r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13652
Expires: Sun, 27 Nov 2022 14:27:17 GMT
Date: Sun, 27 Nov 2022 10:39:45 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2630
Cache-Control: max-age=88513
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:45 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:14:58 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 10:19:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1224
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13544
Expires: Sun, 27 Nov 2022 14:25:29 GMT
Date: Sun, 27 Nov 2022 10:39:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OV6NeA1t1doIUKZEHDs5ETltikd/HpgeFpEgS6QC15J9GqNa8SW+lneJRMIpV3TsXfd/qKG55g0=
x-amz-request-id: 2768ZG8Q49T9SWZ2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 09:44:35 GMT
age: 3310
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
av.xvideos-dl.top/v/s:/www.lxs2.xyz/videos/65867/d2309f39fba588166fc1b15e992b0eae/title/%E7%BD%91%E6%9B%9D-%E3%80%90%E7%8B%AC%E5%AE%B6%E5%B0%8F%E8%90%9D%E8%8E%89%E3%80%91%E8%B6%85%E5%AB%A9%E6%80%A7%E7%98%BE%E4%B8%AD%E5%AD%A6%E5%A5%B3%E5%AD%A9%E2%80%9D%E5%90%B4%E6%AC%A3%E7%84%B6%E2%80%9C%E7%A7%81%E6%8B%8D%E8%A7%86%E9%A2%91%E6%B5%81%E5%87%BA-%E4%B8%A4%E6%80%A7%E7%A4%BE%20[9:42x406p]
200 OK 7.8 kB URL HTTP/1.1 av.xvideos-dl.top/v/s:/www.lxs2.xyz/videos/65867/d2309f39fba588166fc1b15e992b0eae/title/%E7%BD%91%E6%9B%9D-%E3%80%90%E7%8B%AC%E5%AE%B6%E5%B0%8F%E8%90%9D%E8%8E%89%E3%80%91%E8%B6%85%E5%AB%A9%E6%80%A7%E7%98%BE%E4%B8%AD%E5%AD%A6%E5%A5%B3%E5%AD%A9%E2%80%9D%E5%90%B4%E6%AC%A3%E7%84%B6%E2%80%9C%E7%A7%81%E6%8B%8D%E8%A7%86%E9%A2%91%E6%B5%81%E5%87%BA-%E4%B8%A4%E6%80%A7%E7%A4%BE%20[9:42x406p]
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7079), with CRLF line terminators
Hash 1b607e590a77c0963f9f49f71b5c22d3
437c346747bb5c01d24d398086f6f0359cf29956
99a0793fef06c5a7aa009dabedd0dca20c4050ed53c35bfdfef0701fc09e9f63
GET /v/s:/www.lxs2.xyz/videos/65867/d2309f39fba588166fc1b15e992b0eae/title/%E7%BD%91%E6%9B%9D-%E3%80%90%E7%8B%AC%E5%AE%B6%E5%B0%8F%E8%90%9D%E8%8E%89%E3%80%91%E8%B6%85%E5%AB%A9%E6%80%A7%E7%98%BE%E4%B8%AD%E5%AD%A6%E5%A5%B3%E5%AD%A9%E2%80%9D%E5%90%B4%E6%AC%A3%E7%84%B6%E2%80%9C%E7%A7%81%E6%8B%8D%E8%A7%86%E9%A2%91%E6%B5%81%E5%87%BA-%E4%B8%A4%E6%80%A7%E7%A4%BE%20[9:42x406p] HTTP/1.1
Host: av.xvideos-dl.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 27 Nov 2022 10:39:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Host,Accept-Encoding
pdo-line8: host-av.xvideos-dl.top127.0.0.1-myhost-av.xvideos-dl.top127.0.0.1/v/s://www.lxs2.xyz/videos/65867/d2309f39fba588166fc1b15e992b0eae/title/%E7%BD%91%E6%9B%9D-%E3%80%90%E7%8B%AC%E5%AE%B6%E5%B0%8F%E8%90%9D%E8%8E%89%E3%80%91%E8%B6%85%E5%AB%A9%E6%80%A7%E7%98%BE%E4%B8%AD%E5%AD%A6%E5%A5%B3%E5%AD%A9%E2%80%9D%E5%90%B4%E6%AC%A3%E7%84%B6%E2%80%9C%E7%A7%81%E6%8B%8D%E8%A7%86%E9%A2%91%E6%B5%81%E5%87%BA-%E4%B8%A4%E6%80%A7%E7%A4%BE%20%5B9:42x406p%5D
phost: av.xvideos-dl.top
line1066: notjp--myhost-av.xvideos-dl.top-filteron-
pdo106: feedvid-, cachefileb-cacpdo9/59/83/cb1762, lfm-1-319, lmd-319, lud-9442, xfvlen-491195, fsize-125077, played-
pdophp-line408: -; cachetime- 689.01303886843; ctime- 20221127131147
line1514: method-3: ik-找不|||不到|||到网|||网页|||页-|||-两|||两性|||性社|||社|||找不到网页|||两性社找不到网页-两性社: vidlang-cn1958
line1528: method-3: ik-找不|||到网|||网页|||页-|||-两|||两性|||性社|||找不到网页|||两性社找不到网页-两性社: vidlang-cn
pdoline1599: sarray-0cn8080
pdoline1662: notjp-: fvkwcnt-1958
pdoline1666: notjp-: fvkwcnt-1958
pdo-line1950: $i-72$load-0.9890625
Cache-Control: max-age=36576, public
genre: genre=
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: HIT
Xkey-5950: av./v/s:/www.lxs2.xyz/videos/65867/d2309f39fba588166fc1b15e992b0eae-AB-av.xvideos-dl.top-av.xvideos-dl.top-cacpdo0---yes
X-Proxy-Cache-g-jp: HIT
Xkey-g-jp2: av./v/s:/www.lxs2.xyz/videos/65867/d2309f39fba588166fc1b15e992b0eae-AB-av.xvideos-dl.top--my_zone
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 10:11:12 GMT
cache-control: public,max-age=3600
age: 1713
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 061b352465462dc63eff46fa71d7c1a2
4851835923038e23eca6678ca841e58b68074c85
18ef118ff0bc0062268d1a27ed0f697ab42534dc0aaa6732a0e3112cc84eff92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3614
Cache-Control: max-age=138831
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:46 GMT
Etag: "6382aba3-116"
Expires: Tue, 29 Nov 2022 01:13:37 GMT
Last-Modified: Sun, 27 Nov 2022 00:13:23 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 061b352465462dc63eff46fa71d7c1a2
4851835923038e23eca6678ca841e58b68074c85
18ef118ff0bc0062268d1a27ed0f697ab42534dc0aaa6732a0e3112cc84eff92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3496
Cache-Control: max-age=138713
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:46 GMT
Etag: "6382aba3-116"
Expires: Tue, 29 Nov 2022 01:11:39 GMT
Last-Modified: Sun, 27 Nov 2022 00:13:23 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 471 B IP
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3237
Cache-Control: max-age=170463
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:46 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:00:49 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 278 B IP
Hash 061b352465462dc63eff46fa71d7c1a2
4851835923038e23eca6678ca841e58b68074c85
18ef118ff0bc0062268d1a27ed0f697ab42534dc0aaa6732a0e3112cc84eff92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3496
Cache-Control: max-age=138713
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:46 GMT
Etag: "6382aba3-116"
Expires: Tue, 29 Nov 2022 01:11:39 GMT
Last-Modified: Sun, 27 Nov 2022 00:13:23 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I7N/buQN/tIpMnf5OMA3Fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GNHEtt6t10k5R6uOc0x7m4BB9gs=
cacrip.nakadashi.pw/AV4.us.jpg
200 OK 8.7 kB URL HTTP/1.1 cacrip.nakadashi.pw/AV4.us.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3\012- data
Hash edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
GET /AV4.us.jpg HTTP/1.1
Host: cacrip.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:46 GMT
Content-Type: image/jpeg
Content-Length: 8741
Connection: keep-alive
ETag: "2225-5499bcea176c0"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=360000
X-Proxy-Cache-5950: HIT
Xkey-5950: cacrip./AV4.us.jpg-A-cacrip.nakadashi.pw--cacpdo0---yes
CF-Cache-Status: HIT
Age: 149454
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZVTNU7eLZkB1K%2FNApNclkvIQS9Sb3xSGuYGzhmp6pT24OpP4HAkEmFz%2F%2FiirgwA7WM0b%2FUr4musZXfeiM32nOcv%2Fnwm9yWf5X1dC%2Ba5C19wWiZGsD1sDQFOzZfGbd8AQxg%2B4Bxm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3debff2e775b-LHR
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 280 B IP
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1561
Cache-Control: max-age=123082
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:46 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 20:51:08 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
js.gazo.space/mycss/av4.css?3
200 OK 1.3 kB URL HTTP/1.1 js.gazo.space/mycss/av4.css?3
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 91947d93b00450de35830a7838c75b9e
f3cbeac747d7aaef471fa96214247686a1e43369
50d14f8c12ee897ab7e0d5279f10b937a3d06911682c0a555922b769d407899a
GET /mycss/av4.css?3 HTTP/1.1
Host: js.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
etag: W/"f05-5cc0d86532b3f"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=3600000
CF-Cache-Status: HIT
Age: 535363
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcsPUwQ7eoKul7%2FN3NG4kTFx4Xw5azCyodkDUMhS%2FxHWtXi7l0MovKn5Go7n%2BvkroRQANjyHY6aZe7vghT1SPnSEm7pNz3v6fBdnj1q1CWFT6utk01YXDl9w6cgIYLLS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3dec2f1f74b1-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
200 OK 4.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
IP
File type ASCII text, with very long lines (10613)
Hash 9653b380e66b38af571efdafa5763f0d
835aa2c117b6b3156a3b439ec302ffa268466c55
3181b9ecf39cca87ae50e71c715a2accc9787ac8655edf1d0fc5195bd688b38f
GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 26300664
expires: Fri, 17 Nov 2023 10:39:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJd5CZBkpzuLZezOKLhw5SFRR7z4iRKKl4q2Z8SqDvihAZh2nh739TsCW87Wg8nB8jBciIZ6PyYxqUKxSe7Wb0lUl80jYmoG0DogEyCtyf54XR6bGN9p6A3ue3NjduWiuBa6ayhj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 770a3dec4ea3b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1561
Cache-Control: max-age=123082
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:46 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 20:51:08 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
comments.gazo.space/comments/embed.js?37
200 OK 6.7 kB URL HTTP/1.1 comments.gazo.space/comments/embed.js?37
IP
File type ASCII text, with very long lines (14022)
Hash 352c889af2cf2163a866e7e381ae9252
dba161ee742e83c96891e1c3fa8e9a6ecd88ab55
aca3691a6709b371e3dedde66943ed3a1b9a8d2b67734123916d74c1a82e510c
Analyzer Verdict Alert fortinet Phishing
GET /comments/embed.js?37 HTTP/1.1
Host: comments.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=360000
Cf-Bgj: minify
Cf-Polished: origSize=20813
ETag: W/"514d-5e998fd344edc"
X-Proxy-Cache-Rip: HIT
XkeyRip: jcomments./comments/embed.js?37-A-comments.gazo.space--my_zone-yes
CF-Cache-Status: HIT
Age: 177854
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSqAEhalkG8aHpr5ZsdamNJYG3VifvXNc9Pczk6MCdwkPK5cLzdtKKRzecOQ1UlWryN3rtyJRbhM9OEwlM4AGVY19TMz2nbZ8bONLwP9zJ%2FXCGVwkIKnov5KRb0D%2FjFBPhT92yIX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3dec5ba276d5-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
200 OK 67 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash abdd26bf39ab05e9898e3cf1ddbd3fd9
93521bf8e710e9ec024f0e9e24441ccd81c4a6f1
06c56ad9020dc6ef1a5d0141d5c172c0029d18f2dafe0b79a84bb0c4db2aa52d
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.249.0
x-jsd-version-type: version
etag: W/"28441-HHcPD8UUl0943tDpENjh6gMs5yQ"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 27 Nov 2022 10:39:46 GMT
age: 15282
x-served-by: cache-fra-eddf8230043-FRA, cache-bma1620-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 66654
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash bf5fdd24d38c9cb97dc10395a5b7efe6
e72619385af68542a94e9ac356849b74907ab9e0
024c54cb11e79f1e7e0511a5f8551e0c88bfb46e65e0f921a8ae7038c68e6ae4
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:46 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "823B771282A11D57B2A2A376BDD8C97CE614CC21"
Expires: Sun, 27 Nov 2022 21:00:00 GMT
Last-Modified: Sun, 27 Nov 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1988
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3dec9c440b61-OSL
www.googletagmanager.com/gtag/js?id=UA-620120-3
