Date: Tue, 17 Jan 2023 12:31:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Host,Accept-Encoding
pdo-line8: host-av.dmm.monster127.0.0.1-myhost-av.dmm.monster127.0.0.1/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
phost: av.dmm.monster
line1066: notjp-dmm-myhost-av.dmm.monster-filteron-
Cache-Control: public, max-age=36000000
Location: https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: HIT
Xkey-5950: av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg--av.dmm.monster-av.dmm.monster-cacpdo0---yes
X-Proxy-Cache-gjp: HIT
Xkey-g-jp: av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg--av.dmm.monster--my_zone
CF-Cache-Status: HIT
Age: 5515909
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRJS24g88NoFeW%2FkV2A7CxM2Xi6k1CUpf2lN1BkDJxDWWZ3RskNXujpZSKIitGaY9NIkXBIrzZa4%2BLRzXgph9xCRdyKwMIuCnSc7k2soF4bzG23R5F8kGQl1zOaNYgGOKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78af1bf2ab5a1c12-OSL
alt-svc: h2=":443"; ma=60
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash cb5c2cbc8f8c9144fa8ae9ca29c15b9d
bd137af9af508b41323c2fea413c85cbc2b7a5bd
ec8dcd4b874b246ec04060885da315c20f7e1168eefe9a21a74d93d5b27d0256
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=99
Date: Tue, 17 Jan 2023 12:31:40 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash cb5c2cbc8f8c9144fa8ae9ca29c15b9d
bd137af9af508b41323c2fea413c85cbc2b7a5bd
ec8dcd4b874b246ec04060885da315c20f7e1168eefe9a21a74d93d5b27d0256
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=99
Date: Tue, 17 Jan 2023 12:31:40 GMT
Connection: keep-alive
pakosen.com/wp-content/uploads/2018/08/thum-457.jpg
153.122.27.231200 OK 17 kB URL HTTP/1.1 pakosen.com/wp-content/uploads/2018/08/thum-457.jpg
IP 153.122.27.231:0
ASN #131921 GMO GlobalSign Holdings K.K.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 390x270, components 3\012- data
Hash 45595c5cb09b73b887cc7b779120666c
5db1ce28339ca6cbb7696180a6cd1174ac5e2671
e2d783ce45624b8f0d6355d7fbd2a74458210521470197bceccea9416a5a4a3b
GET /wp-content/uploads/2018/08/thum-457.jpg HTTP/1.1
Host: pakosen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:31:39 GMT
Content-Type: image/jpeg
Content-Length: 17353
Connection: keep-alive
Last-Modified: Tue, 09 Nov 2021 02:07:01 GMT
Accept-Ranges: bytes
iie8.com/vs/10439109.jpg
104.21.235.51200 OK 18 kB IP 104.21.235.51:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc54.92.100", baseline, precision 8, 360x240, components 3\012- data
Hash 630315e771f17bddf127bfcd097ef699
3d0169e2fe694526aa5b2d9a549fb7b8b0007904
41ded4cf8c4b52ae4d88712ae9a787718424b8078024b5efc497b586909a1174
GET /vs/10439109.jpg HTTP/1.1
Host: iie8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 17621
last-modified: Wed, 29 Aug 2018 20:00:56 GMT
etag: "5b86fb78-44d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: HIT
age: 1236651
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DEnK0LFGz6%2FmLPU3asIceW%2FMnicSxMP8pnGk3chuydEre1%2BF7Ny2isUz6kZNKNEWmDQgNgxNxGUofGU328RlwROyI5ioqHxlBJcTt4rwlXkFP8QC%2Fy9NDwRyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf3ab1524ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
subo228.com/20221121/ky7pDZSE/1.jpg
107.167.21.106200 OK 39 kB URL HTTP/1.1 subo228.com/20221121/ky7pDZSE/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 426x240, components 3\012- data
Hash 91738408fa9396022530e73c22bfeae2
e08c44840c1e307cdde81085291d425be8cd7675
3184e7b51d6238e8727f032555fa2d7425f63921ba7874e138d70d84cc9285d2
GET /20221121/ky7pDZSE/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:39 GMT
Content-Type: image/jpeg
Content-Length: 38974
Last-Modified: Thu, 12 Jan 2023 14:28:00 GMT
Connection: keep-alive
ETag: "63c018f0-983e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pornomotor.club/contents/videos_screenshots/9000/9223/preview.mp4.jpg
54.37.238.32200 OK 59 kB URL HTTP/1.1 pornomotor.club/contents/videos_screenshots/9000/9223/preview.mp4.jpg
IP 54.37.238.32:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 854x480, components 3\012- data
Hash da93b4d81d413f8bdf98386820cda508
706a2339793c799c33ff983a6e59a0a38cb9f6ac
004e32f34b10fb91e727347f994eaa4f23f7dde192d9d3980679d58e3edfa21b
GET /contents/videos_screenshots/9000/9223/preview.mp4.jpg HTTP/1.1
Host: pornomotor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:31:40 GMT
Content-Type: image/jpeg
Content-Length: 59260
Last-Modified: Thu, 17 Sep 2020 12:01:51 GMT
Connection: keep-alive
ETag: "5f63502f-e77c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
fmtu.netfhtu.com/upload/vod/2022/06/yz5pxtmviof.jpg
45.89.208.114200 OK 9.7 kB URL HTTP/1.1 fmtu.netfhtu.com/upload/vod/2022/06/yz5pxtmviof.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 992772cdb88ac6cb3bdd7edea5f47f20
f5375a6cb4b8a7e52885e92510854154bcb7b4ce
150c1108db4f46f83221581ea8b70d891ba8f13b2c9df876f64d9f331ae55920
GET /upload/vod/2022/06/yz5pxtmviof.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:40 GMT
Content-Type: image/jpeg
Content-Length: 9664
Connection: keep-alive
Last-Modified: Mon, 06 Jun 2022 00:00:53 GMT
ETag: "629d43b5-25c0"
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 84795ea2908e5ae4af477ca530304e52
3259a417321669a1f5f12087546ab14f6c89cfef
46fd6bccedb8cef8e51d554311e39ed9cb46ddfc22a69e49896c142de204cf0b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121807
Date: Tue, 17 Jan 2023 12:31:40 GMT
Etag: "63c5b6bb-1d7"
Expires: Wed, 18 Jan 2023 22:21:47 GMT
Last-Modified: Mon, 16 Jan 2023 20:42:35 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EddQB_52cZnviFvL8wGHgV-wP0A7L1ePm6esxcgbiPkvRb2YUJYrjg==
Age: 5953
img3.lltaohuaxiang.com/f2dgc/20211125/183.jpg
54.230.111.17200 OK 33 kB URL HTTP/1.1 img3.lltaohuaxiang.com/f2dgc/20211125/183.jpg
IP 54.230.111.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 460x258, components 3\012- data
Hash 9e0b5feffd94475e2a972395d818d5a5
b606c550cdf8d654b031627eec43a0daf3f24f12
e063ff9633e6fbbcc56e6c989f2402fdae9a0c15701aab79e263615d404ad73c
GET /f2dgc/20211125/183.jpg HTTP/1.1
Host: img3.lltaohuaxiang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 33212
Connection: keep-alive
Server: X
Last-Modified: Thu, 25 Nov 2021 10:48:38 GMT
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 10:15:45 GMT
ETag: "619f6a06-81bc"
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qlw8BUud-CeghCSjU68PZH46Wr4-9OaSNg8h3CeBgszcB6Rf3qxO0Q==
Age: 9627
Vary: Accept-Encoding, Origin
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ab53b4b5765dde3967c5dcc2ce4ff278
8b68f0faa49644994806389a44e468aea39371a7
63f8a19ccc568c44f80949706eed78ea7d162d6a5b102d0826b9e10bdc0a65fd
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 09:21:07 GMT
Expires: Mon, 23 Jan 2023 09:21:06 GMT
Etag: "8b68f0faa49644994806389a44e468aea39371a7"
Cache-Control: max-age=601390,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 483
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bf4fefdb51d-OSL
subo228.com/20220223/dOV9szvB/1.jpg
107.167.21.106200 OK 16 kB URL HTTP/1.1 subo228.com/20220223/dOV9szvB/1.jpg
IP 107.167.21.106:0
File type JPEG image data, baseline, precision 8, 320x569, components 3\012- data
Hash 87327535b3cfb8769e57d1548e9e394e
12d88e78427d003aa8372314aa1404d3936ab210
5ecb50a100c98f9031936232c60bb644133a0a02828742b343e63ef607213a6c
GET /20220223/dOV9szvB/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:40 GMT
Content-Type: image/jpeg
Content-Length: 16401
Last-Modified: Thu, 12 Jan 2023 14:28:13 GMT
Connection: keep-alive
ETag: "63c018fd-4011"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 74e2598ca90df6167ad2df5dc03ceebb
e8235b527a78c76e1c47534dd782e9b219e4f4ce
5b1d5355c243feab49d13eb507c956059e0c569b9a553836e6b497aa008c9814
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 14:08:18 GMT
Expires: Mon, 23 Jan 2023 14:08:17 GMT
Etag: "e8235b527a78c76e1c47534dd782e9b219e4f4ce"
Cache-Control: max-age=523596,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78af1bf3c963b4f7-OSL
subo228.com/20221123/Mhd0x7dc/1.jpg
107.167.21.106200 OK 22 kB URL HTTP/1.1 subo228.com/20221123/Mhd0x7dc/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x239, components 3\012- data
Hash 8a6fdce95ece9e72ab0c714754bee2e1
6d338f303b137bcaf752294e13f83e987db5ad69
7aa1dece02852fb6e2569db9cdc697ca176a343c8e0607e972edb3ad8d6bf142
GET /20221123/Mhd0x7dc/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:40 GMT
Content-Type: image/jpeg
Content-Length: 21798
Last-Modified: Thu, 12 Jan 2023 14:28:00 GMT
Connection: keep-alive
ETag: "63c018f0-5526"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
cdn5-thumbs.motherlessmedia.com/thumbs/41733D7.jpg
185.107.92.224200 OK 18 kB URL HTTP/1.1 cdn5-thumbs.motherlessmedia.com/thumbs/41733D7.jpg
IP 185.107.92.224:0
ASN #43350 NForce Entertainment B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 898b6234ee5008707e534e4c6779e574
18790c561a2f9226a216c519da2e854df9497496
8438efe5d5fbed256dab9156e97f8da5330d5ed5af78fa176706a3af2e4c4189
GET /thumbs/41733D7.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 18260
last-modified: Tue, 21 Jul 2020 15:30:47 GMT
etag: "1c64bbb63-4754-5aaf54eb84339"
expires: Wed, 17 May 2023 19:25:02 GMT
cache-control: max-age=10480758
x-cache: HIT
x-whom: srv6142
accept-ranges: bytes
m.pornhd.vip/javtube/gqueen/tomomi.kai/326/5.jpg
198.255.76.99200 OK 47 kB URL HTTP/2 m.pornhd.vip/javtube/gqueen/tomomi.kai/326/5.jpg
IP 198.255.76.99:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x393, components 3\012- data
Hash 585e2cf6f21add36c2e6cde1cd28d212
daa0009202e9bd9be8f89b7e1bb228691409232f
3e7c5f0bef176608f8e55db332539607ba145bafa55284cdbbdec6078042ff86
GET /javtube/gqueen/tomomi.kai/326/5.jpg HTTP/1.1
Host: m.pornhd.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 46650
last-modified: Fri, 09 Sep 2011 11:48:16 GMT
etag: "4e69fd00-b63a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a744caf9bdbef73d50077c1462af56b3
d5d2e4e31801961550747ec7f9aeedc050d0a188
9d9f0fd9ecbc761182e199cc3bb45eeebc7834faefdd7f51a6ac95d8646073ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 555
Cache-Control: max-age=127589
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:40 GMT
Etag: "63c5e266-117"
Expires: Wed, 18 Jan 2023 23:58:09 GMT
Last-Modified: Mon, 16 Jan 2023 23:48:54 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 279
page.myfile-host.info/myda.php
150.95.129.59200 OK 0 B URL HTTP/1.1 page.myfile-host.info/myda.php
IP 150.95.129.59:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
248avporn.com/wp-content/uploads/2019/02/6-4.png
172.67.222.112200 OK 23 kB URL HTTP/2 248avporn.com/wp-content/uploads/2019/02/6-4.png
IP 172.67.222.112:0
File type PNG image data, 320 x 240, 8-bit colormap, non-interlaced\012- data
Hash d6ad01e1adb60cb577ab5b5eb4335d42
282d1ef920bb9f8f09c30dbc9118730ceb0fb26f
932c029b7dd3cd036b8dabdd0ebe1b7c895d384886365c4528f8b582203a952d
GET /wp-content/uploads/2019/02/6-4.png HTTP/1.1
Host: 248avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/png
content-length: 22970
last-modified: Wed, 06 Mar 2019 03:46:56 GMT
etag: "5c7f42b0-59ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000
access-control-allow-origin: *
test: /wp-content/uploads/2019/02/6-4.png
x-fc-nginx-serving-static: Yes
x-fc-nginx-reason: /wp-content/uploads/2019/02/6-4.png
x-fc-nginx-file: /var/www/248avporn.com/htdocs/wp-content/cache/all//wp-content/uploads/2019/02/6-4.png/index.html
cf-cache-status: HIT
age: 926437
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoD39bWLOIL97EoEudcULSfVM2Uchf%2FC49OcBpTyq35kAJUXft0lPZcctw0LhhNhw1ZDPt6%2F27kkTTftx8EoTYH%2FfRhLTKGfehfQMGbDrSqQrw3Z11y0F449VmYmih6E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf5bbadb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.clporn.com/thumbs/36/179--.jpg
172.67.162.253200 OK 11 kB URL HTTP/2 www.clporn.com/thumbs/36/179--.jpg
IP 172.67.162.253:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x208, components 3\012- data
Hash 094d261e846b71445014e137d945fd49
8672f86143bd81eb338807352a89c3fe5030a4ae
baf084b25cc122d29e736cb38bed99424fd74b0efcaf2675dad01bab467a7e4b
GET /thumbs/36/179--.jpg HTTP/1.1
Host: www.clporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 10973
last-modified: Tue, 07 Jul 2020 13:06:09 GMT
etag: "5f047341-2add"
expires: Thu, 23 Nov 2023 15:16:04 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 4742136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWWfSQILUCaxqeJwexWdG%2FidxwRE2gEbsHWFXgPvUyKNILr3hUln72hIw34d6AEdHqbVQOkizIS0380AaoduszWfZjYSo6OHVKzpFqaLjoWqboec7SEXYp9duDnqXRedLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf5cd72b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e89dfee85275e8d550857f07288b8ce0
ff0a6116cbf618f5cbaea50b2f021f5126884518
8e67f711488d0a646abffd7e3e7d42d5bcf83861dc9ef2c43f1a5436e3ae5cfa
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8E67F711488D0A646ABFFD7E3E7D42D5BCF83861DC9EF2C43F1A5436E3AE5CFA"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11047
Expires: Tue, 17 Jan 2023 15:35:47 GMT
Date: Tue, 17 Jan 2023 12:31:40 GMT
Connection: keep-alive
subo228.com/20221227/u7lZ60PT/1.jpg
107.167.21.106200 OK 37 kB URL HTTP/1.1 subo228.com/20221227/u7lZ60PT/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 426x239, components 3\012- data
Hash f9966a4376c05f07038b1278dbb454c9
24e5fa4ee329370f1227eea7785c566a3233d065
d300cdae2d7ba6bbacf327ee154cef68378ef0706831faa012bfff49bd2d76bf
GET /20221227/u7lZ60PT/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:40 GMT
Content-Type: image/jpeg
Content-Length: 37127
Last-Modified: Thu, 12 Jan 2023 14:28:06 GMT
Connection: keep-alive
ETag: "63c018f6-9107"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 04a7adc5f12ae0c9aafad6527ab873bc
11adad988a3bc19af019bf2e6c5a695600bdac71
ad0d152429bb4476202859d58ed5e6c2e9e60289303c0df30ffbe808038f5192
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD0D152429BB4476202859D58ED5E6C2E9E60289303C0DF30FFBE808038F5192"
Last-Modified: Tue, 17 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7548
Expires: Tue, 17 Jan 2023 14:37:28 GMT
Date: Tue, 17 Jan 2023 12:31:40 GMT
Connection: keep-alive
img.bttimg.com/upload/vod/2020-08/2020-08-01/2020080112.jpg
54.230.111.53200 OK 40 kB URL HTTP/1.1 img.bttimg.com/upload/vod/2020-08/2020-08-01/2020080112.jpg
IP 54.230.111.53:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 300x450, components 3\012- data
Hash f7fe0a383f8621b94147072aee5cb8d3
26fba52ba211d365c69b5e188dca5d6d49e1edc3
e4021ddca6ac94b90284f8d8aab0c26a0401d4526e8f9037c7aaa6c7d5e9bfd7
GET /upload/vod/2020-08/2020-08-01/2020080112.jpg HTTP/1.1
Host: img.bttimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 39697
Connection: keep-alive
Server: X
Last-Modified: Mon, 03 Aug 2020 12:55:38 GMT
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 01:11:55 GMT
ETag: "5f28094a-9b11"
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R5PBjYF31Sf_yTyfcq6RyjvnScWGI_0PUK5U7j-hCBDZb0wtAhpFCA==
Age: 41095
Vary: Accept-Encoding, Origin
subo228.com/20221015/p59cas5U/1.jpg
107.167.21.106200 OK 39 kB URL HTTP/1.1 subo228.com/20221015/p59cas5U/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 320x180, components 3\012- data
Hash 0551eb883741b20bb13faac02d04e1b6
a385414ccf04b9bbe3ce64e907f7439ebd7d985b
1972e259199cc4f97bbe339222cd7fb6bd672b04279dda19f41ac41b11d9a16b
GET /20221015/p59cas5U/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:40 GMT
Content-Type: image/jpeg
Content-Length: 39400
Last-Modified: Thu, 12 Jan 2023 14:28:03 GMT
Connection: keep-alive
ETag: "63c018f3-99e8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.manyse.com/img/FC2-PPV-3139336.jpg
94.130.33.133200 OK 292 kB URL HTTP/2 img.manyse.com/img/FC2-PPV-3139336.jpg
IP 94.130.33.133:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 960x1440, components 3\012- data
Size 292 kB (292523 bytes)
Hash 14b148273ef00b61bd5d754af33802f4
fa80a5df5ed2a20f5628ec46dea278fd7aed2d31
489ec5b446c56bcfb8a8b0d2fee98d3b6d5588eb8e9e476c463cd7e01c00468f
GET /img/FC2-PPV-3139336.jpg HTTP/1.1
Host: img.manyse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 292523
last-modified: Sat, 14 Jan 2023 20:31:23 GMT
etag: "63c3111b-476ab"
expires: Thu, 16 Feb 2023 12:31:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3f1e00b22faa5edfd6302d16056b38a4
46a6f4f6939c6df2c09a74c05fa6204eb4eb1176
88aaca582f9d30f5fec5a6a5c8e9afc48316391644d42815a0c2762d64634781
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88AACA582F9D30F5FEC5A6A5C8E9AFC48316391644D42815A0C2762D64634781"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14369
Expires: Tue, 17 Jan 2023 16:31:09 GMT
Date: Tue, 17 Jan 2023 12:31:40 GMT
Connection: keep-alive
www.kapp66.com/contents/videos_screenshots/87000/87526/preview.jpg
104.21.20.160200 OK 149 kB URL HTTP/2 www.kapp66.com/contents/videos_screenshots/87000/87526/preview.jpg
IP 104.21.20.160:0
File type JPEG image data, baseline, precision 8, 692x924, components 3\012- data
Size 149 kB (148657 bytes)
Hash cfcf189451163bcd4bfbded9837fedc4
a3f5fbeb13ecf0234d2362a68dd3fd0bddaedf14
9ddc82a539c6b2a7ea098de4920a32d695c690b34c07498fdcf8da0ee449576d
GET /contents/videos_screenshots/87000/87526/preview.jpg HTTP/1.1
Host: www.kapp66.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 148657
last-modified: Mon, 20 Sep 2021 01:18:50 GMT
etag: "6147e17a-244b1"
expires: Sat, 04 Feb 2023 19:11:26 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 1012813
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdETrNpDB5u7UAYhggTTgz2rlpoXgGkfXq6YLuXCbspUI7rMnpt7uEuWQKD2VCYXY7jSNvOiJR7DOXjuRl%2BU%2BfAq9ywFeNVDW0%2B7kMdA9%2FeNJGkNTWexH0iIf5L0idO0gA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf7bc73fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.qzsp13.com/contents/videos_screenshots/44000/44765/preview.jpg
172.67.213.121200 OK 164 kB URL HTTP/2 www.qzsp13.com/contents/videos_screenshots/44000/44765/preview.jpg
IP 172.67.213.121:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1280x720, components 3\012- data
Size 164 kB (164006 bytes)
Hash 4e1f1652a069d98719b3231b2b2e62de
c06ed2b3e4257a8bfcb3208a37a3605b2889b554
bdc14354d90cc874488f176f523b65a091beadd53f3a4aeaa8c5b000812ccd9b
GET /contents/videos_screenshots/44000/44765/preview.jpg HTTP/1.1
Host: www.qzsp13.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 164006