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-620120-3
IP
File type ASCII text, with very long lines (1921)
Hash d4f073c6d2ceb5c1740072f7fc42fdc1
411e9378be4027ca87b6f6ea017122f74823e665
89a878a25a9d425d48a531d17664bab4eb7457247c0df47043b2ae7eaebc9f8d
GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 10:39:46 GMT
expires: Sun, 27 Nov 2022 10:39:46 GMT
cache-control: private, max-age=900
last-modified: Sun, 27 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43650
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jsjs.gazo.space/index.php?js=very
200 OK 60 kB URL HTTP/2 jsjs.gazo.space/index.php?js=very
IP
File type ASCII text, with no line terminators
Hash e142981ada576f30fd6a01aff363d090
a2bedb32cd905e4202444c15bdeb8823a0e3a838
4c502d5e6dc947249297ab90800d915b0eadfe2e33873c4d89f5f22eee52c597
Analyzer Verdict Alert fortinet Phishing
GET /index.php?js=very HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:46 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsjsgazospacmh--NO-rm2400cb003771024ac465ad/index.php?js=very
55nloadrate: 0.4190625
cache-control: max-age=360000, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9CHHBKrcqrpw4wzvgykUitmwH1tolU0Gva9OGEL9r5Vpz9hmLgsyv2lNkbGpzYzsGhfu3m7qacTFyNKyK9H9UpjyDFhYsiaie8J8I76P52URPO6q4AzMwZeluH%2Fr43msY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3de8ab417403-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 4c68738619a804148d1c723255009198
aa5b458f6fce0c4f4aef0623f3bf5d8c6f6cfafd
9707f3ee6320844cad2474031ec9651e771581031ca5b9d2fb21f899847b2892
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:46 GMT
Last-Modified: Sun, 27 Nov 2022 09:52:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
200 OK 1.8 kB URL HTTP/1.1 cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
IP
File type ASCII text, with very long lines (4505)
Hash 62df3c3b9c50eb48c9bdf36e310babf2
1f69b85084ccd0348dcd55fba839be4f271a591d
883898451b3b4a6a893b54c87b71fe23df90be071936330b23eb2cd6c4f49274
GET /videojs-hotkeys/latest/videojs.hotkeys.min.js HTTP/1.1
Host: cdn.sc.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 02:39:12 GMT
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 1982
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvPjWgrWPkZNz5EgXqFNjKKElXQl%2FHoSmPNYdDqFBYg6lWFRrxAXnRMWbyM1elRmZfOle2XrMxmOvx7%2F1tyBHPzcfPbWCE%2BhWaOGD407QKrzdlr1FJpbsoc%2BsbI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3deeced5b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 13f0f0dcf4ebdec2503d92185a203e63
5e9cc7bc00b3f27222b7affe4bc18060cc18a731
8da0a93a1ce9fda7643fee124ea10e7d2cd6c06f9c441748b207eb5d9f28d516
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:47 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Thu, 01 Dec 2022 08:05:36 GMT
ETag: "5e9cc7bc00b3f27222b7affe4bc18060cc18a731"
Last-Modified: Sun, 27 Nov 2022 08:05:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2328
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3deeee7d0b61-OSL
vjs.zencdn.net/7.8.2/video-js.css
200 OK 11 kB URL HTTP/2 vjs.zencdn.net/7.8.2/video-js.css
IP
File type Unicode text, UTF-8 text, with very long lines (5844)
Hash 8e0b9e4f5782827464baaa97ab90792a
25330bf40d7ad79648413156e6680a5c0de064b1
f26b66fc7b0a3f85500fe249594bfec05008ab32b33cd885a67fb588b6eb9ac5
GET /7.8.2/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 21:39:05 GMT
etag: "9d2c20f32d2509c50bdcb9239fb9b62e"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Sun, 27 Nov 2022 10:39:47 GMT
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 4614
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10723
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 61d92d948bf49dcd406ac0db56865f7a
fbad6b6fec56f97b6bcdfca57eefe54cfb1724ce
45eeecefa200f2df7feaf1738c415f902a9a1cdbeae3e0e0f282e9f87ea6058f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 858
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:47 GMT
Etag: "6381d8a5-118"
Last-Modified: Sun, 27 Nov 2022 10:25:29 GMT
Server: ECS (amb/6B74)
X-Cache: HIT
Content-Length: 279
vjs.zencdn.net/7.8.2/video.js
200 OK 420 kB URL HTTP/2 vjs.zencdn.net/7.8.2/video.js
IP
File type ASCII text, with very long lines (320)
Size 420 kB (419634 bytes)
Hash 7dbd36f0fcc384a6409db98b80a76dcc
ec256a308360d2b696d874373430c495fdd5b313
33fe4721a551fd6335c11c42d75e828acf4d15dd49de3d93d761d260b5403d47
GET /7.8.2/video.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 21:39:10 GMT
etag: "52c53a33bb2cd149f293eb14fb22505d"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Sun, 27 Nov 2022 10:39:47 GMT
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 419634
X-Firefox-Spdy: h2
mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.xvideos-dl.top%2Fv%2Fs%3A%2Fwww.lxs2.xyz%2Fvideos%2F65867%2Fd2309f39fba588166fc1b15e992b0eae%2Ftitle%2F%25E7%25BD%2591%25E6%259B%259D-%25E3%2580%2590%25E7%258B%25AC%25E5%25AE%25B6%25E5%25B0%258F%25E8%2590%259D%25E8%258E%2589%25E3%2580%2591%25E8%25B6%2585%25E5%25AB%25A9%25E6%2580%25A7%25E7%2598%25BE%25E4%25B8%25AD%25E5%25AD%25A6%25E5%25A5%25B3%25E5%25AD%25A9%25E2%2580%259D%25E5%2590%25B4%25E6%25AC%25A3%25E7%2584%25B6%25E2%2580%259C%25E7%25A7%2581%25E6%258B%258D%25E8%25A7%2586%25E9%25A2%2591%25E6%25B5%2581%25E5%2587%25BA-%25E4%25B8%25A4%25E6%2580%25A7%25E7%25A4%25BE%2520%5B9%3A42x406p%5D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A232671645779%3Ahid%3A30678917%3Az%3A0%3Ai%3A20221127103946%3Aet%3A1669545587%3Ac%3A1%3Arn%3A545968768%3Arqn%3A1%3Au%3A1669545587484595448%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C249%2C249%2C0%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Ans%3A1669545584913%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669545587%3At%3A%E6%89%BE%E4%B8%8D%E5%88%B0%E7%BD%91%E9%A1%B5-%E4%B8%A4%E6%80%A7%E7%A4%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.xvideos-dl.top%2Fv%2Fs%3A%2Fwww.lxs2.xyz%2Fvideos%2F65867%2Fd2309f39fba588166fc1b15e992b0eae%2Ftitle%2F%25E7%25BD%2591%25E6%259B%259D-%25E3%2580%2590%25E7%258B%25AC%25E5%25AE%25B6%25E5%25B0%258F%25E8%2590%259D%25E8%258E%2589%25E3%2580%2591%25E8%25B6%2585%25E5%25AB%25A9%25E6%2580%25A7%25E7%2598%25BE%25E4%25B8%25AD%25E5%25AD%25A6%25E5%25A5%25B3%25E5%25AD%25A9%25E2%2580%259D%25E5%2590%25B4%25E6%25AC%25A3%25E7%2584%25B6%25E2%2580%259C%25E7%25A7%2581%25E6%258B%258D%25E8%25A7%2586%25E9%25A2%2591%25E6%25B5%2581%25E5%2587%25BA-%25E4%25B8%25A4%25E6%2580%25A7%25E7%25A4%25BE%2520%5B9%3A42x406p%5D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A232671645779%3Ahid%3A30678917%3Az%3A0%3Ai%3A20221127103946%3Aet%3A1669545587%3Ac%3A1%3Arn%3A545968768%3Arqn%3A1%3Au%3A1669545587484595448%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C249%2C249%2C0%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Ans%3A1669545584913%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669545587%3At%3A%E6%89%BE%E4%B8%8D%E5%88%B0%E7%BD%91%E9%A1%B5-%E4%B8%A4%E6%80%A7%E7%A4%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 9c3be3d5fef34cbf79c65f60d0874b53
3efa39658558ec4955e921a2ae372a5630eddec7
b20bc94a670282a985d310e99995a660463bacd2fb0d36444b7c4112e719f698
GET /watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.xvideos-dl.top%2Fv%2Fs%3A%2Fwww.lxs2.xyz%2Fvideos%2F65867%2Fd2309f39fba588166fc1b15e992b0eae%2Ftitle%2F%25E7%25BD%2591%25E6%259B%259D-%25E3%2580%2590%25E7%258B%25AC%25E5%25AE%25B6%25E5%25B0%258F%25E8%2590%259D%25E8%258E%2589%25E3%2580%2591%25E8%25B6%2585%25E5%25AB%25A9%25E6%2580%25A7%25E7%2598%25BE%25E4%25B8%25AD%25E5%25AD%25A6%25E5%25A5%25B3%25E5%25AD%25A9%25E2%2580%259D%25E5%2590%25B4%25E6%25AC%25A3%25E7%2584%25B6%25E2%2580%259C%25E7%25A7%2581%25E6%258B%258D%25E8%25A7%2586%25E9%25A2%2591%25E6%25B5%2581%25E5%2587%25BA-%25E4%25B8%25A4%25E6%2580%25A7%25E7%25A4%25BE%2520%5B9%3A42x406p%5D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A232671645779%3Ahid%3A30678917%3Az%3A0%3Ai%3A20221127103946%3Aet%3A1669545587%3Ac%3A1%3Arn%3A545968768%3Arqn%3A1%3Au%3A1669545587484595448%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C249%2C249%2C0%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Ans%3A1669545584913%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669545587%3At%3A%E6%89%BE%E4%B8%8D%E5%88%B0%E7%BD%91%E9%A1%B5-%E4%B8%A4%E6%80%A7%E7%A4%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Sun, 27 Nov 2022 10:39:47 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://av.xvideos-dl.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 10:39:47 GMT
last-modified: Sun, 27-Nov-2022 10:39:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
thepervs.com/thumbs/65523.jpg
301 Moved Permanently 0 B URL HTTP/1.1 thepervs.com/thumbs/65523.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/65523.jpg HTTP/1.1
Host: thepervs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:47 GMT
Location: https://thepervs.com/thumbs/65523.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nl%2FqjVHnIfILozUZ2YkniuKD5zry3kWFF96vkhP6piyjGqyUtLnt6Zr9iNaXOGUOwC2Ttp0158EVtznffPZtFe8wlBX0NIUcU63BeGi55um873l1ttuOuxwHpjlcIc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3df25c1ab505-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 279 B IP
Hash 9690cbd4b27557bac1bf1365902a1b41
caa9c57ae9386c1bf6c1042536d7dd978059c5c6
62ae17a870978df7bda0a6dca1c93ac58973482efbac81903eb8ecf59790208c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5707
Cache-Control: max-age=108864
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:47 GMT
Etag: "63822e68-117"
Expires: Mon, 28 Nov 2022 16:54:11 GMT
Last-Modified: Sat, 26 Nov 2022 15:19:04 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
detog.com/thumbs/393702.jpg
200 OK 9.9 kB URL HTTP/2 detog.com/thumbs/393702.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 12c96665975f2ff2db62f5efca4d9188
cfc4115b300424ca49a273dfa76252491533bba6
2fc01c6e57bf6877d06f4c0cf59e4e87a857250553560ed46cf35d97e94099c3
GET /thumbs/393702.jpg HTTP/1.1
Host: detog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:47 GMT
content-type: image/jpeg
content-length: 9914
cache-control: max-age=31536000, immutable
cf-cache-status: HIT
age: 1177818
last-modified: Sun, 13 Nov 2022 19:29:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7IMn5RanVfFl9M14nDRY%2Bdo4NIw9jn1U5%2B2HBcr%2F19oyQMTRXUWxUULjmb5xCqMl0w4x0vmkFoc%2BoNGBjbgWu%2FcphApT5V2xFbd3q2iDEtaFpuXatMSyMsnVVw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3df31c00b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.thisav.com/images/videothumbs/354803-1.jpg
301 Moved Permanently 0 B URL HTTP/1.1 static.thisav.com/images/videothumbs/354803-1.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/videothumbs/354803-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:47 GMT
Location: https://static.thisav.com/images/videothumbs/354803-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7U7kBE4gEB2Sobmz6arH10ls4Eet3Hi9T0renGm3bVW%2FxQXcn7LaY8f%2Fsj3rMBP4IMFwRpqZaJrxfkWOV9%2B%2Bnav4C9mzT5kTMa3ZqGNPotm2CdeONhnvnU2C74bMVgaNfZs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3df308e60b59-OSL
alt-svc: h2=":443"; ma=60
chomikuj.pl/ImageThumbnail.aspx?id=4508552236
302 Found 275 B URL HTTP/1.1 chomikuj.pl/ImageThumbnail.aspx?id=4508552236
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cbc404f9014e7f2344669a4c84e38d38
2a99b1893322b513b31784c1019f0c2de70bd005
c144965aaa7f11c6049be1e766b1f606d877f28a067afc00262c4778ed41d61f
GET /ImageThumbnail.aspx?id=4508552236 HTTP/1.1
Host: chomikuj.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 302 Found
Date: Sun, 27 Nov 2022 10:39:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 275
Connection: keep-alive
cache-control: private
location: http://s9636.chomikuj.pl/Thumbnail.aspx?e=GffTyrWpAHkfa8bVU0pAX57mw5kNdnIi9kRbs0xEPufSlc1rrDep9EM9aAfO7Yw2B9rChwumjg7W7BoHUTorSb6KNlqnU1240G0bYDxyAC4&pv=2
set-cookie: guid=870e1ec8-a724-4c0a-91ed-1d3727ed7c38; expires=Wed, 27-Nov-2024 10:39:47 GMT; path=/; HttpOnly; SameSite=Lax
rcid=10; expires=Mon, 27-Nov-2023 10:39:47 GMT; path=/; SameSite=Lax
x-server: m50
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a3df2cc6cb4f4-OSL
static.thisav.com/images/videothumbs/292562-1.jpg
301 Moved Permanently 6.6 kB URL HTTP/1.1 static.thisav.com/images/videothumbs/292562-1.jpg
IP
Hash f760580d265faca13db5c541dcd5c36d
235d5a37a5650e9ab7cea28185538bb0131fe62c
080c107b143b66faedf9b2ff9eb4a12afa9369f4fa2f12cf2bdf578054735753
GET /images/videothumbs/292562-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:47 GMT
Location: https://static.thisav.com/images/videothumbs/292562-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zs3t2maFpQJKxDBUKxcXwfm1ZyAWdkVqIZc5fwoPqwzsg8avZm1J2hONS5mWNykVAJdSbHMggmktVrLuRWCj4%2FEqCuKMnGqMHc2BcJjuYp4hGat1AngCQxqmVnl3lpP4gBZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3df3c9980b59-OSL
alt-svc: h2=":443"; ma=60
unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js
200 OK 20 kB URL HTTP/2 unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js
IP
Hash 1fd5b665ae7fd868cca800426641c83d
c65925c60736086fc129d638450c3d293d2be5d4
65a4dbc80bae14d14193defdb3a59a02a84ff2ef2204f643720cbc4a038dc902
GET /videojs-flash@2.2.1/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:47 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"99ef-EigKzOQZJEjpPjsu+eGt9sbrqUo"
via: 1.1 fly.io
fly-request-id: 01G4XED00012H0FHS4H5YGBK8Y-fra
cf-cache-status: HIT
age: 14994915
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770a3def4874b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.thisav.com/images/videothumbs/626477-1.jpg
301 Moved Permanently 0 B URL HTTP/1.1 static.thisav.com/images/videothumbs/626477-1.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/videothumbs/626477-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:47 GMT
Location: https://static.thisav.com/images/videothumbs/626477-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gI992GSTcX8BHn2SZ9p%2FgHuLy0QQSQWL8ZlIs3Se%2BengutJBI9mZeBKjOHaPYspr3XOJocfoo6xTFWFQSTivVjamxnhBJL%2BpukTHYFmdKiTQg7aE1exhWTqaA8Plzn3b1qO0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3df44a0c0b59-OSL
alt-svc: h2=":443"; ma=60
detog.com/thumbs/537921.jpg
200 OK 7.0 kB URL HTTP/2 detog.com/thumbs/537921.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 892a92a4ae974041ea2bdc5e70003778
ed1f9dc1a3615fbe660528c4c7ee4bffa9b97c81
0a44a1bd543fc03ef979b800c4d9a03e2657c0a6752b0aab14d5db0529e4838e
GET /thumbs/537921.jpg HTTP/1.1
Host: detog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:47 GMT
content-type: image/jpeg
content-length: 6960
cache-control: max-age=31536000, immutable
cf-cache-status: HIT
age: 984086
last-modified: Wed, 16 Nov 2022 01:18:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y94BTp9L8A%2F4nbmxqyMYwd9Jeh%2FWeu5MK5KPI354X2mofD1DRT7SdkTsekR8uqIeERSuNLlC1ND9%2FUzxmsl2f%2F9nLqvkpYl1EI%2FZoNs6TZW0T2a68TE3bxHcrTM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3df4ee2cb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.thisav.com/images/videothumbs/389681-1.jpg
301 Moved Permanently 0 B URL HTTP/1.1 static.thisav.com/images/videothumbs/389681-1.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/videothumbs/389681-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:48 GMT
Location: https://static.thisav.com/images/videothumbs/389681-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuSNiK6tz5Gs3gV54U%2BZlCdZ8Nl7mzIAX58demlY3xw%2FGSpxw%2B04qGN03AG2Fxlxou4JSaRmFM%2Bp0NX4gc7KTGq0T7Lgqw5z70FF579nRHffTNNpS18j1Nk52btg9c6J6flm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3df50ac20b59-OSL
alt-svc: h2=":443"; ma=60
static.thisav.com/images/videothumbs/609077-1.jpg
301 Moved Permanently 0 B URL HTTP/1.1 static.thisav.com/images/videothumbs/609077-1.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/videothumbs/609077-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:48 GMT
Location: https://static.thisav.com/images/videothumbs/609077-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4LstyAH%2B1CINoue%2BfPX5DPfnbpzvLYwjSIb4FRrpmy7c6nlIOigAl8SvaAJRLoWMYw5MV02CAzBTXHPIF8myxuTg3WgGQ0WkK7T%2FD19%2FvxugUexM3WmEkWX1Pkh9dGt7CU2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3df54af90b59-OSL
alt-svc: h2=":443"; ma=60
av.xvideos-dl.top//cacrip.nakadashi.pw/AV4.us.jpg
200 OK 2.4 kB URL HTTP/1.1 av.xvideos-dl.top//cacrip.nakadashi.pw/AV4.us.jpg
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1346), with CRLF, LF line terminators
Hash 4b13122efd0ff17fcc7c2abcfbf23c98
d5e9c9e37d42f37bab3dc69eaa7e7334de6e32c5
85bdce9b685d79ef840cdadbca0fe5a5cc4dce2483641b319855e60e89343bc6
GET //cacrip.nakadashi.pw/AV4.us.jpg HTTP/1.1
Host: av.xvideos-dl.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 27 Nov 2022 10:39:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Host,Accept-Encoding
pdo-line8: host-av.xvideos-dl.top127.0.0.1-myhost-av.xvideos-dl.top127.0.0.1//cacrip.nakadashi.pw/AV4.us.jpg
phost: av.xvideos-dl.top
line1066: notjp--myhost-av.xvideos-dl.top-filteron-
line2430: notjp-//cacrip.nakadashi.pw/AV4.us.jpg-myhost-av.xvideos-dl.top-filteron-
Cache-Control: max-age=2717, public
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: MISS
Xkey-5950: av.//cacrip.nakadashi.pw/AV4.us.jpg-A-av.xvideos-dl.top-av.xvideos-dl.top-cacpdo0---yes
X-Proxy-Cache-g-jp: HIT
Xkey-g-jp2: av.//cacrip.nakadashi.pw/AV4.us.jpg-A-av.xvideos-dl.top--my_zone
av.oppai.icu/poster/http://www.aipa570.com/uploads/2021/04/14/-%E9%AB%98%E6%B8%85%E5%8E%9F%E7%89%88%E6%97%A0%E6%B0%B4%E5%8D%B0%E3%80%90%E5%AE%A3%E4%BC%A0%E5%9B%BE%E3%80%91%20(5).jpg
302 Found 0 B URL HTTP/1.1 av.oppai.icu/poster/http://www.aipa570.com/uploads/2021/04/14/-%E9%AB%98%E6%B8%85%E5%8E%9F%E7%89%88%E6%97%A0%E6%B0%B4%E5%8D%B0%E3%80%90%E5%AE%A3%E4%BC%A0%E5%9B%BE%E3%80%91%20(5).jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /poster/http://www.aipa570.com/uploads/2021/04/14/-%E9%AB%98%E6%B8%85%E5%8E%9F%E7%89%88%E6%97%A0%E6%B0%B4%E5%8D%B0%E3%80%90%E5%AE%A3%E4%BC%A0%E5%9B%BE%E3%80%91%20(5).jpg HTTP/1.1
Host: av.oppai.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 302 Found
Date: Sun, 27 Nov 2022 10:39:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Host,Accept-Encoding
pdo-line8: host-av.oppai.icu127.0.0.1-myhost-127.0.0.1/poster/http://www.aipa570.com/uploads/2021/04/14/-%E9%AB%98%E6%B8%85%E5%8E%9F%E7%89%88%E6%97%A0%E6%B0%B4%E5%8D%B0%E3%80%90%E5%AE%A3%E4%BC%A0%E5%9B%BE%E3%80%91%20(5).jpg
phost: av.oppai.icu
line1066: notjp--myhost--filteron-
Cache-Control: public, max-age=36000000
Location: http://www.aipa570.com/uploads/2021/04/14/-%E9%AB%98%E6%B8%85%E5%8E%9F%E7%89%88%E6%97%A0%E6%B0%B4%E5%8D%B0%E3%80%90%E5%AE%A3%E4%BC%A0%E5%9B%BE%E3%80%91%20(5).jpg
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: HIT
Xkey-5950: av.oppai.icu/poster/http://www.aipa570.com/uploads/2021/04/14/-%E9%AB%98%E6%B8%85%E5%8E%9F%E7%89%88%E6%97%A0%E6%B0%B4%E5%8D%B0%E3%80%90%E5%AE%A3%E4%BC%A0%E5%9B%BE%E3%80%91%20(5).jpg--av.oppai.icu--cacpdo0---yes
X-Proxy-Cache-g-jp: HIT
Xkey-g-jp: av.oppai.icu/poster/http://www.aipa570.com/uploads/2021/04/14/-%E9%AB%98%E6%B8%85%E5%8E%9F%E7%89%88%E6%97%A0%E6%B0%B4%E5%8D%B0%E3%80%90%E5%AE%A3%E4%BC%A0%E5%9B%BE%E3%80%91%20(5).jpg--av.oppai.icu--my_zone
CF-Cache-Status: HIT
Age: 14694275
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BHM3q4HZ9O2rPav2GY0MEjmz8OcH9KRQcs99UkCha7iXwPweURbciHilXOXA3mGE1o6Q0EqQ%2FFAE6GiOsNKNSRXPq%2BmK3kqSay61FT4DSQv9YK3YIpQWKaX6HTMxVw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770a3df57c1e0b3d-OSL
alt-svc: h2=":443"; ma=60
static.thisav.com/images/videothumbs/638739-1.jpg
301 Moved Permanently 0 B URL HTTP/1.1 static.thisav.com/images/videothumbs/638739-1.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/videothumbs/638739-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:48 GMT
Location: https://static.thisav.com/images/videothumbs/638739-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6VkTtvfRioNlBuYENo3flTmotAAgvqecmSRLVSNxLUvYetaeN0JFGCiK6V%2FZKcxvXi3LgVKxemVH8fO8l9Gi8kE3lAx%2BIpbfx7eOWnASdh4MAHLOAQ3iSldDbuT2HaDtLIV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3df57b2f0b59-OSL
alt-svc: h2=":443"; ma=60
ddcdn.comtucdncom.com/upload/vod/2019-08-11/15654650696.jpg
404 Not Found 479 B URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2019-08-11/15654650696.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 57dd7bfa6c07bfe5eeada45d4bdd78ec
395c6ad5c3ae0e8ea47281f5007c369551b32ad7
c870990950ca5802e260be6786d1e6a148b1acdfeed4fa9bb6acce744488c0b5
GET /upload/vod/2019-08-11/15654650696.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 404 Not Found
Server: Tengine
Date: Sun, 27 Nov 2022 10:41:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 479
Connection: keep-alive
ETag: "5f2e8d85-1df"
stickamvids.net/photos/2017/06/770737.jpg
200 OK 5.0 kB URL HTTP/1.1 stickamvids.net/photos/2017/06/770737.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 230x172, components 3\012- data
Hash f19e93df26fc9d8d2fe050f575acfaca
e3760be50db9675c4b825e71a59a3772bb350f42
400a93245ff51e1d3db04af10eae61b71bcd0532caa7e29103bebe1857167f8f
GET /photos/2017/06/770737.jpg HTTP/1.1
Host: stickamvids.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 10:39:48 GMT
Content-Type: image/jpeg
Content-Length: 5010
Last-Modified: Tue, 06 Jun 2017 14:41:01 GMT
Connection: keep-alive
ETag: "5936befd-1392"
Expires: Tue, 27 Dec 2022 10:39:48 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
thepervs.com/thumbs/32013.jpg