last-modified: Sat, 27 Jun 2020 10:37:02 GMT
etag: "5ef7214e-280a6"
expires: Sat, 11 Feb 2023 23:10:55 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 393645
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTHcNP%2BwYugWp%2Bp3JgLSZbOwHobdUMNUPq%2ByNEIAzWkyDArTxfwWtAuXHUhBao2lKffF9HdMSlBDk%2F7mDIahyQyxCj6oOHfA7mUf26ni92HVwcFiZv96x5An7OxZ3FaywQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf7d868fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pornognomik.info/contents/videos_screenshots/2000/2819/preview.mp4.jpg
51.83.166.97200 OK 8.4 kB URL HTTP/2 pornognomik.info/contents/videos_screenshots/2000/2819/preview.mp4.jpg
IP 51.83.166.97:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, components 3\012- data
Hash 7c7968487fc3e0a90e6c2f8068748a5e
c63baf98128c577c09a16a7313b9a11854f18948
08a9a20525dca25ed9187c49dd81620ee1570b4eaf7a1ec8810e76f3bdd6c02b
GET /contents/videos_screenshots/2000/2819/preview.mp4.jpg HTTP/1.1
Host: pornognomik.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 8387
last-modified: Tue, 16 Nov 2021 05:43:03 GMT
etag: "619344e7-20c3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 1eec4d6b046199391171ba4d03d06363
b447667d2d4dfab0268c76bfeaf0aac40c1ac5e0
372c74963992b831ead44efebb84feedce691e20b48309cef41470fc7dd559bb
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=776
Date: Tue, 17 Jan 2023 12:31:40 GMT
Connection: keep-alive
X-N: S
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 136fb184658ccace6275cce2cbc702cd
78fbb3bc11c38084a5005143e840c3a96d6154b4
3e33830fe1bb102a3a5f1a72db19e14c4fb5b8c61187c5535ffa5777f26d1264
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 17 Jan 2023 12:08:26 GMT
last-modified: Sun, 15 Jan 2023 03:34:41 GMT
expires: Sun, 22 Jan 2023 03:34:40 GMT
etag: "78fbb3bc11c38084a5005143e840c3a96d6154b4"
cache-control: max-age=601806,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78aef9ee98c49bc4-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673957306
via: cache15.l2de2[0,0,304-0,H], cache10.l2de2[0,0], cache7.se1[0,0,200-0,H], cache7.se1[1,0], cache1.se1[2,0]
age: 1394
x-cache: HIT TCP_MEM_HIT dirn:3:44000685
x-swift-savetime: Tue, 17 Jan 2023 12:16:42 GMT
x-swift-cachetime: 1304
timing-allow-origin: *, *
eagleid: 2ff62c9516739587008046060e, 2ff62c9516739587008046060e
thumbs.7dakcdn.com/resimler/b/1032544/%C3%BCvey-k%C4%B1z-karde%C5%9Fini-ormanda-arkadan-sert-sikiyor.jpg
172.67.177.212200 OK 330 kB URL HTTP/2 thumbs.7dakcdn.com/resimler/b/1032544/%C3%BCvey-k%C4%B1z-karde%C5%9Fini-ormanda-arkadan-sert-sikiyor.jpg
IP 172.67.177.212:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 330 kB (330192 bytes)
Hash 60287d8946eac0844bd2a24e9f864893
e50922b222c08182a2ee6b81d755e52fa7b255c8
5e5f5a8620e5c7ec24255a66fc5c37a937a2d110ade2522a01fdd8df4875bb8f
GET /resimler/b/1032544/%C3%BCvey-k%C4%B1z-karde%C5%9Fini-ormanda-arkadan-sert-sikiyor.jpg HTTP/1.1
Host: thumbs.7dakcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 330192
last-modified: Fri, 08 Oct 2021 05:20:41 GMT
vary: Accept-Encoding
etag: "615fd529-509d0"
expires: Wed, 25 Jan 2023 20:11:40 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1873200
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfTWxkd8Rps8Npe7PJC%2BHw2cxknXiynzRLyG1YcO9a69UxQQqF5tItHikaxJYzWmuo2QTGR%2F2cdkNk4TNEbqCmGhYTwPe6kQLigbK8oZd4pDNh%2B%2FWIIsLrA4WDK1EmxaX33BXM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1bf81b58b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 136fb184658ccace6275cce2cbc702cd
78fbb3bc11c38084a5005143e840c3a96d6154b4
3e33830fe1bb102a3a5f1a72db19e14c4fb5b8c61187c5535ffa5777f26d1264
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 17 Jan 2023 12:08:26 GMT
last-modified: Sun, 15 Jan 2023 03:34:41 GMT
expires: Sun, 22 Jan 2023 03:34:40 GMT
etag: "78fbb3bc11c38084a5005143e840c3a96d6154b4"
cache-control: max-age=601806,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78aef9ee98c49bc4-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673957306
via: cache15.l2de2[0,0,304-0,H], cache15.l2de2[1,0], cache8.se1[0,0,200-0,H], cache7.se1[1,0], cache7.se1[2,0]
age: 1394
x-cache: HIT TCP_MEM_HIT dirn:4:223971354
x-swift-savetime: Tue, 17 Jan 2023 12:08:43 GMT
x-swift-cachetime: 1783
timing-allow-origin: *, *
eagleid: 2ff62c9b16739587008042854e, 2ff62c9b16739587008042854e
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 136fb184658ccace6275cce2cbc702cd
78fbb3bc11c38084a5005143e840c3a96d6154b4
3e33830fe1bb102a3a5f1a72db19e14c4fb5b8c61187c5535ffa5777f26d1264
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 17 Jan 2023 12:08:26 GMT
last-modified: Sun, 15 Jan 2023 03:34:41 GMT
expires: Sun, 22 Jan 2023 03:34:40 GMT
etag: "78fbb3bc11c38084a5005143e840c3a96d6154b4"
cache-control: max-age=601806,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78aef9ee98c49bc4-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673957306
via: cache15.l2de2[0,0,304-0,H], cache10.l2de2[0,0], cache7.se1[0,0,200-0,H], cache7.se1[1,0], cache5.se1[3,0]
age: 1394
x-cache: HIT TCP_MEM_HIT dirn:3:44000685
x-swift-savetime: Tue, 17 Jan 2023 12:16:42 GMT
x-swift-cachetime: 1304
timing-allow-origin: *, *
eagleid: 2ff62c9916739587008021369e, 2ff62c9916739587008021369e
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 136fb184658ccace6275cce2cbc702cd
78fbb3bc11c38084a5005143e840c3a96d6154b4
3e33830fe1bb102a3a5f1a72db19e14c4fb5b8c61187c5535ffa5777f26d1264
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 17 Jan 2023 12:08:26 GMT
last-modified: Sun, 15 Jan 2023 03:34:41 GMT
expires: Sun, 22 Jan 2023 03:34:40 GMT
etag: "78fbb3bc11c38084a5005143e840c3a96d6154b4"
cache-control: max-age=601806,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78aef9ee98c49bc4-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673957306
via: cache15.l2de2[0,0,304-0,H], cache10.l2de2[0,0], cache7.se1[0,0,200-0,H], cache7.se1[1,0], cache2.se1[3,0]
age: 1394
x-cache: HIT TCP_MEM_HIT dirn:3:44000685
x-swift-savetime: Tue, 17 Jan 2023 12:16:42 GMT
x-swift-cachetime: 1304
timing-allow-origin: *, *
eagleid: 2ff62c9616739587008001264e, 2ff62c9616739587008001264e
moav.com/contents/videos_screenshots/12000/12215/preview.jpg
104.21.235.194200 OK 103 kB URL HTTP/2 moav.com/contents/videos_screenshots/12000/12215/preview.jpg
IP 104.21.235.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 103 kB (103127 bytes)
Hash 9eeb73ebef0fef5ed4a16bc3e0f6f5e0
9425171d6153352da1d4fff04251928c7fe80c35
22dfb70bdff5c9e7ed36c991fbe782362c7a82b1b62849e5af44fad87e6a3e00
GET /contents/videos_screenshots/12000/12215/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 103127
last-modified: Wed, 16 Mar 2022 03:44:40 GMT
etag: "62315d28-192d7"
expires: Fri, 20 Jan 2023 12:18:10 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2333610
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKZesZulQyKyROExFaFTh2XpOZ3odSniPlllSLOq5MOpK0DqnntJGOghaxEiQP6jXtmYUWo2qNfUfQPN3uH4BWAA765o9TAsBo7SWp7EO%2FYq9jqP7bgY1WirRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf81bc1750d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 20a168248d311efd523b6e30e1f740b5
7d36ec74b0e282ba3ad63b7f63f11661ac5647ea
98e99d5c2614940d58c2279bb1d43295d8359a4fed5d3c9bd963edad03fac82b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5002
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:40 GMT
Last-Modified: Tue, 17 Jan 2023 11:08:19 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 246f5138224ed217b9bccff91d46c158
ad38caf81abe3780cf711e5642b7ec159d6a0a44
920fed2ba5be208c1e1b0b431451963845089bd0b03abe2d4f4b67d24810157b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "920FED2BA5BE208C1E1B0B431451963845089BD0B03ABE2D4F4B67D24810157B"
Last-Modified: Mon, 16 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15510
Expires: Tue, 17 Jan 2023 16:50:10 GMT
Date: Tue, 17 Jan 2023 12:31:40 GMT
Connection: keep-alive
cdn.2beeg.me/pcz/4f/7a/91/4f7a91ef9c0e56c36a04abcfef77172f.jpg
172.67.189.212200 OK 9.6 kB URL HTTP/2 cdn.2beeg.me/pcz/4f/7a/91/4f7a91ef9c0e56c36a04abcfef77172f.jpg
IP 172.67.189.212:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", progressive, precision 8, 320x180, components 3\012- data
Hash b6d1062a4ba98cd4c7cc264d6a44277d
af17fad4ed6468ce49661710907ad8ca82b12e65
97767b3904c97576672c5cfea110e157170aad7409f7b27e577a46e435c308e3
GET /pcz/4f/7a/91/4f7a91ef9c0e56c36a04abcfef77172f.jpg HTTP/1.1
Host: cdn.2beeg.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 9571
last-modified: Sun, 24 Jul 2022 00:24:50 GMT
etag: b6d1062a4ba98cd4c7cc264d6a44277d
x-timestamp: 1658622289.96250
x-trans-id: tx1e3bf6216e7042f8ac8fc-0062dce32b
x-openstack-request-id: tx1e3bf6216e7042f8ac8fc-0062dce32b
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
cache-control: max-age=172800
expires: Wed, 18 Jan 2023 17:07:42 GMT
x-proxy-cache: HIT
cf-cache-status: HIT
age: 69838
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Hk5UZqr%2BHxePcODSs2x1BIfnKoQfdhdubtlC3Sitk0dPGf%2BSum5JoAj2wf2Q3kDgnRIpVXRqRbZtHkf7ZfptPqz1V1Zacvk2dBfatoL9RnqMEZCeN%2FrqsZwqms9ibY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf8cd5ab4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
moav.com/contents/videos_screenshots/11000/11396/preview.jpg
104.21.235.194200 OK 57 kB URL HTTP/2 moav.com/contents/videos_screenshots/11000/11396/preview.jpg
IP 104.21.235.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.21.103", baseline, precision 8, 1280x710, components 3\012- data
Hash e8cda206991d5b911cca42d47a452089
e9900ab531e1463547e0c0fe31515a2a850f17d8
5a4562aa3f0b61a35e79b1b8b48573ef4cde0801c2496688a0caba3b66735b38
GET /contents/videos_screenshots/11000/11396/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 56958
last-modified: Wed, 16 Mar 2022 02:33:04 GMT
etag: "62314c60-de7e"
expires: Mon, 06 Feb 2023 14:12:18 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 857962
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5Q%2FOyGIZHpL6UAlEcY9UKgWDz0Pna%2BsMOtJern9fz%2B11aOySqYvunv%2BHgxEUyNmtpxWrWDwEXHum23XoWzxFAPj1%2Fp0ylQwjJ4sNQ3tlDGKA1dNzpWqfTPExw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf8cc90750d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jav.re/media/ucover/101304.jpg
104.21.8.102200 OK 76 kB URL HTTP/2 jav.re/media/ucover/101304.jpg
IP 104.21.8.102:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x450, components 3\012- data
Hash 8eb9fdd6f26614ac69111a75c03b3344
654ce95ce1fa5a116415908fce4d9dfc4650ba61
f1831ac80e4dc9581944e493d0f563d00b454d4105f4fa0000f83b5c62a64d9c
GET /media/ucover/101304.jpg HTTP/1.1
Host: jav.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 75811
etag: "5f8f9419-12823"
expires: Wed, 18 Jan 2023 00:30:00 GMT
cache-control: max-age=43766
x-served-by: jav.re
cf-cache-status: HIT
age: 666
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06KSMY79N9gnzyS1nQ56og1S%2F4phJ3WCETCtYV6ko3hv6XepFlLcBkvamSugz%2B8ySn5kKjbr8m2glFNyW0smGTmCEFYDV2RZwa%2BkTGzt3yQk75F1TdK3SAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf8cab31c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ed3280604fa5e57383b7772b779d144c
f165b78d85f0077159fd046e7db1c4a44ad6ebee
8f9c49efabcc22ebeced773306c13e566a101b8bb5ce46e77975550fc3a65227
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F9C49EFABCC22EBECED773306C13E566A101B8BB5CE46E77975550FC3A65227"
Last-Modified: Sun, 15 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20226
Expires: Tue, 17 Jan 2023 18:08:46 GMT
Date: Tue, 17 Jan 2023 12:31:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 77bf30325fc7e3b5af3169ed2c3de734
5f8fa02c6e92dc3b4046f008113d7731cfbf1cd9
b32adc0312968c48481677c24afa8fb5f560f8ec81b4b8cbc20c1b9374a8930f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B32ADC0312968C48481677C24AFA8FB5F560F8EC81B4B8CBC20C1B9374A8930F"
Last-Modified: Mon, 16 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14213
Expires: Tue, 17 Jan 2023 16:28:33 GMT
Date: Tue, 17 Jan 2023 12:31:40 GMT
Connection: keep-alive
www.pytgo.com/pic/uploadimg/2019-10-11/Caribbean-052815-887.jpg
54.230.111.17200 OK 73 kB URL HTTP/1.1 www.pytgo.com/pic/uploadimg/2019-10-11/Caribbean-052815-887.jpg
IP 54.230.111.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, manufacturer=27051ths 112rns, software=Video Thumbnails Maker v6.3.0.0a, copyright=SUU Design], baseline, precision 8, 1922x1082, components 3\012- data
Hash 98c56493c3d2252d2a52bf44825521be
b429b3f44f4f45c811ae2b4379fa604f988560f6
db74a0ef8dac84c5dfe1921a2836cc2e29f672f3340512d136e9c7042bcdac9f
GET /pic/uploadimg/2019-10-11/Caribbean-052815-887.jpg HTTP/1.1
Host: www.pytgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 72994
Connection: keep-alive
Server: X
Last-Modified: Thu, 17 Oct 2019 16:29:18 GMT
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 02:49:36 GMT
ETag: "5da896de-11d22"
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8J9H_h1wWQ_oCgWYaMibN3QmJm-jO2-n2YL6uXncyXkI2vJdEaS06w==
Age: 36367
Vary: Accept-Encoding, Origin
www.clporn.com/thumbs/36/103-19.jpg
172.67.162.253200 OK 9.1 kB URL HTTP/2 www.clporn.com/thumbs/36/103-19.jpg
IP 172.67.162.253:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 312x208, components 3\012- data
Hash fcf04d04feaefd11a11405418ab75941
cf6a07fefa29085f886c4cca693e08ea187c34d4
4e99251b6a43c7a17c03f34a98264fcca91dc27dc37ad4cb8f4a9e5e0597155c
GET /thumbs/36/103-19.jpg HTTP/1.1
Host: www.clporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/jpeg
content-length: 9125
last-modified: Tue, 07 Jul 2020 13:05:28 GMT
etag: "5f047318-23a5"
expires: Wed, 07 Jun 2023 00:23:17 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 19397304
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkHhF72P2z8wGgKOldpWp0aBnBbtWgCTJnUtx0%2B7nWtGapNuuJdnQZhHVU4GWeOTu5iHl6iumAbB8czv6oAgqGB%2FNnTsWFXMryV5JWiftde%2B2ksxMKof2FUXHXCMfLiS2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf939e3b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.w3schools.com/w3css/4/w3.css
192.229.133.221200 OK 5.3 kB URL HTTP/2 www.w3schools.com/w3css/4/w3.css
IP 192.229.133.221:0
File type Unicode text, UTF-8 (with BOM) text
Hash cfa5fd76f66a5f917b87ddd80b75b3fa
c0d7265855205d77acc0f1154172070a8680ab19
38ae41c45eedd4f190a8ddbda2a2dc69e2a4d75a6ff8cb0bb35d4a521724ee98
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 835
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Tue, 17 Jan 2023 12:31:41 GMT
etag: "089db8db329d91:0"
last-modified: Mon, 16 Jan 2023 14:05:14 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5250
X-Firefox-Spdy: h2
cdn5-thumbs.motherlessmedia.com/thumbs/9F823DE.jpg
185.107.92.224200 OK 28 kB URL HTTP/1.1 cdn5-thumbs.motherlessmedia.com/thumbs/9F823DE.jpg
IP 185.107.92.224:0
ASN #43350 NForce Entertainment B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1775x1776, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 7185c5c4fcf6ffc3adaed65c96092411
6c6999a91a336b20970f7cc85d8b4350c2a993df
8a5af8f4c30439bd9c8ff07d4c0e9e0b6822bbb2d0198eadcee7adb7e52ba217
GET /thumbs/9F823DE.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
content-length: 28398
last-modified: Fri, 05 Oct 2018 12:53:10 GMT
etag: "1d19b841f-6eee-5777ac0eeaa0c"
expires: Tue, 16 May 2023 01:29:03 GMT
cache-control: max-age=10403061
x-cache: HIT
x-whom: srv6087
accept-ranges: bytes
page.myfile-host.info/myda.php
150.95.129.59200 OK 0 B URL HTTP/1.1 page.myfile-host.info/myda.php
IP 150.95.129.59:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jsjs.gazo.space/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
jp-xvideos-av.com/wp-content/uploads/2015/08/jWn1Bk3xQnkdhbOc.png
157.250.79.202200 OK 142 kB URL HTTP/1.1 jp-xvideos-av.com/wp-content/uploads/2015/08/jWn1Bk3xQnkdhbOc.png
IP 157.250.79.202:0
ASN #2519 ARTERIA Networks Corporation
File type PNG image data, 300 x 200, 8-bit/color RGB, non-interlaced\012- data
Size 142 kB (142489 bytes)
Hash b9579e6e0876854ad03328858216edca
f81276d6b45938999d3494f9814e7256d199fef6
e5f04edc2067571f46affbfd0943855147535482d64ac7030a9184702144fd58
GET /wp-content/uploads/2015/08/jWn1Bk3xQnkdhbOc.png HTTP/1.1
Host: jp-xvideos-av.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:31:39 GMT
Content-Type: image/png
Content-Length: 142489
Connection: keep-alive
Last-Modified: Tue, 11 Aug 2015 10:20:03 GMT
Expires: Thu, 16 Feb 2023 12:31:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4518b170b88af888a7e98992e1855656
883df149fa09637c7aee7e6a0ca81e924ae5d124
523c5b335736921e8d94399ee0bba40ef10a39faa00a320ec1d5615b0c2f0c99
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "523C5B335736921E8D94399EE0BBA40EF10A39FAA00A320EC1D5615B0C2F0C99"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16111
Expires: Tue, 17 Jan 2023 17:00:12 GMT
Date: Tue, 17 Jan 2023 12:31:41 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6ad47778e3c5a51c85bd2bf6d7f471c8
2486a54359b02cf11774b2cdea3050bd18144339
515ee341f208acf1246444a0525711113b7943714d9a73d47f4fe77126aab9eb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 02:30:26 GMT
Expires: Tue, 24 Jan 2023 02:30:25 GMT
Etag: "2486a54359b02cf11774b2cdea3050bd18144339"
Cache-Control: max-age=568123,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78af1bf93900b4f7-OSL
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9ecce7fdd81e92b16b2b0c8bed2ec7e0
877528aca3f3fd8559a17f175eacbf3c84d0522d
d5d97f5f53ae95de66ef85f7401f381a0f5127ac6b04ed062e2115055e00ee38
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D5D97F5F53AE95DE66EF85F7401F381A0F5127AC6B04ED062E2115055E00EE38"
Last-Modified: Mon, 16 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7249
Expires: Tue, 17 Jan 2023 14:32:30 GMT
Date: Tue, 17 Jan 2023 12:31:41 GMT
Connection: keep-alive
www.liaoai.xyz/favicon.ico
172.67.153.83301 Moved Permanently 0 B URL HTTP/1.1 www.liaoai.xyz/favicon.ico
IP 172.67.153.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.liaoai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 12:31:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 17 Jan 2023 13:31:41 GMT
Location: http://www.liaoai1.xyz/favicon.ico
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmWA4Z%2BOUJbSskIncFHOBpg5%2BKkechitH8TZTJLqirpMA5Jo6xG9nl%2BlUZG3sxTx0o84z8aKDaxFZ%2FznGKuCH0HIqqS9Bp4cPcSf2YeWebzfFT3swDTW6K%2F1Xiyhck520Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bf99cafb4fd-OSL