301 Moved Permanently 0 B URL HTTP/1.1 thepervs.com/thumbs/32013.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/32013.jpg HTTP/1.1
Host: thepervs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:48 GMT
Location: https://thepervs.com/thumbs/32013.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvL31o%2BaWY6zIuqhYaZKDEQ9lPzQRLghV0EupPBiM%2BkptzNbQgZ0EXrskBgS2dBLVrhITOFiqP3XmjEFt8KASU1UEuaQHKHE%2BsyRs6nmcrb0JeSlFnSAQgifHpCpEdc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3df69894b505-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 280 B IP
Hash 993b771f5dfdd825b8c90dec588a0124
4de6eda4de1fde40febbd5145c03844a3bbb3cf9
2cd1b513baab01f6a4b727e75013130959d77d7b793b5ae772de5239f2b0658e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1251
Cache-Control: max-age=102988
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:48 GMT
Etag: "638228dd-118"
Expires: Mon, 28 Nov 2022 15:16:16 GMT
Last-Modified: Sat, 26 Nov 2022 14:55:25 GMT
Server: ECS (amb/6B74)
X-Cache: HIT
Content-Length: 280
file.tktube.com/contents/videos_screenshots/124000/124299/preview_720p.mp4.jpg
200 OK 27 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/124000/124299/preview_720p.mp4.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x720, components 3\012- data
Hash 9babdd08a2cd4858d357f69d8e36990f
2dd63f5c16c66ee7925a8f57294d811198f94e9f
db3c6f29af845912b21587402ad4cbf2763c9421a9663c94f329f4a7b4600120
GET /contents/videos_screenshots/124000/124299/preview_720p.mp4.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:48 GMT
content-type: image/jpeg
content-length: 26728
last-modified: Tue, 07 Jun 2022 20:12:03 GMT
etag: "629fb113-6868"
expires: Fri, 23 Dec 2022 09:17:07 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 343175
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jofQkTEDRCtY5va5L5ySuYY2U28bCAdk4ToEa2QEPT%2FnVBqlKNSXjtiyn%2FFP0%2Bab3V2WYuWC3nen7l%2Bpl6atb8ov4sSfkhwuyGt0JQlBgXDciGZYXcBOyoHZyriDx0UMoDs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3df72d2471e4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash b9e4604268134f2a41641f7a0b14140a
0782239d76a572e87c19b9f84d557866eff2e73e
bead98f29a7be6e499e76841d222c6603a302a779cb1598a178aa70ae7e22be5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6107
Cache-Control: max-age=139851
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:48 GMT
Etag: "6382a5e4-116"
Expires: Tue, 29 Nov 2022 01:30:39 GMT
Last-Modified: Sat, 26 Nov 2022 23:48:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 279 B IP
Hash 2b2f211409687ec36761cef422a6c2d4
d2125a996f224ab7ff285e3ecf87427226c4073d
780c4cf27664dc16060aa2cc1bd9d100a293a38301b6b106bfdc64df9a7d2f06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6163
Cache-Control: max-age=118305
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:48 GMT
Etag: "63825182-117"
Expires: Mon, 28 Nov 2022 19:31:33 GMT
Last-Modified: Sat, 26 Nov 2022 17:48:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 280 B IP
Hash b8d8ff78e000a434fd211895fd5d50cc
88344a70773a6a0d50754376ad38b9ff5172ee47
b2ea64f31adc4109a6e4ac2786f52d14d988289113c8289839241254480a1ade
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99539
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:48 GMT
Etag: "63822047-118"
Expires: Mon, 28 Nov 2022 14:18:47 GMT
Last-Modified: Sat, 26 Nov 2022 14:18:47 GMT
Server: nginx
Content-Length: 280
www.91rb.net/contents/videos_screenshots/96000/96236/preview.jpg
200 OK 48 kB URL HTTP/2 www.91rb.net/contents/videos_screenshots/96000/96236/preview.jpg
IP
Hash 939a5650c7b7cc5c647622ac8b76bc72
b83d5b37cf7b5912cfeb3a69af8fd89f8a19f002
2d01367bc9c5e4d97658dda4cc0f73ada9a702a4d52d1affb5d6f8151f015939
GET /contents/videos_screenshots/96000/96236/preview.jpg HTTP/1.1
Host: www.91rb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:48 GMT
content-type: image/jpeg
content-length: 45802
last-modified: Tue, 11 Jan 2022 04:21:19 GMT
etag: "61dd05bf-b2ea"
expires: Sat, 17 Dec 2022 02:51:51 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 892077
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSYUVvy93TOvsQtM%2FYPmrmr5zruLG8sI88GHSLeFYKdj879V808ouDWPfT%2BvXPlvnUSBDzLHnMvFYWZFDQ2ifjqcN9j2GWpEcxfvI9p9w%2FHA0s68%2BfLQxzP%2BgSqcbJA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3df7cdc8b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 359d8aa35094074dd7745774160a7cdc
2e91f95a1dbf210e9551d2668cf4149bee508a75
4b596ac71e84aeeb42460efe5dc14345f1d6d13c72f30ddc85b6e8d63c8710d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1415
Cache-Control: max-age=104222
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:48 GMT
Etag: "63822d0b-117"
Expires: Mon, 28 Nov 2022 15:36:50 GMT
Last-Modified: Sat, 26 Nov 2022 15:13:15 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
cdn.thaixtube.com/thumbs_146/62/112878738/b_orig.jpg
200 OK 44 kB URL HTTP/2 cdn.thaixtube.com/thumbs_146/62/112878738/b_orig.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 1280x720, components 3\012- data
Hash 522d8e68e2a1c673714ea41aec735c81
5387e35650641bd93a08409bbe1b1845f21e012b
fdfd03f7be78741eae9141cc80fad323c2d1dddc1ae749709852b43ee8d7f5b7
GET /thumbs_146/62/112878738/b_orig.jpg HTTP/1.1
Host: cdn.thaixtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:48 GMT
content-type: image/jpeg
content-length: 43949
last-modified: Sat, 08 Aug 2020 09:14:52 GMT
etag: "5f2e6d0c-abad"
expires: Sun, 18 Dec 2022 03:22:00 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 803868
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OB9nmGO0O7mFSx6%2BcrbKp65FTC2CS%2B1V%2Fpu6XKkskYhHesjJItnr30tUas8HqfQHuY%2FKry5EFkQaJogmxH3INgfF1%2BpLhfIpmjPC8ba5r9GOYeGWBLSjRpz4WVhwdeXIaeOBJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3df7dac6b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 7a0d70ed8ff4779b03620ef754f7ddf4
cfbce65f3bddcd44bb242f2924692f19f7f1b1b3
5ea9516fe415801c2c49caf98eba32bc28191b758d6a8883c2c7abe5b51c4b72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5411
Cache-Control: max-age=103143
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:48 GMT
Etag: "63821938-116"
Expires: Mon, 28 Nov 2022 15:18:51 GMT
Last-Modified: Sat, 26 Nov 2022 13:48:40 GMT
Server: ECS (amb/6B7D)
X-Cache: HIT
Content-Length: 278
pornolampa.net/contents/videos_screenshots/3000/3499/preview.mp4.jpg
200 OK 29 kB URL HTTP/2 pornolampa.net/contents/videos_screenshots/3000/3499/preview.mp4.jpg
IP
Hash c0ae5efb4773e81dd647431c3c29ed18
8265c043b871e51d21cef7026d55182dac0bc144
6dcbd04c3c7e62d7e2cd88509a1228f8a502b90f59e5e8b273d918a64e5e8b98
GET /contents/videos_screenshots/3000/3499/preview.mp4.jpg HTTP/1.1
Host: pornolampa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:48 GMT
content-type: image/jpeg
content-length: 12845
last-modified: Sat, 29 Aug 2020 07:14:17 GMT
etag: "5f4a0049-322d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4a843a4e4dede2904c0398f426f8db32
a053f165114c634bd6021091e5f38990be3a9caf
05bea1be7db083d932c238e691bb2b6f2695191e96b9a74ed37938333b547833
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05BEA1BE7DB083D932C238E691BB2B6F2695191E96B9A74ED37938333B547833"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8776
Expires: Sun, 27 Nov 2022 13:06:04 GMT
Date: Sun, 27 Nov 2022 10:39:48 GMT
Connection: keep-alive
img3.lltaohuaxiang.com/f2dgc/20211125/183.jpg
200 OK 33 kB URL HTTP/1.1 img3.lltaohuaxiang.com/f2dgc/20211125/183.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 460x258, components 3\012- data
Hash 9e0b5feffd94475e2a972395d818d5a5
b606c550cdf8d654b031627eec43a0daf3f24f12
e063ff9633e6fbbcc56e6c989f2402fdae9a0c15701aab79e263615d404ad73c
GET /f2dgc/20211125/183.jpg HTTP/1.1
Host: img3.lltaohuaxiang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 33212
Connection: keep-alive
Server: X
Last-Modified: Thu, 25 Nov 2021 10:48:38 GMT
Accept-Ranges: bytes
Date: Sun, 27 Nov 2022 02:49:22 GMT
ETag: "619f6a06-81bc"
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8FMddhxfo7bfwiegKjaEI9hyMjBOAWNPzQlbTdiG-hbZpL7ywqBCgQ==
Age: 28584
Vary: Accept-Encoding, Origin
www.qzsp39.com/contents/videos_screenshots/45000/45197/preview.jpg
200 OK 28 kB URL HTTP/2 www.qzsp39.com/contents/videos_screenshots/45000/45197/preview.jpg
IP
File type JPEG image data, baseline, precision 8, 360x480, components 3\012- data
Hash cc02ac66aee1d80aa20a1792fd58c50d
bb4b5babdd228560e252665e4a23d36ac6836121
d56e127bfa74008d3455e0bd00e23807346f113cafe4ce43e90252ad017daec6
GET /contents/videos_screenshots/45000/45197/preview.jpg HTTP/1.1
Host: www.qzsp39.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:48 GMT
content-type: image/jpeg
content-length: 28188
last-modified: Thu, 02 Jul 2020 03:06:02 GMT
etag: "5efd4f1a-6e1c"
expires: Wed, 21 Dec 2022 21:32:02 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 479266
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzsoagzPhxsyNtUmwfYUJK7kSmrfog5vA4jrSEDPYx1k%2B0uN6quHVUGOwoKUVlGwDfgxU%2BlCJJN17ZH5r9jknK1cuU2muEjD4zxOiE821sva%2B4luZJJVouC1midnNaf7Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3df85cbab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.latinporn.tv/img/512/7345/835480-1-001.jpg
200 OK 15 kB URL HTTP/2 www.latinporn.tv/img/512/7345/835480-1-001.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 32x27, segment length 16, comment: "Lavc56.60.100", baseline, precision 8, 270x180, components 3\012- data
Hash d77bbf6c7ae177721162e2d288c4a1d7
8a6db02d04ed6fefb841024ed2cfc19ac393249e
10ede59138f0ebbd7d6e127d252f6cb7dc92d7edf82fd83fa70d56a0721a7ab2
GET /img/512/7345/835480-1-001.jpg HTTP/1.1
Host: www.latinporn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.1
date: Sun, 27 Nov 2022 10:39:48 GMT
content-type: image/jpeg
content-length: 15226
last-modified: Mon, 10 Jan 2022 05:58:00 GMT
etag: "61dbcae8-3b7a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
static.thisav.com/images/videothumbs/327858-1.jpg
301 Moved Permanently 0 B URL HTTP/1.1 static.thisav.com/images/videothumbs/327858-1.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/videothumbs/327858-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:48 GMT
Location: https://static.thisav.com/images/videothumbs/327858-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uO%2FWpzUHfPu1zsje2%2BbPBsTcNT3GJLkLSq4YJxOuHbVi6wwx0Cub9qgLr9Qbj648VM0NP8WhoPSF87Wz4jvfMmsmVy6rLyf95fLoj%2FcrlQXMeVk2ck4OnReuKdbSAO9jc75K"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3df8deab0b59-OSL
alt-svc: h2=":443"; ma=60
thepervs.com/thumbs/32013.jpg
403 Forbidden 5.8 kB URL HTTP/2 thepervs.com/thumbs/32013.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1624)
Hash 70bafebe00449686af5d69db1ea1cc81
b0b809528f0c8de2e4c2212d79361f628ea11714
29b50c36b4a76a8f1d403ec556bfda1012dd3c46bbdaa902a98c97834ff86c15