alt-svc: h2=":443"; ma=60
ak21727.com/20220126/063N1qQG/1.jpg
64.32.2.227200 OK 12 kB URL HTTP/1.1 ak21727.com/20220126/063N1qQG/1.jpg
IP 64.32.2.227:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density -2874x-2941, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x569, components 3\012- data
Hash f1c81d8070e919175e3a64b96f605ab5
72680f2831974de1ec292b4a499309da8364e2ea
3b9eb7821d5f20849b863cfebd75abdeeead7a66d0fe1a30b6546b6c38b47015
GET /20220126/063N1qQG/1.jpg HTTP/1.1
Host: ak21727.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:40 GMT
Content-Type: application/octet-stream
Content-Length: 12278
Connection: keep-alive
Last-Modified: Thu, 24 Mar 2022 21:04:03 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "623cdcc3-2ff6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Accept-Ranges: bytes
hentaiprn.b-cdn.net/wp-content/uploads/2020/10/A-kite-Episode-2-English-Dubbed.jpg
194.242.11.186200 OK 27 kB URL HTTP/2 hentaiprn.b-cdn.net/wp-content/uploads/2020/10/A-kite-Episode-2-English-Dubbed.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 617x387, components 3\012- data
Hash 16bca4e9abd1fe1b90269b2432340625
cee8de6ce1e737b0cf1c09a9a31c0e4edf85426d
d0ff9c8d9418ca85ec49da0612a7e0a80bd572353183e1d75777df80b5d40de8
GET /wp-content/uploads/2020/10/A-kite-Episode-2-English-Dubbed.jpg HTTP/1.1
Host: hentaiprn.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/jpeg
content-length: 27169
server: BunnyCDN-NO1-830
cdn-pullzone: 961623
cdn-uid: e010e020-dd00-441b-8c13-e1874b59f38e
cdn-requestcountrycode: NO
alt-svc: h3=":443", h3-29=":443"
cache-control: max-age=31536000
etag: "604ffebb-6a21"
last-modified: Tue, 16 Mar 2021 00:41:31 GMT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7JtZ8ZYW0Y144qPcLnN9jN5TIKYjZOCcLXIicvPUeT3KtMcGpzp6XlINAd88nx94FYAAM3R7Bk5nffX7ZQIEDcS9mxvmdkToXBt6TbsTbBiQAm31yPxXWDscM1OOhXp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 786fdbb4cdc1b515-OSL
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 20:17:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1931ee7fec668586534626a2a1773ebe
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.x-n-x-x.pro/pics/11/007_ask-time.webp
188.114.97.1200 OK 14 kB URL HTTP/2 pics.x-n-x-x.pro/pics/11/007_ask-time.webp
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 270x161, components 3\012- data
Hash d1c192d7a7cac6cc69379d15033369e2
4411f5cf3d634fad85b78e4257ebd1142dfe7218
e7843ed964cec28c8d959e2dca59c5bfedaf3c5813c08268a4a9c4a593f53654
GET /pics/11/007_ask-time.webp HTTP/1.1
Host: pics.x-n-x-x.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/webp
content-length: 13795
last-modified: Sat, 13 Feb 2021 11:40:08 GMT
etag: "6027ba98-35e3"
expires: Tue, 17 Jan 2023 16:40:25 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 589876
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHgzSMeY3EJOytv5WY5g0nu%2B5b38Zp9UFl%2F3AOlArIdG0xhq7qf9HeRSM4apFjGYbAOTm8IinVkQIFeuoXFIclIXrehYAWAGQ5vV0W5e%2Bb4Q3BkEySfLd%2Bgl8y8fqux07XHW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf9d9a41c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.javwind.com/contents/videos_screenshots/21000/21179/preview.jpg
172.67.155.113200 OK 47 kB URL HTTP/2 www.javwind.com/contents/videos_screenshots/21000/21179/preview.jpg
IP 172.67.155.113:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.21.103", baseline, precision 8, 640x360, components 3\012- data
Hash 831440f9c61b77e157170988a2177a3f
adc7df1529edb4275f15d212a4fb2f3b77f699aa
3c4a878cbae55224a1117160fac3ec0e4c4e54792f3ad9e547be49faec81428a
GET /contents/videos_screenshots/21000/21179/preview.jpg HTTP/1.1
Host: www.javwind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/jpeg
content-length: 46972
etag: "62e43545-b77c"
expires: Wed, 18 Jan 2023 00:30:00 GMT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
cache-control: max-age=14400
x-served-by: www.javwind.com
cf-cache-status: HIT
age: 43243
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcXaFYZr30Bnl5y6oVB9X46qmSqQ0wFetBDUD8ioY8VCFiIp21JVEm3kWq%2FbDX5CTarz7t40G0tFX3fqsTyenhCCbt79M%2BsY20%2FCR99EGOx9b1M%2FK2V5ls7cusII1GPGRpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bfa1930fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
subo228.com/20221128/5vfnCItQ/1.jpg
107.167.21.106200 OK 39 kB URL HTTP/1.1 subo228.com/20221128/5vfnCItQ/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 426x239, components 3\012- data
Hash e42c140ec960c57071c00af06bbd4648
446c17b1187848ae995dbb4b82c58342cc5abe7a
42ed0c2dd5b74276783c824605494e144252e2a70a0fe61f1e23d6674f36fc9d
GET /20221128/5vfnCItQ/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:40 GMT
Content-Type: image/jpeg
Content-Length: 39421
Last-Modified: Thu, 12 Jan 2023 14:27:59 GMT
Connection: keep-alive
ETag: "63c018ef-99fd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
subo228.com/20221126/tEYRNb1K/1.jpg
107.167.21.106200 OK 21 kB URL HTTP/1.1 subo228.com/20221126/tEYRNb1K/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x239, components 3\012- data
Hash 6ced9f5f9c4d9fad18b3d7eec64c2389
4e53cadbeee6709a62beb8cc3cc8ddd6f144651d
3017496bbdd0eda91d5f5804b4002a445a45baae0a1442b2596ebee359d3560d
GET /20221126/tEYRNb1K/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: image/jpeg
Content-Length: 20854
Last-Modified: Thu, 12 Jan 2023 14:28:14 GMT
Connection: keep-alive
ETag: "63c018fe-5176"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/91C9qoyagiw
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/91C9qoyagiw
IP 216.58.211.3:0
Hash ed307e30d3754b45629db2ade9e7155a
226525b6e0cf841e0235b3eb4e1c517f657c56f4
06abdea642e5ec5ff23f1eb2f6de27ab0fc1503d3bab62fbb407543c5175dced
POST /s/gts1p5/91C9qoyagiw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pic3.seaige.com/pic/20210927/008bda21f4dcfe122c21b0fe521bf9d4/1.jpg
74.211.104.239200 OK 16 kB URL HTTP/2 pic3.seaige.com/pic/20210927/008bda21f4dcfe122c21b0fe521bf9d4/1.jpg
IP 74.211.104.239:0
File type JPEG image data, baseline, precision 8, 544x960, components 3\012- data
Hash d3a693e00b473fcd8e242e8b175cb9d3
d525c81eaa2961f5d888d6bc3808aaa05c7cb9e4
d8746c2ea526ea8b9d24836bb97edfa37adad97d6c9528cbf8548d5336a4dc48
GET /pic/20210927/008bda21f4dcfe122c21b0fe521bf9d4/1.jpg HTTP/1.1
Host: pic3.seaige.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: https://www.xzylm.com
date: Thu, 12 Jan 2023 18:45:03 GMT
content-type: image/jpeg
content-length: 15845
last-modified: Mon, 27 Sep 2021 07:59:06 GMT
cache-control: max-age=2592000
accept-ranges: bytes
etag: "615179ca-3de5"
expires: Sat, 11 Feb 2023 18:45:03 GMT
age: 409598
via: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])
X-Firefox-Spdy: h2
cdn5-thumbs.motherlessmedia.com/thumbs/87D6C1C.jpg
185.107.92.224200 OK 63 kB URL HTTP/1.1 cdn5-thumbs.motherlessmedia.com/thumbs/87D6C1C.jpg
IP 185.107.92.224:0
ASN #43350 NForce Entertainment B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1280x1281, segment length 16, baseline, precision 8, 854x480, components 3\012- data
Hash ce38e8c2369cd90b033af1a96e1478bc
1c69e81394c21864b41f67a65161760a9d122fe6
032b42fa38b818581f25e952d8572729767fe471cc8a81308208f6adc50e4e5a
GET /thumbs/87D6C1C.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/jpeg
content-length: 63226
last-modified: Wed, 19 May 2021 03:47:49 GMT
etag: "1d22f1b2d-f6fa-5c2a6b0bfee54"
expires: Fri, 19 May 2023 01:15:28 GMT
cache-control: max-age=10675943
x-cache: HIT
x-whom: srv6142
accept-ranges: bytes
iv-videos.com/favicon.ico
172.67.70.25301 Moved Permanently 0 B URL HTTP/1.1 iv-videos.com/favicon.ico
IP 172.67.70.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: iv-videos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 12:31:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 17 Jan 2023 13:31:41 GMT
Location: https://iv-videos.com/favicon.ico
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkBXEqJQRi3PA33q0JHBVX8qATFQ9%2BHkWfcd%2Bz792vqauV0COLlwmsCdrCmnBb4OyjOq59Gn6IlnFGpec0sUv0sVSuQvT7i6JcLPWkomFKRHa%2BlX9tbVYWxTVcFfXes%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bfada0bb51b-OSL
alt-svc: h2=":443"; ma=60
page.myfile-host.info/myda.php
150.95.129.59200 OK 0 B URL HTTP/1.1 page.myfile-host.info/myda.php
IP 150.95.129.59:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jsjs.gazo.space/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
img.dramasq.net/vod/20220503-1/e1f2707b5e3f3835028b76e23cf011c7.jpg
104.21.67.63404 Not Found 141 B URL HTTP/1.1 img.dramasq.net/vod/20220503-1/e1f2707b5e3f3835028b76e23cf011c7.jpg
IP 104.21.67.63:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d3172a3136f9fc99f9fe6ab6385e82b6
db98920d28e5449230d0c26a45a4a9130c075f5c
66b12a543ab5d244b36ed8bf99179dc8a654d076a2ffe7e7932be2b474c1c175
GET /vod/20220503-1/e1f2707b5e3f3835028b76e23cf011c7.jpg HTTP/1.1
Host: img.dramasq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 2428763
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGTdJqlfbJhpfyQKnA4NJc4vXbzDT2%2BDENAr6yZuDZFV7iCBDuX3Zxx%2F6TABrg8UrLdF77%2FvfTCxVC%2BuCQIS5Tl1U1PAF1vt2SHz1CFC5qCIOmSa69IuR3N5S2ZE%2F%2F7xRUs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 78af1bfb187e0b49-OSL
Content-Encoding: br
www.2510avporn.com/favicon.ico
188.114.96.1403 Forbidden 2.1 kB URL HTTP/1.1 www.2510avporn.com/favicon.ico
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1001)
Hash 4b9bc2d342156b1a577c1a0d94fdf14f
1c667903848fa51dc554ac8d43b8745989df035f
f0b30fd2480fd901a492e01fcd2bbee4e84f83d87171759751c5be44fda96445
GET /favicon.ico HTTP/1.1
Host: www.2510avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 403 Forbidden
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raCVFE99coay23xO9zDNhQejNX1mSEoJNfENYUczI6ZP7SPGBSXgveLqg%2BfT4oJNU8QrivtH1XraebN3wjT7Tobc85979NyBmv1d7ocI9hKn59Qm8Ifwkbr3%2B4AZv%2Bjo4KJyvd4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bfb5cbeb4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fmtu.netfhtu.com/upload/vod/2022/10/uqlgn4cpvje.jpg
45.89.208.114200 OK 8.2 kB URL HTTP/1.1 fmtu.netfhtu.com/upload/vod/2022/10/uqlgn4cpvje.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 160x159, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 0277816a495cce8ba748c573886eaf2d
bf79821f9eb735fbdf043690778df55e1845ab1e
cf0f6660553ffd3b38259f24251b63d72fd30f2f5e3fc75603861611c611a0ce
GET /upload/vod/2022/10/uqlgn4cpvje.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: image/jpeg
Content-Length: 8160
Connection: keep-alive
Last-Modified: Fri, 14 Oct 2022 09:55:05 GMT
ETag: "634931f9-1fe0"
Accept-Ranges: bytes
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash f161ac9d57ca5edc7651d2badb4c2524
9683781a032ac5ba034ded35f0986dfdc4e9a7a9
ce39bedc13027eeb79c257975621cecc2bd85364eb40c6d0c8ffa8156aa15342
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 21 Jan 2023 11:58:41 GMT
ETag: "9683781a032ac5ba034ded35f0986dfdc4e9a7a9"
Last-Modified: Tue, 17 Jan 2023 11:58:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bfa5a790b69-OSL
subo228.com/20230113/g834Rn2g/1.jpg
107.167.21.106200 OK 39 kB URL HTTP/1.1 subo228.com/20230113/g834Rn2g/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 426x239, components 3\012- data
Hash 17c50643686549490bbbd197e0a56ff3
6a3b0636ef906822733a92a60323b619d4c222a9
e68ae4f02c295f1526555ad17ee9e8a2dffc331d14cc09422a0a8f55db1ef65d
GET /20230113/g834Rn2g/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: image/jpeg
Content-Length: 38576
Last-Modified: Sat, 14 Jan 2023 05:03:50 GMT
Connection: keep-alive
ETag: "63c237b6-96b0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.clporn.com/favicon.ico
172.67.162.253200 OK 0 B URL HTTP/2 www.clporn.com/favicon.ico
IP 172.67.162.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.clporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 07 Mar 2017 06:12:27 GMT
etag: "58be4f4b-0"
expires: Tue, 04 Jul 2023 17:41:16 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 17002225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLTh5TAbOc7pnopmUUwbAd2xY3ykIRzOqWuDQPkx%2BSXraxdNTWZV6Sl5Ljt50dveaY4oZQrP7l14aXL%2FT0MNBQMhJKKHxbU%2BMCfLUxHS%2Fx2g4Y87FlAaoOaWO0kWu4erfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bfbdd59b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash f161ac9d57ca5edc7651d2badb4c2524
9683781a032ac5ba034ded35f0986dfdc4e9a7a9
ce39bedc13027eeb79c257975621cecc2bd85364eb40c6d0c8ffa8156aa15342
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 21 Jan 2023 11:58:41 GMT
ETag: "9683781a032ac5ba034ded35f0986dfdc4e9a7a9"
Last-Modified: Tue, 17 Jan 2023 11:58:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bfcfd140b69-OSL
www.qzsp13.com/favicon.ico
172.67.213.121301 Moved Permanently 0 B URL HTTP/1.1 www.qzsp13.com/favicon.ico
IP 172.67.213.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.qzsp13.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 12:31:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 17 Jan 2023 13:31:41 GMT
Location: https://www.qzsp13.com/favicon.ico
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8pi%2BIzuMs6UOMYE7NOUkh7V7pPPlvzIiuWfbXjw5sSrWZEGWTQJkBqFBwlaj7mshZWNVKWdmXk4fmqKr%2FksVDDI5eVvR2glCZh3Ha4YeopHpv%2BYsbr0iII0xHevYZ0R%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bfd2d3b0b69-OSL
alt-svc: h2=":443"; ma=60
moav.com/favicon.ico
104.21.235.194200 OK 2.6 kB IP 104.21.235.194:0
Hash 3a909b5979142ab2891342323d332117
c18b16db047bb6455d409d397bcb8f4f25cbe299
b84beeac5999def76d8e95fe397f68bf1123b1cd7d075b3fddda76acfd594152
GET /favicon.ico HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 21 Feb 2022 04:33:56 GMT
ETag: W/"62131634-47e"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5808
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WqJ%2FAPyjeD2BvNdKQPvoE87i6%2BuDcHsVUXHgqDRuT9TOzFojU5TbJy7tjz9bxYr2hmSs%2FkzdM%2FjMPvUPpSKFzLBD5OEbcS1Inzr4bWxZQ2n9Mrt6GR23FUfsA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bfd58b3dd7c-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a744caf9bdbef73d50077c1462af56b3
d5d2e4e31801961550747ec7f9aeedc050d0a188
9d9f0fd9ecbc761182e199cc3bb45eeebc7834faefdd7f51a6ac95d8646073ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 556
Cache-Control: max-age=127589
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:41 GMT
Etag: "63c5e266-117"
Expires: Wed, 18 Jan 2023 23:58:10 GMT
Last-Modified: Mon, 16 Jan 2023 23:48:54 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
www.1pondo.tv/moviepages/1866486_350/images/str.jpg
140.174.0.175404 Not Found 743 B URL HTTP/1.1 www.1pondo.tv/moviepages/1866486_350/images/str.jpg
IP 140.174.0.175:0
ASN #30212 HYPERMEDIA-SYSTEMS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6a5e75f5cc538da784790243a1dedb76
9208746aac7af6763627ef3922a3518d781772f6
a993a987277546170129860d0e0932031ccb150312bbe04b3ca6d97c2ef37262
GET /moviepages/1866486_350/images/str.jpg HTTP/1.1
Host: www.1pondo.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63af512c-491"
Content-Encoding: gzip
cdn3.pornking.fun/picture/original/nUE0pUZ6Yl9cLl1_qP1foF5-nTAxov5wo_0iLF9MI1S3JxEWq056HzkBERxmJxqXn1y6HGEnnyceGwWXnx1RL3qMrzpmG1EEY3ZbqmbmZwNfnQbkBQNcYTcjMJpiZQN1Ymp3Zv8lZwLiqwViZmVjrQR-ZP-lZGDhnaOaXFfbXSOipz5YnJ5aYzM1ovysZmVjrQR-ZP0lZGDhnaOa/(PornKing.fun)_schulmadchen-report-5-1973.jpg
104.167.223.180200 OK 19 kB URL HTTP/2 cdn3.pornking.fun/picture/original/nUE0pUZ6Yl9cLl1_qP1foF5-nTAxov5wo_0iLF9MI1S3JxEWq056HzkBERxmJxqXn1y6HGEnnyceGwWXnx1RL3qMrzpmG1EEY3ZbqmbmZwNfnQbkBQNcYTcjMJpiZQN1Ymp3Zv8lZwLiqwViZmVjrQR-ZP-lZGDhnaOaXFfbXSOipz5YnJ5aYzM1ovysZmVjrQR-ZP0lZGDhnaOa/(PornKing.fun)_schulmadchen-report-5-1973.jpg
IP 104.167.223.180:0
ASN #399045 DEDIOUTLET-NETWORKS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash eb3327a7bd449534d69ec7ff5f3fdf20
008567c05714e5dca376e2996e70577b754dce49
ce3ed81fd1d2485450fb54a43cea3eec3c279a8fb3c0b530a3d5fb109b7ed823
GET /picture/original/nUE0pUZ6Yl9cLl1_qP1foF5-nTAxov5wo_0iLF9MI1S3JxEWq056HzkBERxmJxqXn1y6HGEnnyceGwWXnx1RL3qMrzpmG1EEY3ZbqmbmZwNfnQbkBQNcYTcjMJpiZQN1Ymp3Zv8lZwLiqwViZmVjrQR-ZP-lZGDhnaOaXFfbXSOipz5YnJ5aYzM1ovysZmVjrQR-ZP0lZGDhnaOa/(PornKing.fun)_schulmadchen-report-5-1973.jpg HTTP/1.1
Host: cdn3.pornking.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/jpeg
content-length: 18742
accept-ranges: bytes
last-modified: Tue, 17 Jan 2023 12:31:41 GMT
cache-control: max-age=8640000
expires: Thu, 27 Apr 2023 12:31:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
pakosen.com/favicon.ico
153.122.27.231404 Not Found 162 B IP 153.122.27.231:0
ASN #131921 GMO GlobalSign Holdings K.K.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /favicon.ico HTTP/1.1
Host: pakosen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
jav.com.se/favicon.ico
104.21.233.171200 OK 131 B IP 104.21.233.171:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash bde088ad209a4f94890164ba64721fb5
c153bf3363c34262b548141abca6c6eecd0b076b
1a4f8c6152f2a4764d293fbe2079322d7925ec80d7183c1420e74752a0fff41c
GET /favicon.ico HTTP/1.1
Host: jav.com.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5ff3c89a-47e"
Expires: Wed, 18 Jan 2023 00:30:00 GMT
Cache-Control: max-age=84591
X-Served-By: jav.com.se
CF-Cache-Status: HIT
Age: 43298
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kNdOmdDhalcb2qdn2eZi%2FclsyGs2OiZdG3ymAUhOuyqFFxiFdo5FzaraLhhsbkrcZRx0BPkKnfB7Z0lkDNMcg00PjT9ioeAx66rI9JGCgmDz4%2F9yyLKYq1Q5WKc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bfdfc3671c6-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
motherless.com/favicon.ico
185.107.81.234200 OK 1.2 kB URL HTTP/1.1 motherless.com/favicon.ico
IP 185.107.81.234:0
ASN #43350 NForce Entertainment B.V.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 71fed71dccb91a13bdf68a6444f25ce4
38da7202842147ecda5521d50f094a54d1381f2c
18f6675d329e6cb3bb7d7d1e546a1c68c5cc599f1b3ae98c2abbd21a53dc42c2
GET /favicon.ico HTTP/1.1
Host: motherless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: image/x-icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Mon, 12 Aug 2019 11:39:08 GMT
ETag: "5d514fdc-47e"
X-Server-W: web02
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Status: HIT
Accept-Ranges: bytes
okashik.atype.jp/favicon.ico
39.110.226.221200 OK 27 kB URL HTTP/1.1 okashik.atype.jp/favicon.ico
IP 39.110.226.221:0
ASN #2527 Sony Network Communications Inc.
File type MS Windows icon resource - 1 icon, -106x-106, 8 bits/pixel\012- data
Hash c96307b54559ba5b66bf64349fffaeed
ed0cf0bb16c7920bd8d9d07ca64cdeb5bac869b0
00690fc9a758e373f131eb5748f95d55238b0b60dca77bbfdb9c04949db74f88
GET /favicon.ico HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:22:28 GMT
ETag: "dc0718-6906-5c439817e2b05"
Accept-Ranges: bytes
Content-Length: 26886
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash a8ec860ca919bbdf32294b59288f7452
5fe692ecfb7db97a8addfc52d84287f4f7dc3157
8fda29c9b1e2a9a21995937bb162e95a42011359610358b3487f8ca9af3de59d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=463
Date: Tue, 17 Jan 2023 12:31:41 GMT
Connection: keep-alive
X-N: S
py2av.com/img/caribbeancom/042918-651.jpg
153.122.188.94200 OK 41 kB URL HTTP/2 py2av.com/img/caribbeancom/042918-651.jpg
IP 153.122.188.94:0
ASN #131921 GMO GlobalSign Holdings K.K.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 596x335, components 3\012- data
Hash 58effc2d7369144f2c6214390c34ddd9
2cd26b1e10cdcc9310703ac69450793516b07af6
b6aeb3bef9b9b6c1bf290bd2d5dcc624e736055417e6b2198273e513a9867f19
GET /img/caribbeancom/042918-651.jpg HTTP/1.1
Host: py2av.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/jpeg
content-length: 40776
last-modified: Sat, 28 Sep 2019 04:04:18 GMT
etag: "5d8edbc2-9f48"
expires: Tue, 17 Jan 2023 14:31:41 GMT
cache-control: max-age=7200
strict-transport-security: max-age=31536000; includeSubDomains;preload
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
X-Firefox-Spdy: h2
pornomotor.club/favicon.ico
54.37.238.32200 OK 767 B URL HTTP/1.1 pornomotor.club/favicon.ico
IP 54.37.238.32:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 0bac63aa7da6405097018b76ed88ee25
d8a0724444f62f019f7b285db9c15606c60c2f56
df49a20035af356b3687b16a7bbec10a3c778a773fd135a217da98761319acd4
GET /favicon.ico HTTP/1.1
Host: pornomotor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: image/x-icon
Last-Modified: Thu, 17 Sep 2020 12:03:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f63507e-47e"
Content-Encoding: gzip
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 96f1eef97323d2d31d66fc4e45a93832
ddecad17b6de078cf9f981a913a0a7b7a226c620
286642bfd4e3de9a908a5e3464fe9e7af70c068f58d0d1298151ba781928d69a
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=141
Date: Tue, 17 Jan 2023 12:31:41 GMT
Connection: keep-alive
X-N: S
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 35260b2d3ec410eb3b4d4c614f95d51a
25da42efd4f56008b00e403916682a6e4e8ff83f
6121eac6d9ac3512c201a0ed20dfaa22780110c88b73957d1f9065cee1a4dd37
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 04:47:59 GMT
Expires: Sun, 22 Jan 2023 04:47:58 GMT
Etag: "25da42efd4f56008b00e403916682a6e4e8ff83f"
Cache-Control: max-age=403576,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78af1bfeae80b4fa-OSL
py2av.com/favicon.ico
153.122.188.94200 OK 884 B IP 153.122.188.94:0
ASN #131921 GMO GlobalSign Holdings K.K.
Hash 95c04463fc63053489df13bb3b2d241c
18d5ac6c2b4e3deb916c2feade252a5177a4267f
59826d08a71071f5b4fa484e1407da77e5d8b5310d03035c597407ee03ce28ce
GET /favicon.ico HTTP/1.1
Host: py2av.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/x-icon
last-modified: Sat, 28 Sep 2019 03:59:29 GMT
vary: Accept-Encoding
etag: W/"5d8edaa1-47e"
expires: Tue, 17 Jan 2023 14:31:41 GMT
cache-control: max-age=7200
strict-transport-security: max-age=31536000; includeSubDomains;preload
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2
pics.dmm.co.jp//digital/video/mum00182/mum00182pl.jpg
202.6.244.93200 OK 152 kB URL HTTP/1.1 pics.dmm.co.jp//digital/video/mum00182/mum00182pl.jpg
IP 202.6.244.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 152 kB (152092 bytes)
Hash 1fbeb51ad35a77fe0756f1d35939699b
b6e78a5136f25cac563eb20c1b0f806efdc7ff5b
a9bdf8ec29935928ff46f160ef2b50f0fd3c967408e4fb05f873aa1de8ac11ab
GET //digital/video/mum00182/mum00182pl.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 17 Jan 2023 12:31:40 GMT
Content-Type: image/jpeg
Content-Length: 152092
Connection: keep-alive
Last-Modified: Fri, 28 Aug 2015 08:50:17 GMT
ETag: "55e020c9-2521c"
X-Pics-Origin: digital-master
X-Cache-Status: HIT
Set-Cookie: app_uid=ygb0XWPGlSyuJLfgsxpEAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f01e8dc437098070bff12e3af40ede37
5260a0020d20322ebbbe76315e303e3032a1bcb4
15226eebe870cbc320978517fcb95c4edcfd9ad78aef6d71bfa0453620f9793f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15226EEBE870CBC320978517FCB95C4EDCFD9AD78AEF6D71BFA0453620F9793F"
Last-Modified: Mon, 16 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15039
Expires: Tue, 17 Jan 2023 16:42:20 GMT
Date: Tue, 17 Jan 2023 12:31:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b38c54a5d6b7cefb13fa424df0304363
c53910709d127ab83089fb8c1014d278c101beb7
ff0d078572974996c78e49318b8afd7953849968149952bb7e0e7ad3d3632a90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF0D078572974996C78E49318B8AFD7953849968149952BB7E0E7AD3D3632A90"
Last-Modified: Mon, 16 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12682
Expires: Tue, 17 Jan 2023 16:03:03 GMT
Date: Tue, 17 Jan 2023 12:31:41 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 98d2d9ac7c777d2d76db91186fd53453
6cc91ef0334abb0bde4c7562ad9abeb21150b5c9
5bb39d13aaed64f08b6f20a3c9b1c8274cbb7a0e44564ddd26474ef9a5a01f36
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 21 Jan 2023 09:33:03 GMT
ETag: "6cc91ef0334abb0bde4c7562ad9abeb21150b5c9"
Last-Modified: Tue, 17 Jan 2023 09:33:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3369
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af1bff4f9a0b69-OSL
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 17 Jan 2023 12:31:42 GMT
access-control-allow-origin: *
etag: "63bfb9f8-2b"
expires: Tue, 17 Jan 2023 13:31:42 GMT
accept-ranges: bytes
last-modified: Thu, 12 Jan 2023 10:42:48 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b8242b00c54b5558edb3e52bf6bcfe6
5c225dc40c1c84ae1c181089d3ec8b5a9340a35f
6fbe1b5069494c027df80a72b5bf5ee6de65d61d0d146e65214092134a39b5cf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6FBE1B5069494C027DF80A72B5BF5EE6DE65D61D0D146E65214092134A39B5CF"
Last-Modified: Mon, 16 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2271
Expires: Tue, 17 Jan 2023 13:09:33 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
jp-xvideos-av.com/favicon.ico
157.250.79.202404 Not Found 146 B URL HTTP/1.1 jp-xvideos-av.com/favicon.ico
IP 157.250.79.202:0
ASN #2519 ARTERIA Networks Corporation
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /favicon.ico HTTP/1.1
Host: jp-xvideos-av.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 146
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2019/11-08/03/u5wmujdu3ba0326u5wmujdu3ba044961.jpg
172.247.77.90200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/03/u5wmujdu3ba0326u5wmujdu3ba044961.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2a245e35fa66d9bf35947919b79e729c
56d0d313c73a2c097977d5a0a03e714b8c312090
6e42efc1544e345524f10044009d781993096ca49ad067e8a5dc99161c30dc2a
GET /upload/vod/2019/11-08/03/u5wmujdu3ba0326u5wmujdu3ba044961.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:32:50 GMT
Content-Type: image/jpeg
Content-Length: 10337
Last-Modified: Wed, 09 Nov 2022 11:43:24 GMT
Connection: keep-alive
ETag: "636b925c-2861"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 246f5138224ed217b9bccff91d46c158
ad38caf81abe3780cf711e5642b7ec159d6a0a44
920fed2ba5be208c1e1b0b431451963845089bd0b03abe2d4f4b67d24810157b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "920FED2BA5BE208C1E1B0B431451963845089BD0B03ABE2D4F4B67D24810157B"
Last-Modified: Mon, 16 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15508
Expires: Tue, 17 Jan 2023 16:50:10 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
nijimo3.ocsp.secomtrust.net/
113.52.156.18200 OK 1.6 kB URL HTTP/1.1 nijimo3.ocsp.secomtrust.net/
IP 113.52.156.18:0
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash 883066ca2f92b5455b0e51c7c842b1f8
d599394bedbbe79b990b2c8195f30ef9612e9081
9b9c61e8984f70071eba6404abbf76ed5f9cd0d01f6f35632232d60a5ef9849a
POST / HTTP/1.1
Host: nijimo3.ocsp.secomtrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Sat, 21 Jan 2023 11:36:17 GMT
Last-Modified: Tue, 17 Jan 2023 11:36:17 GMT
ETag: "883066ca2f92b5455b0e51c7c842b1f8"
X-Powered-By: ASP.NET
Content-Length: 1560
Connection: close
ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
45.89.208.114200 OK 8.3 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1398ecfa82fd9e61cf23d5b188ddf6f9
cea6edcf5e5afd770231e955cbec58cb9962e5ba
1c5f11dc1c7aba7008a1896d807bb27b2ef6995e825772ac6472a970d219bb03
GET /upload/vod/2019-11-15/157377151010.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:42 GMT
Content-Type: image/jpeg
Content-Length: 8279
Last-Modified: Wed, 16 Nov 2022 05:06:16 GMT
Connection: keep-alive
ETag: "63746fc8-2057"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
nijimo3.ocsp.secomtrust.net/
113.52.156.18200 OK 1.6 kB URL HTTP/1.1 nijimo3.ocsp.secomtrust.net/
IP 113.52.156.18:0
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash 883066ca2f92b5455b0e51c7c842b1f8
d599394bedbbe79b990b2c8195f30ef9612e9081
9b9c61e8984f70071eba6404abbf76ed5f9cd0d01f6f35632232d60a5ef9849a
POST / HTTP/1.1
Host: nijimo3.ocsp.secomtrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Sat, 21 Jan 2023 11:36:17 GMT
Last-Modified: Tue, 17 Jan 2023 11:36:17 GMT
ETag: "883066ca2f92b5455b0e51c7c842b1f8"
X-Powered-By: ASP.NET
Content-Length: 1560
Connection: close
okashik.atype.jp/images/110-mlkp-002/1.jpg
39.110.226.221200 OK 125 kB URL HTTP/1.1 okashik.atype.jp/images/110-mlkp-002/1.jpg
IP 39.110.226.221:0
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 450x634, components 3\012- data
Size 125 kB (124590 bytes)
Hash 14adcd677107eab3505aab595545cdb2
00a5585a357a284a367d2787eea7c14376bb1d07
66affb20571f71b09e479df10e5ef0e2325729f589953163763871585e451ea3
GET /images/110-mlkp-002/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:40 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:54:46 GMT
ETag: "ea0b9c-1e6ae-5c439f501694d"
Accept-Ranges: bytes
Content-Length: 124590
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
pic.duga.jp/unsecure/hiroinet/0024/noauth/flvcap.jpg
59.106.25.10200 OK 32 kB URL HTTP/1.1 pic.duga.jp/unsecure/hiroinet/0024/noauth/flvcap.jpg
IP 59.106.25.10:0
ASN #9370 SAKURA Internet Inc.
File type JPEG image data, baseline, precision 8, 640x480, components 3\012- data
Hash 5bf2759f5585ef7636ed8b3d61e8c150
40dbb502f82eb2b1c89520444f281d0922b20119
c821e6fb3cd542af553d6ba0eb0e3ea743f46025252744a6a2458ac2e6962e22
GET /unsecure/hiroinet/0024/noauth/flvcap.jpg HTTP/1.1
Host: pic.duga.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: image/jpeg
Content-Length: 32178
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2016 05:12:15 GMT
ETag: "585b60af-7db2"
Expires: Mon, 05 Dec 2022 16:58:49 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 56722c067269b9cf545fff6b1d08ea95
741ddb10acab57e11e56f492a126c304c8503c14
1737e6c69f5c0932644e5659e4a5fe41d379cb2f8f744c5c2a52c4f5a77bfd93
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1737E6C69F5C0932644E5659E4A5FE41D379CB2F8F744C5C2A52C4F5A77BFD93"
Last-Modified: Sat, 14 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4282
Expires: Tue, 17 Jan 2023 13:43:04 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 73c2ed1e08967aa5dbb1722c4606b747
a33da73fb4e79ca662e49b7279297930e34b0a74
857b80b1a5d108df2ce004c5108de64e0602473a8bdc925021ebeae6bc211bca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2506
Cache-Control: max-age=106160
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:42 GMT
Etag: "63c58714-117"
Expires: Wed, 18 Jan 2023 18:01:02 GMT
Last-Modified: Mon, 16 Jan 2023 17:19:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
pic32.anzise.com/pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg
202.91.34.243200 OK 20 kB URL HTTP/2 pic32.anzise.com/pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg
IP 202.91.34.243:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.134.100", baseline, precision 8, 480x640, components 3\012- data
Hash 4e89848d0c2ac332a58c4bd00186d4bc
9ce0e4c99bb6aec5e26bdca23eab924d6fc2718c
f0bfcbe3b57ff63c7ed1bbae3e3a73b4966feeff80bfadb4606d79b8646c4678
GET /pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg HTTP/1.1
Host: pic32.anzise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: https://www.xzylm.com
date: Sat, 14 Jan 2023 16:02:42 GMT
content-type: image/jpeg
content-length: 19929
last-modified: Fri, 27 May 2022 13:53:02 GMT
cache-control: max-age=2592000
accept-ranges: bytes
etag: "6290d7be-4dd9"
expires: Mon, 13 Feb 2023 16:02:42 GMT
age: 246540
via: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ed641e5d1b452ca0bf6915423b61937e
03326a6428952cdcd85b2ef4a3ac4d8ae2e658c4
d6532761e63c5cddae5eb0d0786ce1a79fde31604a60ac57b8f7258020ae1547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 177
Cache-Control: max-age=134071
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:42 GMT
Etag: "63c5fd34-118"
Expires: Thu, 19 Jan 2023 01:46:13 GMT
Last-Modified: Tue, 17 Jan 2023 01:43:16 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4518b170b88af888a7e98992e1855656
883df149fa09637c7aee7e6a0ca81e924ae5d124
523c5b335736921e8d94399ee0bba40ef10a39faa00a320ec1d5615b0c2f0c99
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "523C5B335736921E8D94399EE0BBA40EF10A39FAA00A320EC1D5615B0C2F0C99"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16110
Expires: Tue, 17 Jan 2023 17:00:12 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
e857f5175c.e954669112.com/1eede25f633f898d0b2b14351be2daf2.js
45.133.44.25200 OK 36 kB URL HTTP/2 e857f5175c.e954669112.com/1eede25f633f898d0b2b14351be2daf2.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash 295f1683f9a248ceca53ee68d8286140
cfe980851c03a4acbca50e1ba1228f6cfee50fea
55fe9a775a17ccec15ee04cf677823ee1f138ce7e798d4fb88a4850ddfc57fde
GET /1eede25f633f898d0b2b14351be2daf2.js HTTP/1.1
Host: e857f5175c.e954669112.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 13 Jan 2023 14:07:40 GMT
etag: W/"63c165ac-188ee"
content-encoding: gzip
expires: Tue, 17 Jan 2023 12:36:42 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb89b31348ed46d9bc65f85a998cbcc7
c63af9230352b8a8a1b59ae3aeac67085c79c943
040c8dd80f38e343d331ce7edbd717cdbffa227e75f93e78e37da67739420258
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "040C8DD80F38E343D331CE7EDBD717CDBFFA227E75F93E78E37DA67739420258"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=729
Expires: Tue, 17 Jan 2023 12:43:51 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
rolotube.com/images/
104.21.235.163403 Forbidden 28 kB IP 104.21.235.163:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 089c8811c41c402a368c3f84d4c9ac32
7c602c3bccafd533cd3c11fd70f699d4e468119d
e6f4ad116a0a0f7ada5a4724d9ddcbe39fd80eadd81e231aa0572d75e28e9cc2
GET /images/ HTTP/1.1
Host: rolotube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:31:38 GMT
content-type: text/html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmJb2sZb6%2BLgLkiebzNfdSsgyxwCtXk2lItVCp%2BD0EU9k%2FXmExcQv05ZtUF0BNQXuNRSCqL1rBhkFN%2BDLj8Ihxe3ZZKW%2BZVfBnRwMytA7yabDHljWHUVCfNpODuYwkM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1bec4ab5dd75-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9bec5a937880b5c399258f0173bcad2f
cf20f19031b40246ed8b127186990c63cf8fd976
dbaf49364dd904ed65a2be44847e9b829c370fe8477c8a78a720bbd9727c2b31
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBAF49364DD904ED65A2BE44847E9B829C370FE8477C8A78A720BBD9727C2B31"
Last-Modified: Sun, 15 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3513
Expires: Tue, 17 Jan 2023 13:30:15 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2b0d22fc4859fd4b158edefee6f262c
f80693ebca51239b117611efb2bfe36a8dbb1906
cd48b9502fb525fdd133b31085d38d16ef963496e2545b5b2383e84a33fd817d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD48B9502FB525FDD133B31085D38D16EF963496E2545B5B2383E84A33FD817D"
Last-Modified: Sun, 15 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11970
Expires: Tue, 17 Jan 2023 15:51:12 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
IP 216.58.211.3:0
Hash cb2575c71957abf8096785f48d8fbbc7
8f5dbf02be7dd9a9ec5be4fdfe50712653c7db07
30dee376eca77dbd4ed817993a27e9fb27e0bbb303f581f6a9d263354c32487a
POST /s/gts1p5/Uzl9FVb0AGo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
okashik.atype.jp/images/112-cpsky-268/1.jpg
39.110.226.221200 OK 78 kB URL HTTP/1.1 okashik.atype.jp/images/112-cpsky-268/1.jpg
IP 39.110.226.221:0
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Hash 19f7a10d28f04778fc6fcfddd1cdd466
c49aa361931a9914cff59eb8c2ac30ee19f52af9
e474d898ffa3e4f90c5a19aae8a13b47fc507e74e3c49dfcafd5efe1eaa10c57
GET /images/112-cpsky-268/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:02:14 GMT
ETag: "ec0b7c-13173-5c43a0fb541dd"
Accept-Ranges: bytes
Content-Length: 78195
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
aatt.xyz/favicon.ico
82.192.82.227404 Not Found 9 B IP 82.192.82.227:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: aatt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Tue, 17 Jan 2023 12:31:42 GMT
server: Cowboy
set-cookie: sid=e5c4c156-9662-11ed-8d8f-07a19dbb9c5e; path=/; domain=.aatt.xyz; expires=Sun, 04 Feb 2091 15:45:49 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
pic.duga.jp/unsecure/haisetsu/0415/cap/0002.jpg
59.106.25.10200 OK 100 kB URL HTTP/1.1 pic.duga.jp/unsecure/haisetsu/0415/cap/0002.jpg
IP 59.106.25.10:0
ASN #9370 SAKURA Internet Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 864x480, components 3\012- data
Hash bf4cecd66b6f447b5dd655a6c1bf75a2
c4c09b35fb2a19fc09b96cf826f998d867870d7f
0d9c6a12b81e56bfd04b8aa45d93e252ee0103004263d355ae012a04ae246bff
GET /unsecure/haisetsu/0415/cap/0002.jpg HTTP/1.1
Host: pic.duga.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:31:41 GMT
Content-Type: image/jpeg
Content-Length: 99953
Connection: keep-alive
Last-Modified: Fri, 20 May 2022 10:29:56 GMT
ETag: "62876da4-18671"
Expires: Mon, 19 Dec 2022 10:04:01 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.2510avporn.com/favicon.ico
188.114.96.1403 Forbidden 2.5 kB URL HTTP/2 www.2510avporn.com/favicon.ico
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1001)
Hash edf6a575a9b7e86baa96a2703775bfe1
6838571e39036b988edd977b94fac5e647b93a11
ed16977d71a80872606e6f3088a0deff96babab166c5fae9807668bbad565786
GET /favicon.ico HTTP/1.1
Host: www.2510avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQYEg1%2BFAO2jigJzr3mOS3Q7Vd5r170fm1qBTaxLXjDgrjgsLxAXIEphXbUC94CT7VN7HBhctaIuARygGXx4QcDrTRPzkqTdrhW%2Bg6euXVbYt0LOiliKfFcqzmLaX18a0E17pjU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c01fe420afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d925be44a43fac63e75f0ffca703e4b6
cca84fc75bf460de608cd0cb1d6affd2ea5753fd
be6ab04741878ed94ab353b902671df502be16c6096c08cb1dc633a2967191e0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BE6AB04741878ED94AB353B902671DF502BE16C6096C08CB1DC633A2967191E0"
Last-Modified: Sun, 15 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Tue, 17 Jan 2023 18:30:44 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 16f1e548e7ff66398c1c344004652495