GET /thumbs/32013.jpg HTTP/1.1
Host: thepervs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 27 Nov 2022 10:39:48 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ixl7pFiXkVB91pcWn0vuhPE8rpmCmlSyEWwpOvPe0%2BfS1Ih7C5592PAr5cNp8%2BIOPTlnRXE8UhqF9GKgA%2FFgr8fORPE18kOSR4P%2FDp705maUGgAMAWBMNyXHLkLA7s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3df82964b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s9636.chomikuj.pl/Thumbnail.aspx?e=GffTyrWpAHkfa8bVU0pAX57mw5kNdnIi9kRbs0xEPufSlc1rrDep9EM9aAfO7Yw2B9rChwumjg7W7BoHUTorSb6KNlqnU1240G0bYDxyAC4&pv=2
200 OK 5.8 kB URL HTTP/1.1 s9636.chomikuj.pl/Thumbnail.aspx?e=GffTyrWpAHkfa8bVU0pAX57mw5kNdnIi9kRbs0xEPufSlc1rrDep9EM9aAfO7Yw2B9rChwumjg7W7BoHUTorSb6KNlqnU1240G0bYDxyAC4&pv=2
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 160x120, components 3\012- data
Hash 340eeb116e5d6dfbd6fcbe74406a9a68
1fae8fd0d1e3fcb4b02aac4b41dd1624a46da3f2
304c54426a7f7f2977048adeda80df36eba621b2b6ae40fe0189880d3ebe8c1a
GET /Thumbnail.aspx?e=GffTyrWpAHkfa8bVU0pAX57mw5kNdnIi9kRbs0xEPufSlc1rrDep9EM9aAfO7Yw2B9rChwumjg7W7BoHUTorSb6KNlqnU1240G0bYDxyAC4&pv=2 HTTP/1.1
Host: s9636.chomikuj.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: image/jpeg
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: http://chomikuj.pl
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 27 Nov 2022 10:39:48 GMT
Content-Length: 5840
cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
200 OK 7.5 kB URL HTTP/2 cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
IP
File type ASCII text, with very long lines (4505)
Hash 450b54ae84cd37da97fb7bd5272f5b24
440bd2fd4132e999cde9bf947150753b417191a1
4b070456196a153f128ce2b16ae86cec4bc42353097684ff192d42e3823f3c92
GET /videojs-hotkeys/latest/videojs.hotkeys.min.js HTTP/1.1
Host: cdn.sc.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:47 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 02:39:12 GMT
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 6683
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTJhoX2ArKjjhh1OHgFxekuQ%2BGTv7xivoMAUGF%2FfEZYXP4WAOusnHnPYfp65%2BAbvHbA%2Bd85DQcVAswvUFfZNH6ovOML0PtUjaFjTmpz%2FvFDf%2F3EW6DQqcLKvPEM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3def4ca80b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
affiliate.dtiserv.com/widgets/images/meta/movies/flash/64099.jpg
200 OK 113 kB URL HTTP/1.1 affiliate.dtiserv.com/widgets/images/meta/movies/flash/64099.jpg
IP
ASN #30212 HYPERMEDIA-SYSTEMS
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x375, components 3\012- data
Size 113 kB (112843 bytes)
Hash 2f22fab53e399ac58217412827753130
c16369acdf7a4e736ce33dd47ff47ab2dc1780e0
1f03f89e4831ee20a420bdfa0fed4e8dab231312288e29fb933b5186568d5893
GET /widgets/images/meta/movies/flash/64099.jpg HTTP/1.1
Host: affiliate.dtiserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:48 GMT
Content-Type: image/jpeg
Content-Length: 112843
Last-Modified: Sat, 11 Oct 2014 01:24:01 GMT
Connection: keep-alive
ETag: "543886b1-1b8cb"
X-Sh: 104
Accept-Ranges: bytes
static.thisav.com/images/videothumbs/270213-1.jpg
301 Moved Permanently 0 B URL HTTP/1.1 static.thisav.com/images/videothumbs/270213-1.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/videothumbs/270213-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:49 GMT
Location: https://static.thisav.com/images/videothumbs/270213-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGLm%2FJOL5NAHjva4jyYl1VqZS5tJAtlrsUfiKlZ1EdL3%2Bz0CgG69g%2B91Td3AX2cAgmaWJXphFdDkSKn8CT36ExfvgeNjbBPd3pT90TvWAT8LIDa%2FccqC3hEWU%2BsNPJtbWQoS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3dfb894d0b59-OSL
alt-svc: h2=":443"; ma=60
jp-xvideos-av.com/wp-content/uploads/2015/04/LOcl1EDNcmoFQ4vN.jpeg
200 OK 39 kB URL HTTP/1.1 jp-xvideos-av.com/wp-content/uploads/2015/04/LOcl1EDNcmoFQ4vN.jpeg
IP
ASN #2519 ARTERIA Networks Corporation
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 299x200, components 3\012- data
Hash d149aaae4b00ffcf77790ff8f384e98f
7796e43800b417a45f9fbb0431a9e0f44407f965
ce6d37086302281900462034fe36417d01bf0b6ae19668d90f085a8f6e1ab477
GET /wp-content/uploads/2015/04/LOcl1EDNcmoFQ4vN.jpeg HTTP/1.1
Host: jp-xvideos-av.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:48 GMT
Content-Type: image/jpeg
Content-Length: 38945
Connection: keep-alive
Last-Modified: Fri, 24 Apr 2015 13:10:03 GMT
Expires: Tue, 27 Dec 2022 10:39:48 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
fanat.men/media/videos/tmb/000/000/095/1.jpg
200 OK 16 kB URL HTTP/1.1 fanat.men/media/videos/tmb/000/000/095/1.jpg
IP
ASN #207728 EUROHOSTER Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1280x1281, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash 7532a4b22399233b4702e2bb64d7d4f8
ccb80c4a1ef41aec1eae0ff616d10103355a25c0
a2b8792f79cb78f27d8e497b3d10fa3b57847f2873949f425ea5b501502d2ff4
GET /media/videos/tmb/000/000/095/1.jpg HTTP/1.1
Host: fanat.men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: image/jpeg
Content-Length: 16025
Last-Modified: Fri, 25 Mar 2022 23:02:12 GMT
Connection: keep-alive
ETag: "623e49f4-3e99"
Expires: Mon, 28 Nov 2022 10:39:49 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
www.aipa570.com/uploads/2021/04/14/-%E9%AB%98%E6%B8%85%E5%8E%9F%E7%89%88%E6%97%A0%E6%B0%B4%E5%8D%B0%E3%80%90%E5%AE%A3%E4%BC%A0%E5%9B%BE%E3%80%91%20(5).jpg
200 OK 142 kB URL HTTP/1.1 www.aipa570.com/uploads/2021/04/14/-%E9%AB%98%E6%B8%85%E5%8E%9F%E7%89%88%E6%97%A0%E6%B0%B4%E5%8D%B0%E3%80%90%E5%AE%A3%E4%BC%A0%E5%9B%BE%E3%80%91%20(5).jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2160x1270, components 3\012- data
Size 142 kB (142316 bytes)
Hash 9d33564ce5681c630d5964033d20cb18
12cb7de488de0d1cfe22ff9a067df7253bfa3b7e
97724016cb61cb593e3921eef656c3b8bb9499a0746fc105da9062a6cb1ec8f7
GET /uploads/2021/04/14/-%E9%AB%98%E6%B8%85%E5%8E%9F%E7%89%88%E6%97%A0%E6%B0%B4%E5%8D%B0%E3%80%90%E5%AE%A3%E4%BC%A0%E5%9B%BE%E3%80%91%20(5).jpg HTTP/1.1
Host: www.aipa570.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: image/jpeg
Content-Length: 142316
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 02:41:50 GMT
ETag: "22bec-5d81997775c8c"
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 16428811
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5AzkzTblfx%2BTrRTqSB3eZ2MzxUMW1N8DzKjAKm8GV8hYeE0aIJm0l4JniTkBEJlf45DmSNdT06fkzeviBG2Xf70WFuZVg1%2BkBdGAU0%2BimcwBbiLh%2F%2FUeU5ABAmLICZnlD0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3dfbe86cb524-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 279 B IP
Hash 9690cbd4b27557bac1bf1365902a1b41
caa9c57ae9386c1bf6c1042536d7dd978059c5c6
62ae17a870978df7bda0a6dca1c93ac58973482efbac81903eb8ecf59790208c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5709
Cache-Control: max-age=108864
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63822e68-117"
Expires: Mon, 28 Nov 2022 16:54:13 GMT
Last-Modified: Sat, 26 Nov 2022 15:19:04 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 278 B IP
Hash 48d97025de34714a78219538b71f1040
64ba68662c8682b0c5b1077a68026c0bc4486f26
db1575cc33b788d0cd49f0bbfc20dac2c07de955d07f542057ce440e2b836e6c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 334
Cache-Control: max-age=140567
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "6382bf3e-116"
Expires: Tue, 29 Nov 2022 01:42:36 GMT
Last-Modified: Sun, 27 Nov 2022 01:37:02 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
livedoor.blogimg.jp/hentainoutage-02/imgs/f/d/fd9312e1.jpg
200 OK 52 kB URL HTTP/1.1 livedoor.blogimg.jp/hentainoutage-02/imgs/f/d/fd9312e1.jpg
IP
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x582, components 3\012- data
Hash bf3c97a245bd1ed9caa9583d06cdaaec
38c7ac577f05c0c6000e8ccbf1247b47bc36dc42
5c1d07074138d56ace5a07e18d18f6880622fa411e6925b83cb89e9c4957453c
GET /hentainoutage-02/imgs/f/d/fd9312e1.jpg HTTP/1.1
Host: livedoor.blogimg.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/jpeg
Content-Length: 51598
Last-Modified: Mon, 12 Sep 2022 12:20:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2176
Expires: Sun, 27 Nov 2022 11:16:05 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash fd2ccb86904cbba76512a9c6d7a57a90
f45a2900e36d484c3059293b033bbce3813bdf6d
0b7d035a0596fc943c31e7bde9a50539c67f68ce228cbcd72e30de264409e60a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0B7D035A0596FC943C31E7BDE9A50539C67F68CE228CBCD72E30DE264409E60A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10434
Expires: Sun, 27 Nov 2022 13:33:43 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 458f983def6f76d2c8ccf039f2db90d7
cb929b5c6bde46970cfb24af92639360b69dfe33
a1b6fe8a046c762d8ede6aceb7495544814cda611acba1fe50910dba3b1fe2ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4530
Cache-Control: max-age=123533
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63826c50-117"
Expires: Mon, 28 Nov 2022 20:58:42 GMT
Last-Modified: Sat, 26 Nov 2022 19:43:12 GMT
Server: ECS (amb/6B74)
X-Cache: HIT
Content-Length: 279
page.myfile-host.info/myda.php
200 OK 0 B URL HTTP/1.1 page.myfile-host.info/myda.php
IP
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:47 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
fmtu.netfhtu.com/upload/vod/2022/10/hn2zb3roctt.jpg
200 OK 16 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/10/hn2zb3roctt.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 0560b383fc30a8a47748583fcd7cd291
d880c6c01e78bf190f8a239a74afbdcf0ea78243
276fb5029614da1441be6fb6d6045b66aa36e943d8d9e763fd162416b9293daa
GET /upload/vod/2022/10/hn2zb3roctt.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 15956
cf-bgj: h2pri
etag: "634690a8-3e54"
last-modified: Wed, 12 Oct 2022 10:02:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6884
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jlo48kbjwJfQizi0bj%2BUxwAzhu6p30HZ1ZE3OexbW99akoKRKlwC6g5SGDkKfazVjlte0IB7v8QhrhgxmmeWLVcYNwBfJXVwB6FnAPYuMMQFrZnqpWt3KL8l64i0PQdaXfzu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3dfc9ce67731-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash e850ba91b9c4234d7dcc9b5d6fe75b46
17d563e12c17200b09d1358e2458f99feb00dc6d
7029d7a99b8a5d3ca68d04b214f0178962f0fd6fc822348f0963aca16d51f6f8
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 06:56:12 GMT
Expires: Thu, 01 Dec 2022 06:56:11 GMT
Etag: "17d563e12c17200b09d1358e2458f99feb00dc6d"
Cache-Control: max-age=331581,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a3dfc69b3b511-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e7d9727da0e9075843d75a05193b89df
b88226b6cfe6a818beecd99060b2dbd4666012a2
7e4d85e5dc9295a2b5e7f524fba2d925fa6177786fa81bd86d61b93ee2c0ae80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E4D85E5DC9295A2B5E7F524FBA2D925FA6177786FA81BD86D61B93EE2C0AE80"