8dbb786461426c7c096f1ff532b39a16ebc6eb79
2bd13ed183ba0ed143f8b970cbfe3f08ea02353de4e5d460894a22ca148ecb3e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2BD13ED183BA0ED143F8B970CBFE3F08EA02353DE4E5D460894A22CA148ECB3E"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Tue, 17 Jan 2023 18:31:13 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
muryouav.avximg.com/2018-05/thumb/rQoPFqcNJY1FSQCv.jpeg
139.162.93.243200 OK 27 kB URL HTTP/2 muryouav.avximg.com/2018-05/thumb/rQoPFqcNJY1FSQCv.jpeg
IP 139.162.93.243:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x200, components 3\012- data
Hash d3633bb78d70d959711345126811d590
3828b4cea7a2b56c40feec2cea3abd63259ffdaf
e2904c295f220cd92899a5b5b2e45943a542a4460e722b4ba0f66d9f35b724ef
GET /2018-05/thumb/rQoPFqcNJY1FSQCv.jpeg HTTP/1.1
Host: muryouav.avximg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/jpeg
content-length: 27285
last-modified: Tue, 29 May 2018 04:30:54 GMT
expires: Tue, 17 Jan 2023 13:01:42 GMT
cache-control: max-age=1800
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e4a7054dec61f81545ff6a0170e292a6
9089fdff3bb94511c57416abad2e111083085acb
96cccfbb61c47bcff4eaea8ba759ea0c8522388e0a370da7dd996838bf0fc26d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "96CCCFBB61C47BCFF4EAEA8BA759EA0C8522388E0A370DA7DD996838BF0FC26D"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13780
Expires: Tue, 17 Jan 2023 16:21:22 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
www.appav.site/favicon.ico
188.114.96.1200 OK 2.1 kB URL HTTP/2 www.appav.site/favicon.ico
IP 188.114.96.1:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 7a3ab372b9f01386fba1fa678d83ae47
6ad49da3e2f6f32060b597bb5fae915785f3e8b2
e5b0a542b8b41de14025638473e9a4aa7cd3e8ac092ee176b62ea6a87793369d
GET /favicon.ico HTTP/1.1
Host: www.appav.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRQtkQv22Ynvx5l3j9iHE3mA8yGoEbT1s2E7pLMIz%2FypWtU7FUh6PLKEdayCTl1ItGvu6RhQED8VQ0ZY91AnBwmEuZRuZf077n2TmTpLbF3L6qW6f%2BGGAfgvEFmthL7ALA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c01ffb10b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
okashik.atype.jp/images/112-cpsky-046/1.jpg
39.110.226.221200 OK 82 kB URL HTTP/1.1 okashik.atype.jp/images/112-cpsky-046/1.jpg
IP 39.110.226.221:0
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Hash d5c6d514ee8918d73014e83f55327250
36c754342181f2e9726959ec7f4cd5bbb19dcd6a
10902a25bdcd8facfbd7914f313c0d6bbeb737ecd2fb82456d8983808dcef01d
GET /images/112-cpsky-046/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:00:17 GMT
ETag: "ea2b56-14165-5c43a08bcfc6d"
Accept-Ranges: bytes
Content-Length: 82277
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 4a8c4febd96bb59bc17307f0c6f95dd4
62df1d93a95789e2da51bdd804ecae903cbac2a1
9f27d965e19fc9ce15f5958b30873b89c54a78ca2286c941998ee03e4dc1d7dc
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 17 Jan 2023 12:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 16 Jan 2023 21:13:56 GMT
Expires: Tue, 17 Jan 2023 21:13:56 GMT
ETag: "62df1d93a95789e2da51bdd804ecae903cbac2a1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.liaoai3.xyz/favicon.ico
104.160.171.60404 Not Found 4.8 kB URL HTTP/1.1 www.liaoai3.xyz/favicon.ico
IP 104.160.171.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (320), with CRLF, LF line terminators
Hash b01d1e9a259336359dba626025c5d2e9
fd68402cc9518c2b3428980031d22e9f7f9c16c7
cf6bfd3ce9d1ad01a6289a93ece79708f8aca2d3b8d64b6ef07027537532979f
GET /favicon.ico HTTP/1.1
Host: www.liaoai3.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 17 Jan 2023 12:31:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=in91rg38ckhgsg6kdm3capfhp4; path=/
kt_referer=http%3A%2F%2Fav.co-vid.win%2F; expires=Wed, 18-Jan-2023 12:31:42 GMT; Max-Age=86400; path=/; domain=.liaoai3.xyz
kt_ips=91.90.42.154; expires=Wed, 18-Jan-2023 12:31:42 GMT; Max-Age=86400; path=/; domain=.liaoai3.xyz
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5aacfbecc4b2e6ef0690447b29a4368
82dfdb46d744c9fea7ac2f98c5195c1dd6ded978
6b3c2487561276b12a44230565307286618cf52f3c022003f3e12eb235778a77
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B3C2487561276B12A44230565307286618CF52F3C022003F3E12EB235778A77"
Last-Modified: Mon, 16 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1974
Expires: Tue, 17 Jan 2023 13:04:36 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
porno-tumblr.ru/video/devki-v-plyazhnoj-kabinke-bez-trusov.jpg
188.114.96.1200 OK 66 kB URL HTTP/2 porno-tumblr.ru/video/devki-v-plyazhnoj-kabinke-bez-trusov.jpg
IP 188.114.96.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop CS5 (12.0x20100115 [20100115.m.998 2010/01/15:02:00:00 cutoff; m branch]) Windows, datetime=2017:06:21 21:44:41], baseline, precision 8, 240x320, components 3\012- data
Hash b27af607c421480ae19ef299e590948f
14d979dc1557e035239df17d30cedc70524b836d
4a14d6c20ecc6224971261756eea4eb3c56dc3fe02e1de09b64c19bfd90bbace
GET /video/devki-v-plyazhnoj-kabinke-bez-trusov.jpg HTTP/1.1
Host: porno-tumblr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/jpeg
content-length: 65515
last-modified: Sat, 14 Aug 2021 16:45:38 GMT
etag: "6117f332-ffeb"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 4583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPdQXo3MO8pPp5zD1C3ZuYXzcCCVJZGwcMwg0L0UR1Aulo1OFPMeDb4Y%2FHevS8i4ACMI%2BXbfhlrvhvEdZlKsALVwd16%2Bm1qc4QAd1h3nxHIT60gix6MuRig5VpnPs9EoX7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c041b650b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/amateur/ankk014/ankk014jp.jpg
202.6.244.93200 OK 33 kB URL HTTP/2 pics.dmm.co.jp/digital/amateur/ankk014/ankk014jp.jpg
IP 202.6.244.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash 9cefdd599e3654775d1defad6c438641
63e8179c98c4468e13573f672fae4d17e6297f87
1cec45440c1f5e07fc066400829a50cb983829c660958cf0d25bd730cd758f05
GET /digital/amateur/ankk014/ankk014jp.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/jpeg
content-length: 32635
last-modified: Tue, 06 Sep 2022 08:15:30 GMT
etag: "631701a2-7f7b"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWPGlS6uJLfgsx2zAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jav321.com/favicon.ico
188.114.96.1404 Not Found 659 B URL HTTP/2 www.jav321.com/favicon.ico
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c59af7f1f9b4b5e409c970c618733e5b
7dde79e3594ab22f1c7e3d2d87ac631c4f166ca1
e903e6acd7f409ff43f3929ff8de92f68a1c72415b75198a2b9191c3e4ba141f
GET /favicon.ico HTTP/1.1
Host: www.jav321.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 76
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goYOJME730DkhvwV5cSyiHOZ9U%2FGCEF12htQDn%2Bc53bLsFGw6xfHXwxTpF2U8l%2Fk4qbhuBweTj%2FyOM7M7998CgjrDxoKhVp2HKKm7IlGgvrSWb0U3jeeLN%2FgLCZQ%2FNB83Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c03dc10b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/mRNhQEbPAEw
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mRNhQEbPAEw
IP 216.58.211.3:0
Hash 67ff21f6f6333b44a0a6e1a55884a0f5
257b6c0d80aecbdf5bf1ecdee1e9ebcff5042ef3
4d9a284c8e9efd20282b0c84e7ca330d0353a951cad6aa8ad1147ea402c1efc7
POST /s/gts1p5/mRNhQEbPAEw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5b10aef124676f9146248cc0a71a51fd
e0cc3490358ad8cd6d7dfd04b05fe709267c7f4e
fd8d35e0d030630cb6fbb7b038b3086ef1d84104209f4c19b48411b8d2529d7b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FD8D35E0D030630CB6FBB7B038B3086EF1D84104209F4C19B48411B8D2529D7B"
Last-Modified: Sun, 15 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6368
Expires: Tue, 17 Jan 2023 14:17:50 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
motherless.com/favicon.ico
185.107.81.234200 OK 1.2 kB URL HTTP/1.1 motherless.com/favicon.ico
IP 185.107.81.234:0
ASN #43350 NForce Entertainment B.V.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 71fed71dccb91a13bdf68a6444f25ce4
38da7202842147ecda5521d50f094a54d1381f2c
18f6675d329e6cb3bb7d7d1e546a1c68c5cc599f1b3ae98c2abbd21a53dc42c2
GET /favicon.ico HTTP/1.1
Host: motherless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:31:42 GMT
Content-Type: image/x-icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Mon, 12 Aug 2019 11:39:08 GMT
ETag: "5d514fdc-47e"
X-Server-W: web02
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Status: HIT
Accept-Ranges: bytes
x-n-x-x.pro/favicon.ico
162.254.190.69200 OK 1.2 kB IP 162.254.190.69:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 93c0ce0d3b86947fc409da9b0349f9da
4ccf9572f132e457de84cd8ebc8b885ca24e1d87
d0f8397c265919dde00efc8ff36b1c4a0fa7df93195f2eb9b608a9d1e5a34b0e
GET /favicon.ico HTTP/1.1
Host: x-n-x-x.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Mon, 08 Mar 2021 11:09:10 GMT
etag: "604605d6-47e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=63072000;
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e7d8b7c55de99f0d4e424e83c4df5d40
f7004820dfd459c192b0cca2181c5692c94e32ae
a7191553506ba697bf8711904a0359f8b202ae9b01f6f6b696e9d93d1fb20309
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7191553506BA697BF8711904A0359F8B202AE9B01F6F6B696E9D93D1FB20309"
Last-Modified: Mon, 16 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3909
Expires: Tue, 17 Jan 2023 13:36:51 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6f4850f5eca2a8dace8031b7189f14ff
5192bb20c837f7937cafc1313e0047aea7c0d9cf
c9d2173d17960617f38e5183685f539964a8ad3f7fd66bc074c5edc817b35f37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9D2173D17960617F38E5183685F539964A8AD3F7FD66BC074C5EDC817B35F37"
Last-Modified: Mon, 16 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14089
Expires: Tue, 17 Jan 2023 16:26:31 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ddee9e60128e72e008d1dac0c2020520
b956c0c2f0254fbecc0f26833cadf96b83ffbd2e
a83dd0765346237525d8c325e1eac788e8017ae173041c1d8afa62a9e1c31e87
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 291
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:42 GMT
Last-Modified: Tue, 17 Jan 2023 12:26:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b8242b00c54b5558edb3e52bf6bcfe6
5c225dc40c1c84ae1c181089d3ec8b5a9340a35f
6fbe1b5069494c027df80a72b5bf5ee6de65d61d0d146e65214092134a39b5cf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6FBE1B5069494C027DF80A72B5BF5EE6DE65D61D0D146E65214092134A39B5CF"
Last-Modified: Mon, 16 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2271
Expires: Tue, 17 Jan 2023 13:09:33 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
www.dramasq.net/favicon.ico
188.114.96.1200 OK 1.1 kB URL HTTP/1.1 www.dramasq.net/favicon.ico
IP 188.114.96.1:0
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash f7a88d5142a280f612b17a74952dadfe
71566cf6b0fd6e102310ef60ac462c93776043b2
dbfb3554e25f5929ff880de89c2ccc428fabf22f23533814367748933a69c257
GET /favicon.ico HTTP/1.1
Host: www.dramasq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:42 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 26 Jan 2021 09:53:56 GMT
ETag: W/"600fe6b4-423e"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7101
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rNYnPOw6FqDNSNLYhmOaSj9qG3l4rnyaK5Yh%2BoygiqAmTKgdlFxK6dEc4jlzKWPo9JFpaRsHz2GfkIjDO6O%2Fb5XgRIzik2FEoGKruLfW225vr0lY4gMkVwdE2uNREAI0%2F8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 78af1c051cb50b3d-OSL
Content-Encoding: br
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 67eeaf54a17487962ebeb64f50d667db
b1167fdeb1df56cce0e25e4868a32e1d6350dd32
d3dbf38219b26dca9bc3f96e10cfaa671ba4fe570be40e12831b31d368bb0c9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3DBF38219B26DCA9BC3F96E10CFAA671BA4FE570BE40E12831B31D368BB0C9D"
Last-Modified: Sun, 15 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4589
Expires: Tue, 17 Jan 2023 13:48:11 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
www.appav.xyz/favicon.ico
188.114.96.1200 OK 1.7 kB URL HTTP/2 www.appav.xyz/favicon.ico
IP 188.114.96.1:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash f91c7e4f4eaabf6e388f01ffa96118d6
0e973fa0d17d78d76a54276bba409be368854c27
6902cc72b03d1428637202590137e90849e3cf3eb5a3169b4c3c20cc8251e385
GET /favicon.ico HTTP/1.1
Host: www.appav.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2975
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaYL%2BgjbhcFIP9gfBcFyNkElNOfBf8H4bwOO2J3l%2FkVQdEr7D8Ode%2BoV6GTycKVwY%2BDUVP%2BMwkUjcJ03K8A1N9jzPdQf20xUiB25zQ7VujhO1A33%2BRXWEAeb4dV9s%2Bj%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c025b7bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 56722c067269b9cf545fff6b1d08ea95
741ddb10acab57e11e56f492a126c304c8503c14
1737e6c69f5c0932644e5659e4a5fe41d379cb2f8f744c5c2a52c4f5a77bfd93
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1737E6C69F5C0932644E5659E4A5FE41D379CB2F8F744C5C2A52C4F5A77BFD93"
Last-Modified: Sat, 14 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4282
Expires: Tue, 17 Jan 2023 13:43:04 GMT
Date: Tue, 17 Jan 2023 12:31:42 GMT
Connection: keep-alive
www.qiqu9.xyz/favicon.ico
104.160.171.62200 OK 4.3 kB URL HTTP/1.1 www.qiqu9.xyz/favicon.ico
IP 104.160.171.62:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash ce94747bb0dea683fd420d4764ac487d
e874006f6da2ce8f3fabbfea5b8ed85aa69e6d06
aafd5ce83fcd211faadd4cda72da4f98b1a471004c718b0e65a5da1e879b0886
GET /favicon.ico HTTP/1.1
Host: www.qiqu9.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:31:43 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Sun, 02 Oct 2022 05:49:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6339266b-10be"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 73c2ed1e08967aa5dbb1722c4606b747
a33da73fb4e79ca662e49b7279297930e34b0a74
857b80b1a5d108df2ce004c5108de64e0602473a8bdc925021ebeae6bc211bca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4749
Cache-Control: max-age=108402
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:43 GMT
Etag: "63c58714-117"
Expires: Wed, 18 Jan 2023 18:38:25 GMT
Last-Modified: Mon, 16 Jan 2023 17:19:16 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 01fe677e50718157c4aa9426b09e035c
d4d4d5b39d515d3b2574074e4b11b08559b7e17c
d483470d0d4de89624b6e3f0ce892af818269876dcb225f8874d12c8074f5e40
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D483470D0D4DE89624B6E3F0CE892AF818269876DCB225F8874D12C8074F5E40"
Last-Modified: Mon, 16 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18450
Expires: Tue, 17 Jan 2023 17:39:13 GMT
Date: Tue, 17 Jan 2023 12:31:43 GMT
Connection: keep-alive
hentaiprn.com/wp-content/uploads/2021/07/favicon-32x32-1.png
188.114.96.1200 OK 244 B URL HTTP/2 hentaiprn.com/wp-content/uploads/2021/07/favicon-32x32-1.png
IP 188.114.96.1:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash aa6ca0c5b76e474eca3b61c9ad3c2fc9
b76e48a1e89b985ff2de5595a5191f5a464bc785
38a46369902d2e2aeb89599c0b45399d707017cb08b118cef6bcfa707bf5d7cd
GET /wp-content/uploads/2021/07/favicon-32x32-1.png HTTP/1.1
Host: hentaiprn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: image/png
content-length: 244
last-modified: Thu, 15 Jul 2021 14:24:54 GMT
etag: "60f04536-f4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4302
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQvvwI8QHr8D16oeiO4xVn8TRlr2zeWiuKD%2BbpmV7CikDAvkB%2FUAivEvQOfDqUYf%2Fla7Y8OQklHzIU%2FXkJT3RIXg1vRFSmKwM7Nbjb%2FzruzpfkDaOyI8dAMfGaf%2FFHT9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c068d7f0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Tue, 17 Jan 2023 12:36:43 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
twitter.com/favicon.ico
104.244.42.1200 OK 1.2 kB IP 104.244.42.1:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 630d203cdeba06df4c0e289c8c8094f6
eee14e8a36b0512c12ba26c0516b4553618dea36
bbce71345828a27c5572637dbe88a3dd1e065266066600c8a841985588bf2902
GET /favicon.ico HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 UTC
perf: 7626143928
server: tsa_o
set-cookie: guest_id=v1%3A167395870310016877; Max-Age=34214400; Expires=Sat, 17 Feb 2024 12:31:43 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0
content-length: 1150
x-transaction-id: f0ff2ddc54b0724b
strict-transport-security: max-age=631138519
x-response-time: 100
x-connection-hash: dd21f580a7b98f7851e6ead72078f9940982e5cb82d86d3a146a092a9ea89402
X-Firefox-Spdy: h2
pornmaster.fun/favicon.ico
104.167.223.182301 Moved Permanently 162 B URL HTTP/2 pornmaster.fun/favicon.ico
IP 104.167.223.182:0
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: pornmaster.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html
content-length: 162
location: https://pornking.fun/favicon.ico
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e4a7054dec61f81545ff6a0170e292a6
9089fdff3bb94511c57416abad2e111083085acb
96cccfbb61c47bcff4eaea8ba759ea0c8522388e0a370da7dd996838bf0fc26d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "96CCCFBB61C47BCFF4EAEA8BA759EA0C8522388E0A370DA7DD996838BF0FC26D"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13779
Expires: Tue, 17 Jan 2023 16:21:22 GMT
Date: Tue, 17 Jan 2023 12:31:43 GMT
Connection: keep-alive
nijimo3.ocsp.secomtrust.net/
113.52.156.18200 OK 1.6 kB URL HTTP/1.1 nijimo3.ocsp.secomtrust.net/
IP 113.52.156.18:0
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash c53900f7a7e5416ecf731a3c96b77688
314e04d9832c9d2357e3d537465fe93698831871
2be54417485fddb78ca9b8a5cd7f0802f564a1a56b137ce7ad139969f32870e9
POST / HTTP/1.1
Host: nijimo3.ocsp.secomtrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:42 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Sat, 21 Jan 2023 11:36:17 GMT
Last-Modified: Tue, 17 Jan 2023 11:36:17 GMT
ETag: "c53900f7a7e5416ecf731a3c96b77688"
X-Powered-By: ASP.NET
Content-Length: 1560
Connection: close
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ed641e5d1b452ca0bf6915423b61937e
03326a6428952cdcd85b2ef4a3ac4d8ae2e658c4
d6532761e63c5cddae5eb0d0786ce1a79fde31604a60ac57b8f7258020ae1547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:31:43 GMT
Server: ECS (amb/6B9D)
Content-Length: 280
www.xxx-avav.com/favicon.ico
104.21.9.55301 Moved Permanently 471 B URL HTTP/2 www.xxx-avav.com/favicon.ico
IP 104.21.9.55:0
Hash cb2575c71957abf8096785f48d8fbbc7
8f5dbf02be7dd9a9ec5be4fdfe50712653c7db07
30dee376eca77dbd4ed817993a27e9fb27e0bbb303f581f6a9d263354c32487a
GET /favicon.ico HTTP/1.1
Host: www.xxx-avav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 17 Jan 2023 12:31:42 GMT
location: https://www.secret-av.com/
cache-control: max-age=3600
expires: Tue, 17 Jan 2023 13:31:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5jnokSVdfxVJkP5XhKlGr4MkAnsWfsvaijbPKFHC4uWyl%2FMEs6y6UGVBgqcEnCwAFp5OvUZgDgpRVlfztVQcdD511q9cBT5GZUuLz%2BDK548RUWY9pJPEzDKeI73RQmEXubs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bfffebeb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5b10aef124676f9146248cc0a71a51fd
e0cc3490358ad8cd6d7dfd04b05fe709267c7f4e
fd8d35e0d030630cb6fbb7b038b3086ef1d84104209f4c19b48411b8d2529d7b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FD8D35E0D030630CB6FBB7B038B3086EF1D84104209F4C19B48411B8D2529D7B"
Last-Modified: Sun, 15 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6367
Expires: Tue, 17 Jan 2023 14:17:50 GMT
Date: Tue, 17 Jan 2023 12:31:43 GMT
Connection: keep-alive
rz.nakadashi.pw/v/s://www.lasp1.com/videos/18129/d0c6bc70ba2e5fa6e18565850552875a//title/myhash/3