Last-Modified: Sat, 26 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17860
Expires: Sun, 27 Nov 2022 15:37:29 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 5b203bd3b4d2debdd6fba2c9860b5589
d7b6b005b9878e39e2ea479d4fd2e99d1cb6942f
7790f15a93ce89d92fc4eb54c7f29f09caa84f553568d5b0c8ceafc480fb3c80
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5692
Cache-Control: max-age=134740
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "6382938d-117"
Expires: Tue, 29 Nov 2022 00:05:29 GMT
Last-Modified: Sat, 26 Nov 2022 22:30:37 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 9fba6f51c5aa4bf1515af24b7f5c5f1b
1e088be5a7cb60876fde6e9c49a7571b20d9df6c
749cf6e82e62bc5ea7f5cecd50eeff533501ecc41db112a144a95afd08a32083
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6351
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Last-Modified: Sun, 27 Nov 2022 08:53:59 GMT
Server: ECS (amb/6B74)
X-Cache: HIT
Content-Length: 279
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash f676c94847ea3f6722571f5a37e17cc5
e010140320ac908a1f00fc779c0f853de5d6d1bb
6f3ce5a6ade047581eb9b0afdac685d8acff747d8defa1a0468b8186d6b5b278
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=207
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
X-N: S
ocsp.digicert.com/
200 OK 279 B IP
Hash b23b6c71be48b607c6fa9ce17d5f7e65
fcee3f2748ffbac4822c0273a532aaf2743188ae
0b8ba83b51cc012ae4ee9ab45de3bc55ced5fff6fe854d002a81dd1bff3e99e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3041
Cache-Control: max-age=126343
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63827d1b-117"
Expires: Mon, 28 Nov 2022 21:45:32 GMT
Last-Modified: Sat, 26 Nov 2022 20:54:51 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
static.thisav.com/images/videothumbs/270213-1.jpg
200 OK 3.1 kB URL HTTP/2 static.thisav.com/images/videothumbs/270213-1.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 62ce718296e300a988a3db69b77a514d
f32601eee71af0dd8a1eca66f8b6710f2be94233
71317d7cd0efa22fadec20de9b37cdbd560eba832b092e34481062e537f59f6e
GET /images/videothumbs/270213-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/webp
content-length: 3096
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14592
content-disposition: inline; filename="270213-1.webp"
etag: "588cdb8b-3900"
expires: Fri, 23 Dec 2022 19:16:56 GMT
last-modified: Sat, 28 Jan 2017 17:57:31 GMT
vary: Accept
cf-cache-status: HIT
age: 314442
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8eL4%2BEuJQglHndjfxb0O3CsSIu7YMamRjcftuZYsj1KzuDnwWNCeQozyQniLQ2zX1NgD82cprHTpTKIG6P%2FRzYSg6xSgKEuOU4AztQe4w7Mcw0bKk1W6330Dh5GV3cZs2gG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3dfd0cc1b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.thisav.com/images/videothumbs/292562-1.jpg
200 OK 2.3 kB URL HTTP/2 static.thisav.com/images/videothumbs/292562-1.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2d984e8c87267b73d80103886410b8e3
129a4eb2de1fa32e1f216e4b5ae07ada029f268d
92e6fe300223f174d5106a308c67cba14c44a409b66a83655480de94bdd0d79c
GET /images/videothumbs/292562-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/webp
content-length: 2330
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12675
content-disposition: inline; filename="292562-1.webp"
etag: "59145a21-3183"
expires: Fri, 16 Dec 2022 17:15:54 GMT
last-modified: Thu, 11 May 2017 12:33:37 GMT
vary: Accept
cf-cache-status: HIT
age: 926506
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgruhoPW0pAC2cPE7Vza%2FpqOXl%2BiAsRkB7Ups55bhlu6vN%2FAbyOWSHWNuUua55NAFaq5C69D4eE1fusSs6cDc5pXutZPjh2nG35LhKx25jIEzvQjp0bTqLrs0XrQOmTiCSfZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3dfd0cbfb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r18.video/pics/mimi-yazawa/h_094ktra00024/mimi-yazawa-0.jpg
200 OK 161 kB URL HTTP/2 r18.video/pics/mimi-yazawa/h_094ktra00024/mimi-yazawa-0.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x541, components 3\012- data
Size 161 kB (161287 bytes)
Hash e67229690393f13049aea56a2ab7c8ef
540ecc9e2193fccdc8de42c4cf755b6c9f954a0f
e35b4c48188343343680f38d10bf110af890055c9d1a48292530053777f2a24b
GET /pics/mimi-yazawa/h_094ktra00024/mimi-yazawa-0.jpg HTTP/1.1
Host: r18.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 161287
last-modified: Tue, 24 Apr 2018 02:59:58 GMT
etag: "5ade9dae-27607"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 755409
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCt7m1O05LYt%2BOkb3KiR5YiEOuQ%2F6pzQy0SiBcMrsseC6JuroeChLtJkk8nnkMmCU2BCiNmf97Ggo9F8AfSj8LlHj97gyN7Bd2gx1wqF8QCpvnsX4ShrEgXO%2B%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3dfd1cceb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 2060dcd7fba27bcbbd62457b47249a82
279baa093141d8fb7cb23ed60265bbfe0bcf8308
e60486fc1efaa04b98df6ac1ecf01839b2f9afceff58c3bc23ce014c2076b2f5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E60486FC1EFAA04B98DF6AC1ECF01839B2F9AFCEFF58C3BC23CE014C2076B2F5"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12647
Expires: Sun, 27 Nov 2022 14:10:36 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
static.thisav.com/images/videothumbs/389681-1.jpg
200 OK 3.7 kB URL HTTP/2 static.thisav.com/images/videothumbs/389681-1.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bd63c530f448c0708b226f5503438b2c
5958344b7504890a56ec1da68063cc3f192757d9
5af65444b613ddb767ff7509eefda846db7f24f4ec6def99cb80119761ceaf33
GET /images/videothumbs/389681-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/webp
content-length: 3704
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=16138
content-disposition: inline; filename="389681-1.webp"
etag: "5be3defb-3f0a"
expires: Mon, 26 Dec 2022 04:43:16 GMT
last-modified: Thu, 08 Nov 2018 07:00:11 GMT
vary: Accept
cf-cache-status: HIT
age: 107660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1FvAgnI7cwiMtXTfh%2FzNwbtWwdnC5fNKM%2FRQ04FJqpKgSnf8jUwmRfO0oKdQkRuTm3n2H0a1bsbdf7QmHMOX%2BUzAcFeN%2BaduHAeQO7B4%2BUh3GRWgZGmSJ99J3N0t9LpWpXy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3dfd0cc2b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17522
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash e127129e147a2b2bbca040afa56683a9
d651d8554fca2e97048aa62739e5c073f13a9a2c
3e93b3750092863ee3b28fd290ba0e6a925d597ecd1e69ac90b2a6078fc19ba4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4039
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Last-Modified: Sun, 27 Nov 2022 09:32:30 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash f676c94847ea3f6722571f5a37e17cc5
e010140320ac908a1f00fc779c0f853de5d6d1bb
6f3ce5a6ade047581eb9b0afdac685d8acff747d8defa1a0468b8186d6b5b278
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=207
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
X-N: S
sycdn.pic-726-baidu.com/upload/vod/20201019-1/4fcd6c9e83a8060aa61972008278c6c0.jpg
200 OK 35 kB URL HTTP/2 sycdn.pic-726-baidu.com/upload/vod/20201019-1/4fcd6c9e83a8060aa61972008278c6c0.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 946x626, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4bc418d099323bb03f04cb8cece1a60
259b4b23cbfe6f93d376757a22b7113dccf9e327
7e4e3b4e5533ccff4a0edba9b93ac5d6365c94e4370d85b1e7384e613b7a9a5d
GET /upload/vod/20201019-1/4fcd6c9e83a8060aa61972008278c6c0.jpg HTTP/1.1
Host: sycdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/webp
content-length: 35148
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=48675
content-disposition: inline; filename="4fcd6c9e83a8060aa61972008278c6c0.webp"
etag: "5f8ca6f6-be23"
expires: Fri, 23 Dec 2022 07:41:02 GMT
last-modified: Sun, 18 Oct 2020 20:35:02 GMT
strict-transport-security: max-age=31536000
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 356327
accept-ranges: bytes
server: cloudflare
cf-ray: 770a3dfd7a0cb503-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8878e4b7f04b5a86dd3edf98b0dd9218
8a8fcb0768baee0e8672d676a8bbe5f6fa22d1e6
c64f831df0229dbdb5967a08f445294903b0d520035c8426c41feff477815e0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C64F831DF0229DBDB5967A08F445294903B0D520035C8426C41FEFF477815E0E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15348
Expires: Sun, 27 Nov 2022 14:55:37 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
www.livegore.com//rb-include/videos/8241877639.jpg
200 OK 21 kB URL HTTP/2 www.livegore.com//rb-include/videos/8241877639.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.60.100", baseline, precision 8, 270x480, components 3\012- data
Hash f3f48922d9a1bb1601a93a38e757a88b
8d8286ebec17b44d8caf9bdfb7ac6c38aeee2211
c9c8a09bcedb9917e02f9b0c8a3504f1d5530cf7bfc30c52dd13a74ad374e4b6
GET //rb-include/videos/8241877639.jpg HTTP/1.1
Host: www.livegore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 20601
last-modified: Wed, 14 Sep 2022 12:10:50 GMT
etag: "5079-5e8a20509dbe4"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DX%2FoL99j7Gr%2BEbNCKZbFHF%2F0UOBZpEs1LuIXhzzHyRkotv9X6fysemjy9wrRtYO5SCRShXjC2BtUbpo2nCklxf3ob8ZAP4KTSYZgZvJdweAsAyVQWZ8p5a9JQOcqF5Idlv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3dfc9c03b529-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ee5071a31d351c552aa651e40b16189
6fca9136030ea6f67be44e428ea39c34ff3e28e7
8d52f14267b8bd47119954796ff6c5d54eb6aa5d23c6e8bbd246108a5b89c1d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8254
x-amzn-requestid: e12624ea-58c6-4f39-826c-8a1d87ebc5ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFySQGegIAMF-HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efda7-2c5e216a0d8a1502615186a8;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:14:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ylris3tg94-66p8L5kYl2zgnVZ4mCc04ju96DslaB97Dfr-6nTyfA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
age: 46655
etag: "6fca9136030ea6f67be44e428ea39c34ff3e28e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fb698cc9885b7419a36eae671057116f
b3647e9e9e68cb1e344799febdd655629f8c4f81
e2c9dc406bb48bedd6066fe6c2bb72225640dde2d8a3e464d30185fdecb83063
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1980
Cache-Control: max-age=166669
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63831ec6-1d7"
Expires: Tue, 29 Nov 2022 08:57:38 GMT
Last-Modified: Sun, 27 Nov 2022 08:24:38 GMT
Server: ECS (amb/6B74)
X-Cache: HIT
Content-Length: 471
img.redwap-cdn.com/111/111238/111238_320x180.jpg
200 OK 23 kB URL HTTP/2 img.redwap-cdn.com/111/111238/111238_320x180.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, comment: "Lavc55.18.102", baseline, precision 8, 320x180, components 3\012- data
Hash 12520d24c171a974a0f6cd420899f57a
7fcf5c045111a938d7c3882ea80ae61cded38ccc
10693c4ca03581b300b978eec62b453e78399e1522f60a777e5be6ab0293825c
GET /111/111238/111238_320x180.jpg HTTP/1.1