172.64.128.21200 OK 1.7 kB URL HTTP/2 rz.nakadashi.pw/v/s://www.lasp1.com/videos/18129/d0c6bc70ba2e5fa6e18565850552875a//title/myhash/3
IP 172.64.128.21:0
File type ASCII text, with no line terminators
Hash 7f939e2090466c3c70ecaca4624d5825
e592e662038ff2a33249a4b378851ba93c0a9ffc
cb0de2cffc67c3520acadee8b67e092b8b1e8c79c787f19723b0942e44e6fb0c
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.lasp1.com/videos/18129/d0c6bc70ba2e5fa6e18565850552875a//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.lasp1.com/videos/18129/d0c6bc70ba2e5fa6e18565850552875a//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/d1/b7/79ed64, lfm-1-587, lmd-587, lud-270675, xfvlen-1211003, fsize-371764, played-261
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.lasp1.com/videos/18129/d0c6bc70ba2e5fa6e18565850552875a//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.lasp1.com/videos/18129/d0c6bc70ba2e5fa6e18565850552875a//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 70169
last-modified: Mon, 16 Jan 2023 17:02:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAomN2UE9luxWBf4Nq5rpCAjH4CIseP86NsFIkmTQCx8%2Fp1334c78KVgvOQqRUhJiNxJbTLqFQ5MzV0OtEoTJnG%2F%2FNsdsZ38%2BFbNsaup7gxelFhU7mH8iYuRrcJBJr6eiYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05bcb975e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=23782
157.90.84.242204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=23782
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://av.co-vid.win/
Origin: http://av.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Tue, 17 Jan 2023 12:31:43 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://av.co-vid.win
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
img-egc.xvideos.com/videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.20.jpg
195.181.166.15404 Not Found 173 B URL HTTP/1.1 img-egc.xvideos.com/videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.20.jpg
IP 195.181.166.15:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3674c9f9d4cb3aeda8a1dabcf83e21ce
e464bbf96e99f833d457531275b5f4e94d5f633d
d0defd1c3d57c0cc21ccf2602e742ba72684282cebaae43539b5b6c6d97ac5b7
GET /videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.20.jpg HTTP/1.1
Host: img-egc.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 12:31:43 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: sameorigin
Cache-Control: max-age=10368000, public
Access-Control-Allow-Origin: *
X-Accel-Expires: @1681053164
X-77-NZT: A8O1pg2JLb//DzUMAIrHJTTRinT/0awlAI/0OtiHZvv/YxEAAA
X-77-NZT-Ray: ffffffff095a22562f95c6635a3b6e20
X-77-Cache: HIT
Server: CDN77-Turbo
X-Cache-LB: HIT, HIT
X-Age-LB: 2469073, 800015
X-77-POP: stockholmSE
Content-Encoding: gzip
img-egc.xvideos.com/videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.9.jpg
195.181.166.15404 Not Found 173 B URL HTTP/1.1 img-egc.xvideos.com/videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.9.jpg
IP 195.181.166.15:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3674c9f9d4cb3aeda8a1dabcf83e21ce
e464bbf96e99f833d457531275b5f4e94d5f633d
d0defd1c3d57c0cc21ccf2602e742ba72684282cebaae43539b5b6c6d97ac5b7
GET /videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.9.jpg HTTP/1.1
Host: img-egc.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 12:31:43 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: sameorigin
Cache-Control: max-age=10368000, public
Access-Control-Allow-Origin: *
X-Accel-Expires: @1681053164
X-77-NZT: A8O1pg2568//DzUMAJySISOvrvv/0awlAI/0OshnoLf/YxEAAA
X-77-NZT-Ray: fffffffff33e24562f95c663fcf07220
X-77-Cache: HIT
Server: CDN77-Turbo
X-Cache-LB: HIT, HIT
X-Age-LB: 2469073, 800015
X-77-POP: stockholmSE
Content-Encoding: gzip
img-egc.xvideos.com/videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.3.jpg
195.181.166.15404 Not Found 173 B URL HTTP/1.1 img-egc.xvideos.com/videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.3.jpg
IP 195.181.166.15:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3674c9f9d4cb3aeda8a1dabcf83e21ce
e464bbf96e99f833d457531275b5f4e94d5f633d
d0defd1c3d57c0cc21ccf2602e742ba72684282cebaae43539b5b6c6d97ac5b7
GET /videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.3.jpg HTTP/1.1
Host: img-egc.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 12:31:43 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: sameorigin
Cache-Control: max-age=10368000, public
Access-Control-Allow-Origin: *
X-Accel-Expires: @1681053164
X-77-NZT: A8O1pg1kmJj/DzUMANRmOBHqkv3/0awlAI/0Ot0E+ef/YxEAAA
X-77-NZT-Ray: ffffffff123f23562f95c66339b17120
X-77-Cache: HIT
Server: CDN77-Turbo
X-Cache-LB: HIT, HIT
X-Age-LB: 2469073, 800015
X-77-POP: stockholmSE
Content-Encoding: gzip
7dak.com/favicon.ico
51.195.63.200200 OK 6.9 kB IP 51.195.63.200:0
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash f8ade03bb96f476734027800ec5fbec4
8ffe527bbd0b0e2786ed5a0116b2a9cc1a6b1bba
e6f45067665d42dde1421e4e2de56db9026717a63ed22c1dca2d23394eb3c94a
GET /favicon.ico HTTP/1.1
Host: 7dak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/x-icon
last-modified: Tue, 11 Aug 2020 18:52:14 GMT
vary: Accept-Encoding
etag: W/"5f32e8de-3aee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2
img-egc.xvideos.com/videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.15.jpg
195.181.166.15404 Not Found 173 B URL HTTP/1.1 img-egc.xvideos.com/videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.15.jpg
IP 195.181.166.15:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3674c9f9d4cb3aeda8a1dabcf83e21ce
e464bbf96e99f833d457531275b5f4e94d5f633d
d0defd1c3d57c0cc21ccf2602e742ba72684282cebaae43539b5b6c6d97ac5b7
GET /videos/thumbsll/fb/a6/af/fba6af2b00ce4903525e4a3495de75d4/fba6af2b00ce4903525e4a3495de75d4.15.jpg HTTP/1.1
Host: img-egc.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 12:31:43 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: sameorigin
Cache-Control: max-age=10368000, public
Access-Control-Allow-Origin: *
X-Accel-Expires: @1681053164
X-77-NZT: A8O1pg0D1kn/DzUMAJySISONY6z/YoIcAI/0OtjCoRb/0jsJAA
X-77-NZT-Ray: ffffffff7d5e27562f95c663153eb720
X-77-Cache: HIT
Server: CDN77-Turbo
X-Cache-LB: HIT, HIT
X-Age-LB: 1868386, 800015
X-77-POP: stockholmSE
Content-Encoding: gzip
notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=d
168.119.25.20200 OK 2.6 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=d
IP 168.119.25.20:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (2602), with no line terminators
Hash 0589f42432b7a690d9e2eb449f9723bb
fae352572474ef2f8905f53e9fe86ad344713bb1
45a3824322a75e4dece504b06cce0fa4e3065d3faf1e483d6f3ddb65753e9b3b
GET /tags?tag_id=23782&timezone_olson=UTC&version_name=d HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: application/json
content-length: 2602
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
xvideo-jp.com/favicon.ico
36.52.207.166200 OK 0 B URL HTTP/2 xvideo-jp.com/favicon.ico
IP 36.52.207.166:0
ASN #10013 FreeBit Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: xvideo-jp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 09 Apr 2019 01:53:17 GMT
etag: "5cabfb0d-0"
expires: Wed, 18 Jan 2023 12:31:43 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 16f1e548e7ff66398c1c344004652495
8dbb786461426c7c096f1ff532b39a16ebc6eb79
2bd13ed183ba0ed143f8b970cbfe3f08ea02353de4e5d460894a22ca148ecb3e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2BD13ED183BA0ED143F8B970CBFE3F08EA02353DE4E5D460894A22CA148ECB3E"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Tue, 17 Jan 2023 18:31:13 GMT
Date: Tue, 17 Jan 2023 12:31:43 GMT
Connection: keep-alive
fp.metricswpsh.com/fp?tag_id=23782
157.90.84.242200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=23782
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22292
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 17 Jan 2023 12:31:43 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://av.co-vid.win
Set-Cookie: id=8948635093791484248; Expires=Wed, 17 Jan 2024 12:31:43 GMT; Secure; SameSite=None
Vary: Origin
pornking.fun/favicon.ico
104.167.223.182301 Moved Permanently 162 B IP 104.167.223.182:0
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: pornking.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html
content-length: 162
location: https://pornking.fun/
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.dmm.co.jp/favicon.ico
54.230.216.186301 Moved Permanently 198 B URL HTTP/2 www.dmm.co.jp/favicon.ico
IP 54.230.216.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4b4e14e78cc1cfeaff2be86686a7872d
45a095fc2374b08181d51e199e08955232fa2414
3c656afd70b573701e1cdd886340dd79bff1834c6f47ab8daed47f04c03a4e6f
GET /favicon.ico HTTP/1.1
Host: www.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
content-length: 198
location: https://p.dmm.co.jp/p/favicon.ico
date: Tue, 17 Jan 2023 12:31:43 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jbxlVKsp7NB-G1YfPQBSwmuEfKpR6r7OrSaHc0McdQsgMYfGu1gSKg==
X-Firefox-Spdy: h2
pornking.fun/
104.167.223.182301 Moved Permanently 162 B IP 104.167.223.182:0
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: pornking.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html
content-length: 162
location: https://pornking.fun/hd/
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
okashik.atype.jp/images/2117-ohi-025/1.jpg
39.110.226.221200 OK 404 kB URL HTTP/1.1 okashik.atype.jp/images/2117-ohi-025/1.jpg
IP 39.110.226.221:0
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2012:10:26 10:10:30], baseline, precision 8, 450x634, components 3\012- data
Size 404 kB (403847 bytes)
Hash 6821b13ab7ad5bcb982cfdf7f98ddbd6
7de9cd96b3bf66fc8f23f239115138a727a5db60
bcc03f3d066f9f83a705a3f30faff1a7e500c1ecf4fed54d7da2f7bdeef44ca7
GET /images/2117-ohi-025/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:31:42 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:10:02 GMT
ETag: "ee0f89-62987-5c43a2b96d885"
Accept-Ranges: bytes
Content-Length: 403847
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
scavoice.com/favicon.ico
188.114.97.1404 Not Found 1.1 kB IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash b2a9dee208a57c7ba127c56c5f9b9cd1
f66bbcedd33284d4111359e74efc4154fcd9767e
906a92900589337219a8f3593359b7496c179cf0190d2451a537423ddea0bffe
GET /favicon.ico HTTP/1.1
Host: scavoice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XucW31R8rreyu7EBlEXEDq9bOLVa6zKIXhjrduJLTzXdhz6GxwIQmcrhDVRSKS%2FaSlrG91B%2BdtG6DJ5mkIO%2FFs3KYWFi10iEhdUWtNU%2BG1SmZcCYgFOZSAKrYA46IM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c03cf5db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p.dmm.co.jp/p/favicon.ico
202.6.244.93200 OK 15 kB URL HTTP/2 p.dmm.co.jp/p/favicon.ico
IP 202.6.244.93:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 585b7660a8d46df20f3a0f838b58e11a
c4b5148fad8e310257812bf99be815a8dd145af5
9cb6d660bbc93c9ff4b0b2a0e0253b5b5c5e102d35cbd8644e4690a3c6b00f69
GET /p/favicon.ico HTTP/1.1
Host: p.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 17 Jan 2023 12:31:44 GMT
content-type: image/x-icon
content-length: 15086
last-modified: Tue, 31 Jul 2018 10:18:36 GMT
etag: "5b60377c-3aee"
x-cache-status: HIT
set-cookie: app_uid=ygb0XWPGlTCuJLfgsyHwAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
img.lytuchuang3.com/upload/vod/20221016-1/46078d6b1c2e29a5aa82946bb90b1fb6.jpg
154.12.54.82200 OK 8.5 kB URL HTTP/1.1 img.lytuchuang3.com/upload/vod/20221016-1/46078d6b1c2e29a5aa82946bb90b1fb6.jpg
IP 154.12.54.82:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 80x107, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 240x320, components 3\012- data
Hash 1f09403dd6760ef18194e637a232a908
0384fe2826589f832ae50ae63b763b60805e0498
38e1ee936b6db4ecd00b1030302b76dcaebbab48ce808d24846c4f14e81a6d08
GET /upload/vod/20221016-1/46078d6b1c2e29a5aa82946bb90b1fb6.jpg HTTP/1.1
Host: img.lytuchuang3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:44 GMT
Content-Type: image/jpeg
Content-Length: 8522
Last-Modified: Sat, 15 Oct 2022 16:29:23 GMT
Connection: keep-alive
ETag: "634adfe3-214a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.lytuchuang3.com/upload/vod/20221023-1/659fa6d4c663c609072d37572da6a74f.jpg
154.12.54.82200 OK 6.7 kB URL HTTP/1.1 img.lytuchuang3.com/upload/vod/20221023-1/659fa6d4c663c609072d37572da6a74f.jpg
IP 154.12.54.82:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 832x831, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 240x320, components 3\012- data
Hash 78d02cea27604e99ba2b87bcdddaa0ac
32db9377a3ad897fd08c6130402a7a70cc3d9309
b7d12fe611caf61b41cb8437eb8f2f08cc7500ee9d13e339b1b3e2a8397e5981
GET /upload/vod/20221023-1/659fa6d4c663c609072d37572da6a74f.jpg HTTP/1.1
Host: img.lytuchuang3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:31:44 GMT
Content-Type: image/jpeg
Content-Length: 6716
Last-Modified: Sat, 22 Oct 2022 16:10:04 GMT
Connection: keep-alive
ETag: "635415dc-1a3c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
nztyy.live/favicon.ico
188.114.97.1200 OK 0 B IP 188.114.97.1:0
GET /favicon.ico HTTP/1.1
Host: nztyy.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: text/html;charset=UTF-8
cache-control: max-age=14400
cf-cache-status: HIT
age: 7113
last-modified: Tue, 17 Jan 2023 10:33:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O18tZ29gXqZ%2FNUz2aWkCFQH6xv07QtFi39MRFW5epf29xAt0kcKEZV0x1stkLlAGSKe0CM08tE%2Fmi8ANHrEQtV9rBE39s8AX3WrjbH9Xb0yp76CS6VEfROMGYfax"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c000970b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai1.xyz/videos/67937/n-1//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai1.xyz/videos/67937/n-1//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai1.xyz/videos/67937/n-1//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai1.xyz/videos/67937/n-1//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/04/af/b59037, lfm-1-2670, lmd-2670, lud-199433, xfvlen-2032386, fsize-1310870, played-2057
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai1.xyz/videos/67937/n-1//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai1.xyz/videos/67937/n-1//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKKkxyr1fnAH3jTCiEqbz%2BTEVe%2FUioivmpYnFVGeW%2FToLuFq4qVEv%2B%2Bq9m1JtzZ8nL5FgVAxC71jywq9cpfmz2x%2FWvSf8Rlp9kcpudtjXEbnSo95XSOZFOMm0kIYb%2FFJsdI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05dce675e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
18j.tv/
188.114.96.1403 Forbidden 0 B IP 188.114.96.1:0
GET / HTTP/1.1
Host: 18j.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch%2Bh4vgnzveaEKpnivZVOc2xbC8jNOKWsbN60eCtET1NQ4kbwDjHorkIbWDKwwRgWXgUJSA42oPpV975cSC5Rf5qLPzRAmzL3E64t7aSCJGwl1lckQLLIlM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c0849adb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
porno-erotika.ru/favicon.ico
104.21.26.75301 Moved Permanently 0 B URL HTTP/2 porno-erotika.ru/favicon.ico
IP 104.21.26.75:0
GET /favicon.ico HTTP/1.1
Host: porno-erotika.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: text/html; charset=iso-8859-1
location: https://porno-tumblr.ru/favicon.ico
cache-control: max-age=14400
expires: Tue, 17 Jan 2023 12:31:41 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7HXIQruv1i2lgGbMPKCO5AwyrPqY1qxtjNJwh8DQDNPLKj4plh3u3zTeGcjZCUcSX7zuXa0FXY9Mc%2FCu%2BNRWm85nDRLDAJZl9XSquBT7CfVXAPYhW6HT8z9yNuj3fSUDi%2Bs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bfbfbe40b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai.xyz/videos/8261/edfde36c06b6543c986b63c77ab819d8//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai.xyz/videos/8261/edfde36c06b6543c986b63c77ab819d8//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai.xyz/videos/8261/edfde36c06b6543c986b63c77ab819d8//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai.xyz/videos/8261/edfde36c06b6543c986b63c77ab819d8//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/97/a0/067864, lfm-1-1305, lmd-1305, lud-654072, xfvlen-1603780, fsize-557550, played-174
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai.xyz/videos/8261/edfde36c06b6543c986b63c77ab819d8//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai.xyz/videos/8261/edfde36c06b6543c986b63c77ab819d8//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r55dYP1SCf8em9WT1h%2FOU8DMdwQSZu%2FocKz%2FKTkIrTFICVvMuyOzZ3DHVUH4S4y9nf3UW4wifhwKI39J2Z0AReEb3pw6d%2FNcw%2Fr1f8nuHOdUrOt7rmtDK%2F0JKp27a%2BZY46o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05bcbe75e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai.xyz/videos/6813/fc2ppv-1220686-b-part2/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai.xyz/videos/6813/fc2ppv-1220686-b-part2/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai.xyz/videos/6813/fc2ppv-1220686-b-part2/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai.xyz/videos/6813/fc2ppv-1220686-b-part2/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/98/a5/5aac53, lfm-1-54367, lmd-54367, lud-220367, xfvlen-1757903, fsize-584655, played-203
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai.xyz/videos/6813/fc2ppv-1220686-b-part2/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai.xyz/videos/6813/fc2ppv-1220686-b-part2/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 47758
last-modified: Mon, 16 Jan 2023 23:15:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0kELuxAtuS2BMChxCyUanFczQ93SNLwI7JIc8ZxTG8G4G6NlRfy9NWVD%2FJlYAGXUlWuC1MT58FtKxYC1JrlW6Ky8PJqggGE%2F3D6Q0letZYF5nXxVAARFS1jeUErPW9LwpE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c077e7075e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.lasp1.com/favicon.ico
104.21.30.181301 Moved Permanently 0 B URL HTTP/2 www.lasp1.com/favicon.ico
IP 104.21.30.181:0
GET /favicon.ico HTTP/1.1
Host: www.lasp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 17 Jan 2023 12:31:42 GMT
location: http://www.liaoai1.xyz/favicon.ico
cache-control: max-age=3600
expires: Tue, 17 Jan 2023 13:31:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=js2EyhYfcrJaXrm%2Fy1m0t12rO%2BobWA2eev4jIGVVtIEELwnjnd6vCkrvS%2FmAeFy9UqWgsDYylSUvtW8qmxO7ZtXIZ9g6q1yobz7xsTVq3dXMBcow2i3qcld8ICeM8oGi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c0178090b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai.xyz/videos/2144/e175cd5f9def245efcc7cbb56fc0e02c//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai.xyz/videos/2144/e175cd5f9def245efcc7cbb56fc0e02c//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai.xyz/videos/2144/e175cd5f9def245efcc7cbb56fc0e02c//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai.xyz/videos/2144/e175cd5f9def245efcc7cbb56fc0e02c//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/76/01/9e, lfm-7-65887, lmd-65887, lud-765703, xfvlen-296972, fsize-234593, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai.xyz/videos/2144/e175cd5f9def245efcc7cbb56fc0e02c//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai.xyz/videos/2144/e175cd5f9def245efcc7cbb56fc0e02c//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akeQIo80fdWQhOBWYVG6Bceom%2BtGShvIqxHBOLdNvbhSF77qi79wAM%2Ff6KOQK04NV78EpCh3GZO54%2Fpmwkl%2Fz42MfKuSOED6G%2F8sdjuYXzbj2KLulmqh3BB0E4dr0IFkIkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05dcea75e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.lasp1.com/videos/37164/423becd567234904b3f4dd4f1b08f146//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.lasp1.com/videos/37164/423becd567234904b3f4dd4f1b08f146//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.lasp1.com/videos/37164/423becd567234904b3f4dd4f1b08f146//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.lasp1.com/videos/37164/423becd567234904b3f4dd4f1b08f146//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/55/05/678764, lfm-1-7621, lmd-7621, lud-2031861, xfvlen-3074080, fsize-1302424, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.lasp1.com/videos/37164/423becd567234904b3f4dd4f1b08f146//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.lasp1.com/videos/37164/423becd567234904b3f4dd4f1b08f146//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZkzNx91GPtldjQUCvbg3a5YPoJ9gld5uYM4yAbDjwsHHCHWWi38gx%2Bgq6NhwMcAoNnRjcwx7TF%2BwiFqZ77T3u148lJ9eyLZSiiUB38vXhIIDXM9eBChCHSmJck7GkFzQik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05dce975e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.qzsp13.com/favicon.ico