Host: img.redwap-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 23365
last-modified: Wed, 03 Apr 2019 07:49:51 GMT
etag: 12520d24c171a974a0f6cd420899f57a
x-timestamp: 1554277790.04341
x-object-meta-mtime: 1452172872
x-trans-id: tx75418ea714ab4201a69ca-005e64665e
x-openstack-request-id: tx75418ea714ab4201a69ca-005e64665e
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 27 Nov 2022 18:04:47 GMT
x-proxy-cache: HIT
cf-cache-status: HIT
age: 146102
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9FtIsPOZECfS0UE57fk3kRSBQ0czghlDSFKbHu4mETE86USvwHgtjiwMnDnzIJADa3kld6tUpMvmCIsDcy%2Fhw73Lb%2BENz1imOOQJRwECqgbnCHu0p%2BmhN4QM3C4pVUGq8Xvae4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3dfdc91a74f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broimg.net/images/3149/642/549/_622e047caf914.jpeg
200 OK 18 kB URL HTTP/2 broimg.net/images/3149/642/549/_622e047caf914.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 500x351, components 3\012- data
Hash bd785a3b6b9a7289579f544a0c210a6c
2f8564e230b461f4bc077bc67387b65fc854955c
d552763555f05c7d64b5d61f5beb23af14a43e823ca7ac0bd5f38fdac8726b25
GET /images/3149/642/549/_622e047caf914.jpeg HTTP/1.1
Host: broimg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 17835
last-modified: Sun, 13 Mar 2022 14:49:32 GMT
etag: "622e047c-45ab"
expires: Sat, 17 Dec 2022 03:13:09 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 890799
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sr5DuBDvBhZmFYDtPDtxi%2B3CWmk7d4nIaS0fIAcZfu6V698MPpKwu06E4Zslp6aesOuGaZboxaez9QDweESC5fpTtnO3X2Z11ZJXsZM6rDyFga8voTG7MvIOnmNC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3dfdeb97b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 8920a271735fcbee6d5757eed3f294d7
566b92e71b23df17db2431c8902b99e925a92b31
a67bc2efb90b87c16e0486b07c8323c01e0f51c34bb0e3ec302643c00a5f8a32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3389
Cache-Control: max-age=170951
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63832a00-116"
Expires: Tue, 29 Nov 2022 10:09:00 GMT
Last-Modified: Sun, 27 Nov 2022 09:12:32 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
moav.com/contents/videos_screenshots/20000/20991/preview.jpg
200 OK 94 kB URL HTTP/2 moav.com/contents/videos_screenshots/20000/20991/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 1920x1080, components 3\012- data
Hash cbca256225696ec04ae42a613a8fdda5
e3a04cc32bb44269552c469902acfaa70fdee627
a28351751653da39748d5bcb2d5d4df7b89bbe9b182ba6b76281b78822410998
GET /contents/videos_screenshots/20000/20991/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 94449
last-modified: Wed, 30 Mar 2022 08:30:06 GMT
etag: "6244150e-170f1"
expires: Wed, 21 Dec 2022 09:57:10 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 520959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Adpr25dYDWtZ65hMpkVG5t4xZxuOcGmUz9v6KZ0oN5qyvymLYKY9GgE75%2FWtzyg1QHqP6aAXdIHsojNyd74JqxnWWldABjmzLoXHUBSOfgUJKiPDDYc58xsN3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3dfd8a2ddc31-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 1.6 kB IP
ASN #20940 Akamai International B.V.
Hash f9a3063eb3ee2b52839324b874528383
f04f58f1a835e01da9564123892ac639aed2acb2
5acf4630b32937d4d8227c112c41cdb2c6bf6583122c3789c7fdc42a9dad7b6d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0874D91418FFA3B45B15728365B300BE3F8DDB479346B30BA4294BEE11F7F2AF"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10627
Expires: Sun, 27 Nov 2022 13:36:56 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
pic32.anzise.com/pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg
200 OK 47 kB URL HTTP/2 pic32.anzise.com/pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg
IP
Hash cf476f8daacf196cd7f671fb52e51a7c
f9cd9cec94904895df7dc8447f7b20df1a997b40
bbaed96c8a7b33810db740281a2993f175f92454d499ab4ff9e35a0dee6f45ef
GET /pic/20220527/e0fac49cabeeed09a993368397851dfb/1.jpg HTTP/1.1
Host: pic32.anzise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: https://www.xzylm.com
date: Thu, 24 Nov 2022 04:01:39 GMT
content-type: image/jpeg
content-length: 19929
last-modified: Fri, 27 May 2022 13:53:02 GMT
cache-control: max-age=2592000
accept-ranges: bytes
etag: "6290d7be-4dd9"
expires: Sat, 24 Dec 2022 04:01:39 GMT
age: 283090
via: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])
X-Firefox-Spdy: h2
moav.com/contents/videos_screenshots/13000/13164/preview.jpg
200 OK 184 kB URL HTTP/2 moav.com/contents/videos_screenshots/13000/13164/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 1280x720, components 3\012- data
Size 184 kB (183915 bytes)
Hash 5b9f115969b4e3d759f013550e8ee82d
60cbc2820bdcc15c5c117b367728bd57b1e1d6b8
47089abe54a3ae3a5dd70266819f8c027b0321278ea6fa06ead272dd6bd1743a
GET /contents/videos_screenshots/13000/13164/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 183915
last-modified: Wed, 16 Mar 2022 11:39:50 GMT
etag: "6231cc86-2ce6b"
expires: Wed, 21 Dec 2022 09:59:25 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 520824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdpF%2B5Qa7%2B0MbvbcNX23c0dr8Evs0rx0kBr5W1OLOQzO0nEhslhS12mQkIEMyhVDzkPyG9yr5opbIiQKx%2B1C3yiA1f9fewgsNFiJPh60DA2BllJmBpNuHBrdLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3dfd7a22dc31-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash b8d8ff78e000a434fd211895fd5d50cc
88344a70773a6a0d50754376ad38b9ff5172ee47
b2ea64f31adc4109a6e4ac2786f52d14d988289113c8289839241254480a1ade
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=99539
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63822047-118"
Expires: Mon, 28 Nov 2022 14:18:48 GMT
Last-Modified: Sat, 26 Nov 2022 14:18:47 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 279 B IP
Hash 2b2f211409687ec36761cef422a6c2d4
d2125a996f224ab7ff285e3ecf87427226c4073d
780c4cf27664dc16060aa2cc1bd9d100a293a38301b6b106bfdc64df9a7d2f06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6164
Cache-Control: max-age=118305
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63825182-117"
Expires: Mon, 28 Nov 2022 19:31:34 GMT
Last-Modified: Sat, 26 Nov 2022 17:48:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
page.myfile-host.info/myda.php
200 OK 0 B URL HTTP/1.1 page.myfile-host.info/myda.php
IP
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
pornochika.net/contents/videos_screenshots/2000/2489/preview.mp4.jpg
200 OK 8.5 kB URL HTTP/2 pornochika.net/contents/videos_screenshots/2000/2489/preview.mp4.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 390x219, components 3\012- data
Hash fb77699f6b8039a6a9089cfc621c2099
ef3bcdfa2449bcf4e5a141c5e9d04d09873047dd
af4f9a95000b76b8962863c2bb7febe7232fc099b3c94fcf8ed55e121887e74a
GET /contents/videos_screenshots/2000/2489/preview.mp4.jpg HTTP/1.1
Host: pornochika.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 8540
last-modified: Mon, 07 Dec 2020 08:48:02 GMT
etag: "5fcdec42-215c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/07-05/11/xdbva0cx0ds1149xdbva0cx0ds371171.jpg
200 OK 8.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/07-05/11/xdbva0cx0ds1149xdbva0cx0ds371171.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 130f441fd32fda098eb1ea9026ac8d91
4f2dcb0ff8ca97439ce15e7fc33ace32b41843fa
84f4f9627bf21fef90661612d79466789bc6ae678c6799271cde8a850a78d5a1
GET /upload/vod/2022/07-05/11/xdbva0cx0ds1149xdbva0cx0ds371171.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/webp
content-length: 8828
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9472
content-disposition: inline; filename="xdbva0cx0ds1149xdbva0cx0ds371171.webp"
etag: "62c3b4d1-2500"
last-modified: Tue, 05 Jul 2022 03:49:37 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 80
accept-ranges: bytes
server: cloudflare
cf-ray: 770a3dfebeda0afa-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash b9e4604268134f2a41641f7a0b14140a
0782239d76a572e87c19b9f84d557866eff2e73e
bead98f29a7be6e499e76841d222c6603a302a779cb1598a178aa70ae7e22be5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6394
Cache-Control: max-age=140137
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "6382a5e4-116"
Expires: Tue, 29 Nov 2022 01:35:26 GMT
Last-Modified: Sat, 26 Nov 2022 23:48:52 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 279 B IP
Hash 359d8aa35094074dd7745774160a7cdc
2e91f95a1dbf210e9551d2668cf4149bee508a75
4b596ac71e84aeeb42460efe5dc14345f1d6d13c72f30ddc85b6e8d63c8710d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4748
Cache-Control: max-age=107554
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63822d0b-117"
Expires: Mon, 28 Nov 2022 16:32:23 GMT
Last-Modified: Sat, 26 Nov 2022 15:13:15 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 46655
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jp-xvideos-av.com/wp-content/uploads/2015/08/jWn1Bk3xQnkdhbOc.png
200 OK 142 kB URL HTTP/1.1 jp-xvideos-av.com/wp-content/uploads/2015/08/jWn1Bk3xQnkdhbOc.png
IP
ASN #2519 ARTERIA Networks Corporation
File type PNG image data, 300 x 200, 8-bit/color RGB, non-interlaced\012- data
Size 142 kB (142489 bytes)
Hash b9579e6e0876854ad03328858216edca
f81276d6b45938999d3494f9814e7256d199fef6
e5f04edc2067571f46affbfd0943855147535482d64ac7030a9184702144fd58
GET /wp-content/uploads/2015/08/jWn1Bk3xQnkdhbOc.png HTTP/1.1
Host: jp-xvideos-av.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:48 GMT
Content-Type: image/png
Content-Length: 142489
Connection: keep-alive
Last-Modified: Tue, 11 Aug 2015 10:20:03 GMT
Expires: Tue, 27 Dec 2022 10:39:48 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 892849386662d30042f01ab952a3ec14
3b349ac17a00d68875e64bee110ec85d07cffda2
893797d55f15081d45af7a31af9fefe106ace9ba236e9b113787d07ab416faf9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9926
x-amzn-requestid: 4e2c72af-2cce-4740-9962-6a7f9e217272
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_cVCHwEoAMF3lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c7420-51c2e04b4fae5b576a679db5;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:02:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rZTk5ONMhQB66WF0VWIRmlTOdzEJO-NJVl4TCibzbH2fZXY_9Mx9kQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 18:42:19 GMT
age: 57450
etag: "3b349ac17a00d68875e64bee110ec85d07cffda2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
age: 46655
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pornogids.net/contents/videos_screenshots/329000/329246/preview.jpg
200 OK 19 kB URL HTTP/2 pornogids.net/contents/videos_screenshots/329000/329246/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 143x144, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 550x318, components 3\012- data
Hash 435c4b3df06216e48728a5f45d3eebe5
8df7efabf0bc0ba7fd19231ae60dab64462ac207