172.67.213.121200 OK 0 B URL HTTP/2 www.qzsp13.com/favicon.ico
IP 172.67.213.121:0
GET /favicon.ico HTTP/1.1
Host: www.qzsp13.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/x-icon
last-modified: Tue, 15 Oct 2019 08:22:35 GMT
etag: W/"5da581cb-423e"
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 7180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7Goz64e%2FuA4WDi41OUc4LtDi9w2b7mfhW3p%2FzTH1fpFwcjtadxGdQETr0y3CH4dWBPiij3dO%2FBPsf5ACIKJ2Un1Cj8Cyriy57RRxBI2B%2FqONCQUeMZ%2FzMQ5Fuxsdj1thA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bfe5d91fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bbaviu.com/favicon.ico
188.114.96.1403 Forbidden 0 B IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: bbaviu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zsq9VySDkjtzNXS8ixHB%2F3z6UnQMhvua7TYiN9EEEsf2D%2FU55O2JGsN8%2Bn8fSglAjEnh%2FuFsi3duQ9bmW0Of5NREhOh5Vj6x1F9z41xBQ3ZSB%2BE%2B0MKvXimLA0Er"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c02abe5b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai.xyz/videos/20313/0f2731498b39827ae9d20dcaa1c10cdd/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai.xyz/videos/20313/0f2731498b39827ae9d20dcaa1c10cdd/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai.xyz/videos/20313/0f2731498b39827ae9d20dcaa1c10cdd/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai.xyz/videos/20313/0f2731498b39827ae9d20dcaa1c10cdd/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo4/15/2e/769a64, lfm-1-2214, lmd-2214, lud-326422, xfvlen-1335670, fsize-630228, played-7
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai.xyz/videos/20313/0f2731498b39827ae9d20dcaa1c10cdd/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai.xyz/videos/20313/0f2731498b39827ae9d20dcaa1c10cdd/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 118629
last-modified: Mon, 16 Jan 2023 03:34:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mpJZplGOt4xA7yPHTsGtXizpOwG5dXzdUNAgUEH9tw8hxhNAfmlGdbZIK3PtjeKP5rno5fF%2F%2F4lGlSF5CjxUqXrq5c1MpPKz3kKn3GY%2Bs775ZMUYiKkBvkhNTI7h3Wmytc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05dcec75e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai2.xyz/videos/114143/e07499379a88b20ebdb7a877678a7c0c/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai2.xyz/videos/114143/e07499379a88b20ebdb7a877678a7c0c/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai2.xyz/videos/114143/e07499379a88b20ebdb7a877678a7c0c/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai2.xyz/videos/114143/e07499379a88b20ebdb7a877678a7c0c/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/25/45/d21766, lfm-1-567, lmd-568, lud-74568, xfvlen-2409523, fsize-424522, played-8
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai2.xyz/videos/114143/e07499379a88b20ebdb7a877678a7c0c/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai2.xyz/videos/114143/e07499379a88b20ebdb7a877678a7c0c/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFyw9RV69EVlXgNy29fkdIwkV8SvcQPStA4MLTpCveZ5BvYrSh15H4nA%2BzL5xMfJf96Gu9DA6WKu8Tjdsy4iTxYMgkvHi0pouO7FH%2BL%2BmQxid9XrmCe7EoQfbyDF7HCu71I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c077e7375e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.1pondo.tv/moviepages/1866486_350/images/str.jpg
140.174.0.175302 Found : Moved Temporarily 0 B URL HTTP/1.1 www.1pondo.tv/moviepages/1866486_350/images/str.jpg
IP 140.174.0.175:0
ASN #30212 HYPERMEDIA-SYSTEMS
GET /moviepages/1866486_350/images/str.jpg HTTP/1.1
Host: www.1pondo.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 302 Found : Moved Temporarily
Location: https://www.1pondo.tv/moviepages/1866486_350/images/str.jpg
Connection: close
Cache-Control: no-cache
Pragma: no-cache
69dv.com/favicon.ico
104.21.88.134200 OK 0 B IP 104.21.88.134:0
GET /favicon.ico HTTP/1.1
Host: 69dv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/x-icon
last-modified: Wed, 28 Mar 2018 12:44:39 GMT
etag: W/"5abb8e37-311a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPSTyzmnHlgg3kwq0acI4cWo7cscVlLnqrohaCZShXNGhFH5gTEtuZ%2FR3UfW5xfcXH8PdBM%2FesOEBsyRZLj0vIV5rjVvbOXdDNPOl3rdlxGQ0Msr5tb6ZzUITw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c0259050b59-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.appav1.xyz/favicon.ico
172.67.158.182200 OK 0 B URL HTTP/2 www.appav1.xyz/favicon.ico
IP 172.67.158.182:0
GET /favicon.ico HTTP/1.1
Host: www.appav1.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5546
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7H6vEMOdhZJ9mQB%2FEWzo5Bx6lWljXrS%2B4BAq82MI%2Bjz%2B5VmH1O85rojT7wL%2BYlnRwEf%2F%2BnmwR5q1Diu1%2FTD0LMvasJzI70lS51E3mNJJO7ivLYRbhUs3Lowu%2F%2Fbd9KZrmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c0299e40b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hentaiprn.com/favicon.ico
188.114.96.1302 Found 0 B URL HTTP/2 hentaiprn.com/favicon.ico
IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: hentaiprn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
location: https://hentaiprn.com/wp-content/uploads/2021/07/favicon-32x32-1.png
cf-edge-cache: cache, platform=WordPress
link: <https://hentaiprn.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpowbUqemLrg%2BXHpmQV36w8eIEenl%2FsY3oyfwXrJpqoiJF1Wkx7Lrfh8TMdXNnf08Jll5ZnwMPnQiUEcagw5cUVeu%2BRxMiCJQiWFRNrUEd0j4x8ZU6T1S2B7Iaq7Hssy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c051c240b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
172.67.133.62200 OK 0 B URL HTTP/2 cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
IP 172.67.133.62:0
GET /videojs-hotkeys/latest/videojs.hotkeys.min.js HTTP/1.1
Host: cdn.sc.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:37 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 02:39:12 GMT
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3YUDPWaHzkEI7ddgRIIg%2B%2FX0VvQSKvqtXXxYHEhntdIPHRmQYA5j%2B6RLOuXIPUC%2BCIPDDBwrpi61HCMBWFz8wiWAsPqSez8P8ysabxGYbhGLD2egLHKgQmXni0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1be418400af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.javwind.com/favicon.ico
172.67.155.113200 OK 0 B URL HTTP/2 www.javwind.com/favicon.ico
IP 172.67.155.113:0
GET /favicon.ico HTTP/1.1
Host: www.javwind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/x-icon
etag: W/"62f9d6a3-423e"
access-control-allow-origin: *
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
expires: Wed, 18 Jan 2023 00:30:00 GMT
cache-control: max-age=14400
x-served-by: www.javwind.com
cf-cache-status: HIT
age: 43241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMJ1Cz0hu1Bjw2HKjFqXSJk5J9GoZinyOkZoQdyJve844uuNXIXNoaVxImNi5PBjWmcyFC9cKjkOOOI1OMJlAfsQlYJbPBhex9OH397xG2oPGNDZ6a%2BkmoExvwdJ2Hv%2BRgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bfc2aecfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/://www.liaoai.xyz/videos/18171/e9b70f911648efb5c57e414e0131b03f//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/://www.liaoai.xyz/videos/18171/e9b70f911648efb5c57e414e0131b03f//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/://www.liaoai.xyz/videos/18171/e9b70f911648efb5c57e414e0131b03f//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/://www.liaoai.xyz/videos/18171/e9b70f911648efb5c57e414e0131b03f//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/f2/18/8b1164, lfm-1-1080, lmd-1080, lud-370091, xfvlen-2261040, fsize-496893, played-4
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/://www.liaoai.xyz/videos/18171/e9b70f911648efb5c57e414e0131b03f//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/://www.liaoai.xyz/videos/18171/e9b70f911648efb5c57e414e0131b03f//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrU4X1%2BiW57ON9tnAv%2FIv7pcs9zl%2F4acR4ow%2FQVYSBGU6shJEDRYYMqHRpIjwIBcrvn0HwwuiOwCGyRHbn38zKdwXlZILmLfPXkl5r7TYZs9tDcyOiesUwgGTe44QSzM4Gk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05bcbf75e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.secret-av.com/
104.21.60.160200 OK 0 B IP 104.21.60.160:0
GET / HTTP/1.1
Host: www.secret-av.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html;charset=utf-8
x-powered-by: PHP/7.0.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=12f903cd18fbfb8537506e59dead9561; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpcRJESXjSWeEbbI2C151XzKT9VCMh1z7YudnDQHs7XMhyN%2BWXPtIdKZrrvsM487%2Bwjy47%2Bm9%2FbCzokKk16QleYftQANjnw4Yj9S7awrqbbPRuvOQilPMZ%2BUIDa380kBabKXCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05afb8b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/videojs-flash/dist/videojs-flash.js
104.16.125.175302 Found 0 B URL HTTP/2 unpkg.com/videojs-flash/dist/videojs-flash.js
IP 104.16.125.175:0
GET /videojs-flash/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 17 Jan 2023 12:31:37 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-flash@2.2.1/dist/videojs-flash.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GPZVDAPSVQ9NS3N0RZV1HC40-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78af1be46d88b4eb-OSL
X-Firefox-Spdy: h2
aipaw2.xyz/favicon.ico
104.21.61.78301 Moved Permanently 0 B IP 104.21.61.78:0
GET /favicon.ico HTTP/1.1
Host: aipaw2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 17 Jan 2023 12:31:42 GMT
location: http://18j.tv
cache-control: max-age=3600
expires: Tue, 17 Jan 2023 13:31:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xCnAAYR%2FCpu0b9QbQqmc6R54nRkU1%2BazH8BHEOigUx9wEYK3gOlF4G3xKV9RhggQOIk%2B%2BrOskg25EQ70sxAGuNMxnFeQgXsJK%2BRai8LSmANaBb07cGsCJr25rp%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c03d8740af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
manymv.com/favicon.ico
104.21.82.199200 OK 0 B IP 104.21.82.199:0
GET /favicon.ico HTTP/1.1
Host: manymv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/x-icon
last-modified: Mon, 03 Jan 2022 19:58:34 GMT
etag: W/"61d3556a-3c2e"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6860
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uc5wju7l5%2BdWyXmAgHLx6bQ0YIndBKn4pKTp%2Bdp4563b%2B1oWySw74iJnFAGoL2q62Sv2M9o7xvuhDSdJ%2F6zfYEaBdEVh3oKNHasdvwpiLUDfH8kQhjqIEnzVx7tJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c0499f0fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hsex.men/favicon.ico
172.67.161.155200 OK 0 B IP 172.67.161.155:0
GET /favicon.ico HTTP/1.1
Host: hsex.men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/x-icon
last-modified: Sun, 07 Aug 2022 04:36:27 GMT
etag: W/"62ef414b-423e"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 3865
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nt8bGTyy%2F8wkoweqgLFLAirnnnv8mGu2ih3mQ4j%2F8Sj7phFhweLeZZEeC3UXkYIuF4smMT%2BpGSTm6KT3lGL44a%2FMpL%2BKH7cNV0nBLEQulq13XQ%2BmCK1S9YjdjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c0518d1b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ifreshporn.com/favicon.ico
46.229.174.195404 Not Found 0 B URL HTTP/2 www.ifreshporn.com/favicon.ico
IP 46.229.174.195:0
ASN #39572 DataWeb Global Group B.V.
GET /favicon.ico HTTP/1.1
Host: www.ifreshporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: openresty
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
thepervs.com/thumbs/32219.jpg
104.21.25.105403 Forbidden 0 B URL HTTP/2 thepervs.com/thumbs/32219.jpg
IP 104.21.25.105:0
GET /thumbs/32219.jpg HTTP/1.1
Host: thepervs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1D4xapw0U8rlC%2B3ySe0shSW2JdENL%2FZ7Xo0sInNZRct0uEV4oCTRd7jctCCQhEU6lAqIlkKVh%2F79ADnGl0dAUYUwGwqJv76jCw3cWrKDmJtddjIfJ%2FOV75TY6b3WPHk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bfa1db70af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.kapp66.com/favicon.ico
104.21.20.160200 OK 0 B URL HTTP/2 www.kapp66.com/favicon.ico
IP 104.21.20.160:0
GET /favicon.ico HTTP/1.1
Host: www.kapp66.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/x-icon
last-modified: Tue, 15 Oct 2019 08:22:35 GMT
etag: W/"5da581cb-423e"
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 365
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N97uqMLh5CteZSZd9bZytF2Un5xyC64iQEm3Vv0zii2qPLih50RMajSRM%2Fk6rd%2FbdYF%2FV5oFXQDyenIg2%2BGWrb2pq1S2OL%2FeUaIyJ%2FtentBL4B66YFRpGI%2BVSCuPo20aGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bfbdfc1fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
yavtube.com/favicon.ico
104.21.233.215200 OK 0 B IP 104.21.233.215:0
GET /favicon.ico HTTP/1.1
Host: yavtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/x-icon
last-modified: Fri, 15 Oct 2021 07:28:16 GMT
etag: W/"61692d90-81d"
cf-cache-status: HIT
age: 209
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJoMRsFH4C%2F%2Fl7YxuJbzsfsARPMes6RK6j%2BaqX6teDrm61725kScJVliCtkFPmAVC9e8pCmdwJsCej0P7kQYcXkDaWIxJWLlkvMEpnzvl2T7OM1D%2FHdNgGqB5XYrYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78af1bfc1b4edc7b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dxyav.co/favicon.ico
173.249.63.227404 Not Found 0 B IP 173.249.63.227:0
GET /favicon.ico HTTP/1.1
Host: dxyav.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: openresty
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2
appav.site/favicon.ico
188.114.96.1200 OK 0 B IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: appav.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4529
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=839g%2BPMBZHx1FUyzYRjyqIbYdpQGcL6Y43dyLqdoshH0VFqs4yARTW5R5G4dpraZqVr039aHmt%2BEkwGzflT3ujdT2nJP1fnQYlr39nz6KFRRInZeESIW34%2Bd9PSo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c0308d40b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
appav.live/favicon.ico
91.195.240.12403 Forbidden 0 B IP 91.195.240.12:0
GET /favicon.ico HTTP/1.1
Host: appav.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-encoding: gzip
content-type: text/html
date: Tue, 17 Jan 2023 12:31:42 GMT
server: NginX
vary: Accept-Encoding
X-Firefox-Spdy: h2
avactress.eroline.link/favicon.ico
162.43.116.17403 Forbidden 0 B URL HTTP/2 avactress.eroline.link/favicon.ico
IP 162.43.116.17:0
GET /favicon.ico HTTP/1.1
Host: avactress.eroline.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Mon, 27 Sep 2021 09:02:13 GMT
etag: W/"b1b-5ccf65a586ac5"
content-encoding: br
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai.xyz/videos/79397/0f2731498b39828ae9d20dcaa1c10cdd/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai.xyz/videos/79397/0f2731498b39828ae9d20dcaa1c10cdd/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai.xyz/videos/79397/0f2731498b39828ae9d20dcaa1c10cdd/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai.xyz/videos/79397/0f2731498b39828ae9d20dcaa1c10cdd/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/c8/90/6d7e64, lfm-1-7294, lmd-7294, lud-83699, xfvlen-1761579, fsize-678051, played-15
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai.xyz/videos/79397/0f2731498b39828ae9d20dcaa1c10cdd/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai.xyz/videos/79397/0f2731498b39828ae9d20dcaa1c10cdd/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FsXUuGJzFYmGMmId7wntPrlrkYvRCrVNrxU7OahXmjraktpOZNCJY%2Bfk%2B6GIhbtYWX%2BHrbwos44hxH39rR%2BkhutNA27AGq25HVUMMXLOzL1UjFK%2BmwqqIBBJnCtTG3Y5D4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05bcb875e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e857f5175c.e954669112.com/0468b4a57d6c9574093fcab3d8d74605/23782?version_name=d
45.133.44.25200 OK 0 B URL HTTP/2 e857f5175c.e954669112.com/0468b4a57d6c9574093fcab3d8d74605/23782?version_name=d
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /0468b4a57d6c9574093fcab3d8d74605/23782?version_name=d HTTP/1.1
Host: e857f5175c.e954669112.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Tue, 17 Jan 2023 12:36:42 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
amojb.com/favicon.ico
173.249.199.53404 Not Found 0 B IP 173.249.199.53:0
GET /favicon.ico HTTP/1.1
Host: amojb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=meiqgku0u34247cr6smmihsfb1; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
static6.s9c.xyz/videos/45f6ca65e30a9b5125b9f03978714478eb247865/cover/5_505_259?u_c_i_t=1
172.67.134.242200 OK 0 B URL HTTP/2 static6.s9c.xyz/videos/45f6ca65e30a9b5125b9f03978714478eb247865/cover/5_505_259?u_c_i_t=1
IP 172.67.134.242:0
GET /videos/45f6ca65e30a9b5125b9f03978714478eb247865/cover/5_505_259?u_c_i_t=1 HTTP/1.1
Host: static6.s9c.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpg
last-modified: Sat, 30 Apr 2022 11:31:28 GMT
vary: Accept-Encoding
etag: W/"626d1e10-20e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cf-cache-status: HIT
age: 2249374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQZ0UdHf2VRbc07JgRWqBre77QEH77Dyj4tZpSnZfbTVhLODI3UuodAsfGGFJvC0Xn2ZBvXydItpxqj74uY5e4WDcZ7Qlpd%2FI4vX31%2FKUqn7bXxM0M6Hc1YB6D%2FeR5vcCD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1bf62be7b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai1.xyz/videos/12574/1pondo-102619-920/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai1.xyz/videos/12574/1pondo-102619-920/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai1.xyz/videos/12574/1pondo-102619-920/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai1.xyz/videos/12574/1pondo-102619-920/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/21/53/848a50, lfm-1-176, lmd-176, lud-2512167, xfvlen-1307250, fsize-397887, played-5
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai1.xyz/videos/12574/1pondo-102619-920/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai1.xyz/videos/12574/1pondo-102619-920/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koZ07y8yRfxLCGJVCQdnVk4EgvQEmStyjEhvWuFMJGul%2FEeONCS5tb4SNzM248%2BLVpnx3MboP8TFnbGWZ%2FYcMlZBYYCM8rnsezJmbMEahVQI0n2QQ0ca8zM4rRgwY79e9fQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c077e7475e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
iv-videos.com/favicon.ico
172.67.70.25200 OK 0 B URL HTTP/2 iv-videos.com/favicon.ico
IP 172.67.70.25:0
GET /favicon.ico HTTP/1.1
Host: iv-videos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 08 Mar 2016 01:50:17 GMT
etag: W/"5c07d4-1b006-52d7fcd9c3e70"
cache-control: max-age=14400
expires: Tue, 17 Jan 2023 12:41:42 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbHYUd8cGkk%2BtKbszi7%2F0GlI4TQuKKvc%2FeFZEzQaPZ65%2Fnacskfeu8KSEHvQH7WNPFczoEaFgHtw5T4kuBt6aKQut%2Bta8vqKFIfFb0c4siqpXV67zL5YJ5waM4zHYDE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1bfe4d6db4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
av.anaru.cyou/favicon.ico
172.67.153.184200 OK 0 B URL HTTP/2 av.anaru.cyou/favicon.ico
IP 172.67.153.184:0
GET /favicon.ico HTTP/1.1
Host: av.anaru.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-av.anaru.cyou127.0.0.1-myhost-av.anaru.cyou127.0.0.1/favicon.ico
phost: av.anaru.cyou
line1066: notjp--myhost-av.anaru.cyou-filteron-
line2430: notjp-/favicon.ico-myhost-av.anaru.cyou-filteron-
cache-control: public, max-age=19650
access-control-allow-origin: *
x-proxy-cache-5950: EXPIRED
xkey-5950: av.anaru.cyou/favicon.ico--av.anaru.cyou-av.anaru.cyou-cacpdo0---yes
x-proxy-cache-g-jp: HIT
xkey-g-jp2: av.anaru.cyou/favicon.ico--av.anaru.cyou--my_zone
cf-cache-status: HIT
age: 199
last-modified: Tue, 17 Jan 2023 12:28:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UukhetCd8oyhF9qhKduXkdtuZGPUBFPVaggu2iboUhb33QCvv2g5fNhGFE5dWFrUs6oPoDByeWBbDRQhjOPdOgNn7g2DzEpEcPJimtpS5jbcLYG4wvZuQa8KxZDldciZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c051c880b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/://www.liaoai.xyz/videos/14237/fc2ppv-791678-sex-s-loli//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/://www.liaoai.xyz/videos/14237/fc2ppv-791678-sex-s-loli//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/://www.liaoai.xyz/videos/14237/fc2ppv-791678-sex-s-loli//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/://www.liaoai.xyz/videos/14237/fc2ppv-791678-sex-s-loli//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/f4/cc/5af256, lfm-1-3019, lmd-3019, lud-106888, xfvlen-1505107, fsize-629748, played-176
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/://www.liaoai.xyz/videos/14237/fc2ppv-791678-sex-s-loli//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/://www.liaoai.xyz/videos/14237/fc2ppv-791678-sex-s-loli//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQpTGIUS340lhMzwcw5f3B6Hf65%2BWbziwr9NAvSA3593vyns0qa%2Frg6mGLWN8IZR%2Fvu73cpH5%2Bb4wFGLFgeJaRFCNqxoCreS3BV7el3BZ0Kn72bcpIRDuDpiXHaZckRFZM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05bcc075e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
porno-erotika.ru/video/devki-v-plyazhnoj-kabinke-bez-trusov.jpg
104.21.26.75301 Moved Permanently 0 B URL HTTP/2 porno-erotika.ru/video/devki-v-plyazhnoj-kabinke-bez-trusov.jpg
IP 104.21.26.75:0
GET /video/devki-v-plyazhnoj-kabinke-bez-trusov.jpg HTTP/1.1
Host: porno-erotika.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: text/html; charset=iso-8859-1
location: https://porno-tumblr.ru/video/devki-v-plyazhnoj-kabinke-bez-trusov.jpg
cache-control: max-age=14400
expires: Tue, 17 Jan 2023 12:31:41 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWpCSf978szKMztjIo11d62%2B97GFiu3VOoBGNVg7wdviT%2BEiIMFQI%2Fq9ir9zet5Q6xjCBKfCcwu5hCsIBJnf3qcIbUMYdm0q6qlHepNj856H%2Fc%2Fz0Hr%2BNc%2FPi%2FQ%2FxDlpNriJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bf939340b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2beeg.me/favicon.ico
172.67.189.212200 OK 0 B IP 172.67.189.212:0
GET /favicon.ico HTTP/1.1
Host: 2beeg.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:41 GMT
content-type: image/x-icon
last-modified: Thu, 23 Jan 2020 20:02:04 GMT
etag: W/"5e29fbbc-47e"
expires: Wed, 18 Jan 2023 00:09:36 GMT
cache-control: max-age=259200
cf-cache-status: HIT
age: 217324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6i%2F%2BKsMV%2BMLOHEADtnfvEWHMtwKwbSNHPJmlzradbq7FCOadeRMT2rNTJzBvuIZ8ayzWKcjgHUOXp94bwxhNsJIBFOQOYTLuyTScll%2BbbBPjLm7koJNabzEP8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1bfdad04b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
6nkn.com/favicon.ico
188.114.97.1520 No Reason Phrase 0 B IP 188.114.97.1:0
GET /favicon.ico HTTP/1.1
Host: 6nkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 520 No Reason Phrase
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_use_ob=0; path=/; expires=Tue, 17-Jan-23 12:32:12 GMT
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 78af1c03be6efac8-OSL
server: cloudflare
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai1.xyz/videos/2903/b3426c1f55ec1c0bce3742fc2014287b//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai1.xyz/videos/2903/b3426c1f55ec1c0bce3742fc2014287b//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai1.xyz/videos/2903/b3426c1f55ec1c0bce3742fc2014287b//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai1.xyz/videos/2903/b3426c1f55ec1c0bce3742fc2014287b//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/53/6a/02e265, lfm-1-6497, lmd-6497, lud-439376, xfvlen-2672567, fsize-511496, played-187
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai1.xyz/videos/2903/b3426c1f55ec1c0bce3742fc2014287b//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai1.xyz/videos/2903/b3426c1f55ec1c0bce3742fc2014287b//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 47759
last-modified: Mon, 16 Jan 2023 23:15:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofdrxjFjOAFTm%2BAL%2B%2F1jcv7vlJnv2%2FEQqQpL1NPotWpNQ%2Fz2BWWEn9aneTsAv9Lpy7xZzhkfS8PT0Ad1Qicl7evno9gxFBkx4StJtQBSMSRohFUjFY46Yvh2KQq74%2F2r%2B3Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05dce875e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fwww.liaoai3.xyz%2Fvideos%2F114058%2Fd747e78e2f69b1a01d10ee75591e3c53%2Ftitle%2F%25E3%2580%2590%25E7%25BD%2591%25E6%259B%259D%25E9%2597%25A8%25E3%2580%2591%25E6%25B2%25B3%25E5%258D%2597%25E7%25A6%25BD%25E5%2585%25BD%25E7%2588%25B6%25E4%25BA%25B2%25E5%25B1%2585%25E7%2584%25B6%25E5%25AF%25B9%25E4%25B8%25A4%25E4%25B8%25AA%25E4%25BA%25B2%25E5%25A5%25B3%25E5%2584%25BF%25E4%25B8%258B%25E6%2589%258B%25EF%25BC%2581%25E5%2585%25B6%25E4%25B8%25AD%25E4%25B8%2580%25E4%25B8%25AA%25E5%25A5%25B3%25E5%2584%25BF%25E8%25BF%2598%25E5%25B8%25AE%25E5%25BF%2599%25E5%25BD%2595%25E5%2583%258F%25EF%25BC%2581-%25E8%2581%258A%25E7%2588%25B1%25E8%25A7%2586%25E9%25A2%2591%2520%5B20%3A42x1280p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1099861264272%3Ahid%3A1012360190%3Az%3A0%3Ai%3A20230117123137%3Aet%3A1673958697%3Ac%3A1%3Arn%3A29391509%3Arqn%3A1%3Au%3A167395869793887736%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A126%2C263%2C262%2C1%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673958695642%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673958697%3At%3A%E6%89%BE%E4%B8%8D%E5%88%B0%E7%BD%91%E9%A1%B5-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fwww.liaoai3.xyz%2Fvideos%2F114058%2Fd747e78e2f69b1a01d10ee75591e3c53%2Ftitle%2F%25E3%2580%2590%25E7%25BD%2591%25E6%259B%259D%25E9%2597%25A8%25E3%2580%2591%25E6%25B2%25B3%25E5%258D%2597%25E7%25A6%25BD%25E5%2585%25BD%25E7%2588%25B6%25E4%25BA%25B2%25E5%25B1%2585%25E7%2584%25B6%25E5%25AF%25B9%25E4%25B8%25A4%25E4%25B8%25AA%25E4%25BA%25B2%25E5%25A5%25B3%25E5%2584%25BF%25E4%25B8%258B%25E6%2589%258B%25EF%25BC%2581%25E5%2585%25B6%25E4%25B8%25AD%25E4%25B8%2580%25E4%25B8%25AA%25E5%25A5%25B3%25E5%2584%25BF%25E8%25BF%2598%25E5%25B8%25AE%25E5%25BF%2599%25E5%25BD%2595%25E5%2583%258F%25EF%25BC%2581-%25E8%2581%258A%25E7%2588%25B1%25E8%25A7%2586%25E9%25A2%2591%2520%5B20%3A42x1280p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1099861264272%3Ahid%3A1012360190%3Az%3A0%3Ai%3A20230117123137%3Aet%3A1673958697%3Ac%3A1%3Arn%3A29391509%3Arqn%3A1%3Au%3A167395869793887736%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A126%2C263%2C262%2C1%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673958695642%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673958697%3At%3A%E6%89%BE%E4%B8%8D%E5%88%B0%E7%BD%91%E9%A1%B5-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
GET /watch/48140495?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fwww.liaoai3.xyz%2Fvideos%2F114058%2Fd747e78e2f69b1a01d10ee75591e3c53%2Ftitle%2F%25E3%2580%2590%25E7%25BD%2591%25E6%259B%259D%25E9%2597%25A8%25E3%2580%2591%25E6%25B2%25B3%25E5%258D%2597%25E7%25A6%25BD%25E5%2585%25BD%25E7%2588%25B6%25E4%25BA%25B2%25E5%25B1%2585%25E7%2584%25B6%25E5%25AF%25B9%25E4%25B8%25A4%25E4%25B8%25AA%25E4%25BA%25B2%25E5%25A5%25B3%25E5%2584%25BF%25E4%25B8%258B%25E6%2589%258B%25EF%25BC%2581%25E5%2585%25B6%25E4%25B8%25AD%25E4%25B8%2580%25E4%25B8%25AA%25E5%25A5%25B3%25E5%2584%25BF%25E8%25BF%2598%25E5%25B8%25AE%25E5%25BF%2599%25E5%25BD%2595%25E5%2583%258F%25EF%25BC%2581-%25E8%2581%258A%25E7%2588%25B1%25E8%25A7%2586%25E9%25A2%2591%2520%5B20%3A42x1280p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1099861264272%3Ahid%3A1012360190%3Az%3A0%3Ai%3A20230117123137%3Aet%3A1673958697%3Ac%3A1%3Arn%3A29391509%3Arqn%3A1%3Au%3A167395869793887736%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A126%2C263%2C262%2C1%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673958695642%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673958697%3At%3A%E6%89%BE%E4%B8%8D%E5%88%B0%E7%BD%91%E9%A1%B5-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fwww.liaoai3.xyz%2Fvideos%2F114058%2Fd747e78e2f69b1a01d10ee75591e3c53%2Ftitle%2F%25E3%2580%2590%25E7%25BD%2591%25E6%259B%259D%25E9%2597%25A8%25E3%2580%2591%25E6%25B2%25B3%25E5%258D%2597%25E7%25A6%25BD%25E5%2585%25BD%25E7%2588%25B6%25E4%25BA%25B2%25E5%25B1%2585%25E7%2584%25B6%25E5%25AF%25B9%25E4%25B8%25A4%25E4%25B8%25AA%25E4%25BA%25B2%25E5%25A5%25B3%25E5%2584%25BF%25E4%25B8%258B%25E6%2589%258B%25EF%25BC%2581%25E5%2585%25B6%25E4%25B8%25AD%25E4%25B8%2580%25E4%25B8%25AA%25E5%25A5%25B3%25E5%2584%25BF%25E8%25BF%2598%25E5%25B8%25AE%25E5%25BF%2599%25E5%25BD%2595%25E5%2583%258F%25EF%25BC%2581-%25E8%2581%258A%25E7%2588%25B1%25E8%25A7%2586%25E9%25A2%2591%2520%5B20%3A42x1280p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1099861264272%3Ahid%3A1012360190%3Az%3A0%3Ai%3A20230117123137%3Aet%3A1673958697%3Ac%3A1%3Arn%3A29391509%3Arqn%3A1%3Au%3A167395869793887736%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A126%2C263%2C262%2C1%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673958695642%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673958697%3At%3A%E6%89%BE%E4%B8%8D%E5%88%B0%E7%BD%91%E9%A1%B5-%E8%81%8A%E7%88%B1%E8%A7%86%E9%A2%91&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Tue, 17 Jan 2023 12:31:37 GMT
access-control-allow-origin: http://av.co-vid.win
set-cookie: yabs-sid=357288241673958697; Path=/; SameSite=None; Secure
i=8xWszW8M84eAU7izl3P7HquBdjSwwX8JRqYkJBkVgAg7DI5uYLoWoHccVC0z7GcsyW/HzrcyziAS8/hU1lS/gHIV2LQ=; Expires=Fri, 14-Jan-2033 12:31:34 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2239513141673958697; Expires=Wed, 17-Jan-2024 12:31:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2239513141673958697; Expires=Wed, 17-Jan-2024 12:31:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705494697.yc.1673958697#1705494697.yrts.1673958697#1705494697.yrtsi.1673958697; Expires=Wed, 17-Jan-2024 12:31:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 17-Jan-2023 12:31:37 GMT
last-modified: Tue, 17-Jan-2023 12:31:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
jfgdizhi.com/favicon.ico
104.21.19.187403 Forbidden 0 B IP 104.21.19.187:0
GET /favicon.ico HTTP/1.1
Host: jfgdizhi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXaa85xMDsWRKDaYZ3IANHLdE1cxPlWcFUILe3OK4BwsJxEtra%2FkkHdoVJy1oo2s%2FmEPvDdcRq2oldxaZdgfneqUgmAcMnvLqzbe5HzrAEI%2F%2FyjOciysYcxgOwrsqyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78af1c00e994b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.248avporn.com/favicon.ico
188.114.96.1404 Not Found 0 B URL HTTP/2 www.248avporn.com/favicon.ico
IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: www.248avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 95
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZadvoCAx%2BS8%2BVZ5rW1qoFAzEcR8f%2FwbOftsHxTuY6k86OUZmUpO3%2BgsiV%2BJQ6%2FnZnlGzwiiIIWKg%2FMe8frnVZ%2BhzJlx6xw6qhl1R%2Bel%2BtfblERcyPfZLv10Iu3N7lA1nypD0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c051aeefac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai1.xyz/videos/79474/570efa59213711bcbe752ae34453c977//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai1.xyz/videos/79474/570efa59213711bcbe752ae34453c977//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai1.xyz/videos/79474/570efa59213711bcbe752ae34453c977//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai1.xyz/videos/79474/570efa59213711bcbe752ae34453c977//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/6c/6e/a47e66, lfm-1-753, lmd-753, lud-1053739, xfvlen-2405122, fsize-1355361, played-121
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://www.liaoai1.xyz/videos/79474/570efa59213711bcbe752ae34453c977//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai1.xyz/videos/79474/570efa59213711bcbe752ae34453c977//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 42534
last-modified: Tue, 17 Jan 2023 00:42:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UPAGwfjzBMFhjsvUJPKCfanvztFAMjpx%2BBH13eC31SmOTofU%2BlunbdLfG0DCnqn5WWDxx93KFu2zleWqRf2bmToix%2BdnQ2Dfwx6aHFcob1GkkYwnxo6ne%2F7ovrz7yA91Aw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05bcc175e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.yavtube.com/caribbeancom/moviepages/101108-881/images/l_l.jpg
104.21.233.215200 OK 0 B URL HTTP/2 img.yavtube.com/caribbeancom/moviepages/101108-881/images/l_l.jpg
IP 104.21.233.215:0
GET /caribbeancom/moviepages/101108-881/images/l_l.jpg HTTP/1.1
Host: img.yavtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:40 GMT
content-type: image/jpeg
vary: Accept-Encoding
x-serverid: jim.dl
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Oct 2008 20:52:41 GMT
cache-control: public, max-age=31536000
expires: Sat, 21 Jan 2023 03:48:17 GMT
x_cache: HIT
cf-cache-status: HIT
age: 2277803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrZ62BuCxbd57Gk4bTpSQ9i2UwFbzHfcthb0hhJ1oX7%2FeQ7X%2FnjAd7X9AFNp39XXr8LBiQ%2FeMsTA4G0lPyG7Z%2BGylDOROEHOPIAjkomebqEzDXWQBAdgxSWmGvUsMkGecso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78af1bf5b9a0dc7b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai3.xyz/videos/128627/98-40-54-90-2000//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai3.xyz/videos/128627/98-40-54-90-2000//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai3.xyz/videos/128627/98-40-54-90-2000//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai3.xyz/videos/128627/98-40-54-90-2000//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/d6/c2/53, lfm-1-256, lmd-256, lud-256, xfvlen-114204, fsize-17276, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai3.xyz/videos/128627/98-40-54-90-2000//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai3.xyz/videos/128627/98-40-54-90-2000//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8T%2BFu9rMZGplArdegUBU4WQvEs3jTVYyxTfZK66kgOvpaxd49WcnfD0ykDHFKMrJ3L%2BbSAHqM1WnL1cwyAYp69Qg3GcZ8p4Bm5SiBSzfdREpOjFFvr4TV%2F7hw38VhZAVPeQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05bcbd75e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.liaoai.xyz/favicon.ico
172.67.153.83301 Moved Permanently 0 B URL HTTP/2 www.liaoai.xyz/favicon.ico
IP 172.67.153.83:0
GET /favicon.ico HTTP/1.1
Host: www.liaoai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 17 Jan 2023 12:31:42 GMT
location: http://www.liaoai1.xyz/favicon.ico
cache-control: max-age=3600
expires: Tue, 17 Jan 2023 13:31:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAncET5DfpOPbT3MBkZYrGdMEoxe7NeJAn%2Fob6%2BbgboHa6gMwxRXrsMAMsKWTgifZSeoxHGzLqLA5IWec1qmboEwWFN%2BIkw%2BLqffGPY9cRUQEhxoNzWW0iGFrK8jgp0%2Biw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c017b031c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
av.dmm.monster/favicon.ico
104.21.15.225200 OK 0 B URL HTTP/2 av.dmm.monster/favicon.ico
IP 104.21.15.225:0
GET /favicon.ico HTTP/1.1
Host: av.dmm.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-av.dmm.monster127.0.0.1-myhost-av.dmm.monster127.0.0.1/favicon.ico
phost: av.dmm.monster
line1066: notjp-dmm-myhost-av.dmm.monster-filteron-
line2430: notjp-/favicon.ico-myhost-av.dmm.monster-filteron-
cache-control: public, max-age=14400
access-control-allow-origin: *
x-proxy-cache-5950: EXPIRED
xkey-5950: av.dmm.monster/favicon.ico--av.dmm.monster-av.dmm.monster-cacpdo0---yes
x-proxy-cache-gjp: HIT
xkey-g-jp: av.dmm.monster/favicon.ico--av.dmm.monster--my_zone
cf-cache-status: HIT
age: 1503
last-modified: Tue, 17 Jan 2023 12:06:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgIpU2YI0pjP6PuOqcYSEHNi2llAcv25SZCoOcspPYvN2UsZalCpdYkYJMz%2BmJZnbZvIDvANJA%2BhOOvWDNJykrYt2%2FcOe%2BGiGNKwbN5088mSVGw6tw49pQZ2gMCC1QKhjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c0519d7b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
porno-tumblr.ru/favicon.ico
188.114.96.1200 OK 0 B URL HTTP/2 porno-tumblr.ru/favicon.ico
IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: porno-tumblr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:42 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 19 Aug 2021 10:39:30 GMT
etag: W/"31d-5c9e72a72d9ad"
cache-control: public, max-age=2592000
expires: Wed, 01 Feb 2023 22:23:32 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 1260490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0eeXnhcc3yZSMmUjXNbjZD0LWeVciBuGHsHtx%2F3Y9if0tRJbGXtjcorw5AW6BcrddXd8oA0qLOUdHo1kUa%2BCyDUBLHcaSHIsLDR%2Bz4evY5bZ98WaZ%2Bomrh29HE2xSr8BEU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af1c054cac0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai1.xyz/videos/3602/ol-19//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai1.xyz/videos/3602/ol-19//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai1.xyz/videos/3602/ol-19//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai1.xyz/videos/3602/ol-19//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/ce/6b/541638, lfm-1-9606, lmd-9606, lud-1293936, xfvlen-1864138, fsize-699885, played-186
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai1.xyz/videos/3602/ol-19//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai1.xyz/videos/3602/ol-19//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEkYq8jk35FK9x2dC94LhYudlXqLxxIrREuepFlupPfy5WhziwZFWTyHIFp7JzOa5HxwdrZD7Bv6mHea2u1PuM7Fa3yVgz4OW869hxJ4Mj5rGVjLRBkdcydvGT7Xy1St9lc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05bcbc75e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.liaoai3.xyz/videos/114135/15f753f3dcd1d6641cc14e35989004b5/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.liaoai3.xyz/videos/114135/15f753f3dcd1d6641cc14e35989004b5/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.liaoai3.xyz/videos/114135/15f753f3dcd1d6641cc14e35989004b5/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:31:43 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.liaoai3.xyz/videos/114135/15f753f3dcd1d6641cc14e35989004b5/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/f0/5b/40, lfm-8-1848, lmd-1848, lud-64666, xfvlen-525340, fsize-447662, played-
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.liaoai3.xyz/videos/114135/15f753f3dcd1d6641cc14e35989004b5/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.liaoai3.xyz/videos/114135/15f753f3dcd1d6641cc14e35989004b5/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 12:31:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NEtt%2B4m01ODJn%2BlcLpSe2ENqcHQqXgpLeWsdwZoLWD%2FPCP%2BpGOHj5eew9jPFfLUj3nxXevFBL%2B06yNHlXGVM8DZdCc5Z50fKOsZuuHTKzg3kCt7QHWOmKhQst6a3D02G%2BI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af1c05dceb75e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2