55395950c34ad3c6c41f48825d8eb500225e6b3e574d1bbb8ca9a0030dce40b1
GET /contents/videos_screenshots/329000/329246/preview.jpg HTTP/1.1
Host: pornogids.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 18651
cf-bgj: h2pri
etag: "601e20ad-48db"
last-modified: Sat, 06 Feb 2021 04:53:01 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBS8lNQwa6N21A0ViKP7pRepLhHCtbas1YyGP32NBBv5wd4BaIwVvGrqBEwEhIHgjYMh0onDWszuG00Oe3yfXg13kVH1Wz9g5vCVQ75IckoRIdCDLI9GJtIgGvjEx%2B3p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3dfecc7b7300-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn8.hifimov.co/picture/original/nUE0pUZ6Yl9cYay0nJ1aYzAioF9_nF8gExu-El1wLwOXAP9bpJEyMzS1oUDhnaOaXFfbXRucEzyAo3LhL_8cK_ukMTIzLKIfqP5dpTp5v7P/(HiFiMov.co)_cimg2982-avi-preview-hqdefault.jpg
200 OK 16 kB URL HTTP/2 cdn8.hifimov.co/picture/original/nUE0pUZ6Yl9cYay0nJ1aYzAioF9_nF8gExu-El1wLwOXAP9bpJEyMzS1oUDhnaOaXFfbXRucEzyAo3LhL_8cK_ukMTIzLKIfqP5dpTp5v7P/(HiFiMov.co)_cimg2982-avi-preview-hqdefault.jpg
IP
ASN #399045 DEDIOUTLET-NETWORKS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash 49a64700871851b7b2d3cff66f6d19e1
13eee50af4fd1f6c9e22b35b022c8dae2d1a92b3
1283e011a869a59201d0c2e2045ff175d0bfef465d962c35fd1fdf93e9d7b3d1
GET /picture/original/nUE0pUZ6Yl9cYay0nJ1aYzAioF9_nF8gExu-El1wLwOXAP9bpJEyMzS1oUDhnaOaXFfbXRucEzyAo3LhL_8cK_ukMTIzLKIfqP5dpTp5v7P/(HiFiMov.co)_cimg2982-avi-preview-hqdefault.jpg HTTP/1.1
Host: cdn8.hifimov.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 15899
accept-ranges: bytes
last-modified: Sun, 27 Nov 2022 10:39:49 GMT
cache-control: max-age=8640000
expires: Tue, 07 Mar 2023 10:39:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fafa8459941948cf673dbce889d57341
382d69586f0493e84b04bcaefa71d985faade4d2
f18623cba88f50c452e56ef7132358323b489dc5fdd5a71b11d52867fb086829
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18623CBA88F50C452E56EF7132358323B489DC5FDD5A71B11D52867FB086829"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4856
Expires: Sun, 27 Nov 2022 12:00:45 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash 7a0d70ed8ff4779b03620ef754f7ddf4
cfbce65f3bddcd44bb242f2924692f19f7f1b1b3
5ea9516fe415801c2c49caf98eba32bc28191b758d6a8883c2c7abe5b51c4b72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4660
Cache-Control: max-age=102391
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63821938-116"
Expires: Mon, 28 Nov 2022 15:06:20 GMT
Last-Modified: Sat, 26 Nov 2022 13:48:40 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 1d88eddcc7c5a9e6012a58bc0105a215
59b8fa68e6016f3f1e7e91c60581cac105bb0740
8a1023b25dbf2e2e06a5d24b290cda09715c92cb2d286ef04975f76db6e8e471
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5336
Cache-Control: max-age=100225
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63820e1e-116"
Expires: Mon, 28 Nov 2022 14:30:14 GMT
Last-Modified: Sat, 26 Nov 2022 13:01:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
subo228.com/20221112/dkrat5AI/1.jpg
200 OK 25 kB URL HTTP/1.1 subo228.com/20221112/dkrat5AI/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x239, components 3\012- data
Hash d9d97b71fc8ac839e50716cfd4626ef7
d99d6534fefcdafe110f7e18679c93ff8e1efa35
95b316a50106d815160769d814c2ce9d1fa605719746888866f7de1e86bc7d3e
GET /20221112/dkrat5AI/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: image/jpeg
Content-Length: 24817
Last-Modified: Fri, 25 Nov 2022 03:53:42 GMT
Connection: keep-alive
ETag: "63803c46-60f1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash e209ff8adde7d9f6cb4682c198adc89b
44bf83d9272248cf94f702d7c49658cffebe8c71
ebdb51743fd11409ebe6bc66179caf00e7dd26f85835b4946f27c0d898abeea7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EBDB51743FD11409EBE6BC66179CAF00E7DD26F85835B4946F27C0D898ABEEA7"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2914
Expires: Sun, 27 Nov 2022 11:28:23 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/10/qrycqkff5bt.jpg
200 OK 8.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/10/qrycqkff5bt.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 97a465602c9f5408339b423093d71b4d
21079c89324440a8e496c3e20505cb2276543483
472b3c21a611f351419470cc9cfa8f19bcd4e2018adf6b83f34423784127e397
GET /upload/vod/2022/10/qrycqkff5bt.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 8812
cf-bgj: h2pri
etag: "634690a9-226c"
last-modified: Wed, 12 Oct 2022 10:02:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1878
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHDmpXCv8%2FrkpiDhKQoP6exJTe3UBJtJEEsnDW0foLKG67kdFOxZKUjdhoWswMQGQDh3WKo%2F7%2B%2Bdyw%2BYOXAc%2FcBR8Aq0bW6%2BiI%2BInU%2BUFDyf9fLoNZAxNx%2B9UIIQeLpMgHIp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3dff89b77731-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nudeclap.com/images/89/barely-legal-movie-teen-hd.jpg
200 OK 171 kB URL HTTP/2 www.nudeclap.com/images/89/barely-legal-movie-teen-hd.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=1], comment: "Lavc58.91.100", baseline, precision 8, 2133x1080, components 3\012- data
Size 171 kB (171325 bytes)
Hash 976254858b18a1f53aacc2c55701c09c
9afb1256dd247ae28da6a0011079d29dbec44fbf
dcc9ac11c2ea7769978d30faf8da52edf86fb3310a6ad600d2eee9ffe2f85f86
GET /images/89/barely-legal-movie-teen-hd.jpg HTTP/1.1
Host: www.nudeclap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 171325
last-modified: Wed, 11 Nov 2020 21:44:21 GMT
etag: "5fac5b35-29d3d"
accept-ranges: bytes
X-Firefox-Spdy: h2
static.thisav.com/images/videothumbs/354803-1.jpg
200 OK 1.9 kB URL HTTP/2 static.thisav.com/images/videothumbs/354803-1.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 711d8a540032a52c8e8b14df2ac95639
c2841a5e7e513503536f8e90d3da51f78c18bf69
2c32c5de699a20bd6fbfe52d580c02f28e5e836ebb470fe87c89ce3495ee34f6
GET /images/videothumbs/354803-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/webp
content-length: 1898
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10801
content-disposition: inline; filename="354803-1.webp"
etag: "5add9389-2a31"
expires: Mon, 12 Dec 2022 04:03:49 GMT
last-modified: Mon, 23 Apr 2018 08:04:25 GMT
vary: Accept
cf-cache-status: HIT
age: 1319631
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gu9MHPITzGK%2FS2qeGSJWSzD9tV5140Bbs66odRjY4d3TI1JY08Ff1GEp%2Bay6UUOOFr%2BCyViRouI97JGU4D5l6PqDghSerm%2FP48Sje%2FydSBdDxfnIhiJKdzyQsw8RARfHiB3y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3dff7826b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y0ofyT6UcPjB8mfRR1VMjHSTW64Qb_EQ0rrjsOdbby1CG-xMIFJMPw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:49:19 GMT
age: 46230
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash c66b1bfa05388f12f1cfafd70957ba16
12acbf0bd7652d4a054a8db80c1fb8d7f06f9cf2
8bcee6604c3bbd38704c99bd2e6bc12fbaafa47ae8a315c56ce068b467a3132b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6134
Cache-Control: max-age=121870
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63825f8d-117"
Expires: Mon, 28 Nov 2022 20:30:59 GMT
Last-Modified: Sat, 26 Nov 2022 18:48:45 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 33d3ca17-7878-4897-a634-5f626a64e820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJ40OEOqIAMFaOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380a1b4-040288d571fc10b96d893fa4;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 11:06:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: f_U8KSYET6kaKAPbEV7sHW0tO6JGijsqUvghniwzFCRd2YGQjVlFoA==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 10:16:35 GMT
age: 1394
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.sokmil.com/image/product/pef_mnk0238_01_150x_T1593567421.jpg
200 OK 3.7 kB URL HTTP/2 img.sokmil.com/image/product/pef_mnk0238_01_150x_T1593567421.jpg
IP
ASN #2497 Internet Initiative Japan Inc.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x210, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 17af62a12fc04047f4a3eefc88c8e833
f66ad55b81b7b78a028a90a7162c42e7bd9bf528
b8aa9174fafd1d8727e92238453c7859424a3bf6dff36615b50a893707e700ea
GET /image/product/pef_mnk0238_01_150x_T1593567421.jpg HTTP/1.1
Host: img.sokmil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/webp
content-length: 3670
last-modified: Tue, 26 Oct 2021 08:49:33 GMT
etag: "6177c11d-e56"
expires: Sun, 19 Nov 2023 02:04:30 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
vary: Accept
X-Firefox-Spdy: h2
img-cf.xvideos-cdn.com/videos/thumbs169ll/6b/ba/8f/6bba8f310556ea7264ff4f22c0105d0d-2/6bba8f310556ea7264ff4f22c0105d0d.9.jpg
200 OK 8.3 kB URL HTTP/2 img-cf.xvideos-cdn.com/videos/thumbs169ll/6b/ba/8f/6bba8f310556ea7264ff4f22c0105d0d-2/6bba8f310556ea7264ff4f22c0105d0d.9.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 352x198, components 3\012- data
Hash 1981a8f5602344c37064c8f13f68520b
5f4b019043e997cd6453f30a5415d3f2ac25baf7
83025922eda440699395f8718f58ee3ce8bcea0a95eedba6a9158dbb296075af
GET /videos/thumbs169ll/6b/ba/8f/6bba8f310556ea7264ff4f22c0105d0d-2/6bba8f310556ea7264ff4f22c0105d0d.9.jpg HTTP/1.1
Host: img-cf.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 8306
cf-ray: 770a3e001ff9fabc-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 536940
cache-control: public, max-age=10368000
expires: Mon, 27 Mar 2023 10:39:49 GMT
last-modified: Tue, 30 Aug 2022 13:03:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
x-frame-options: sameorigin
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash fe4ca6c249f31532daff4ed7a9dd7755
4f0a6682ac388fd3a5110ee0314bc1404d8c8fba
4b36d6c592429a9af83266204fe4e2e3b872c31b11b9d0538f65e74b33c5d745
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4391
Cache-Control: max-age=118006
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63825744-118"
Expires: Mon, 28 Nov 2022 19:26:35 GMT
Last-Modified: Sat, 26 Nov 2022 18:13:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
subo228.com/20221106/UAHvgUzl/1.jpg
200 OK 29 kB URL HTTP/1.1 subo228.com/20221106/UAHvgUzl/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x239, components 3\012- data
Hash 67f8c7146707e37953102d980bba91f0
1d3a4149465713143638be54f377ac060f21f5db
f5e8a585b87c908367223c996fbbc6b895bb8c201550fd10ede069ce502d1fa4
GET /20221106/UAHvgUzl/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: image/jpeg
Content-Length: 28897
Last-Modified: Fri, 25 Nov 2022 03:53:42 GMT
Connection: keep-alive
ETag: "63803c46-70e1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 280 B IP
Hash e1fce7d32f91daaefb17f37568eb54bf
bf61f22566723016adc47852a01402dd862aa573
095f5e33d6671e285570222cdb912d6fa87863226db30d8bb51d8105403e8c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6515
Cache-Control: max-age=120463
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:49 GMT
Etag: "63825891-118"
Expires: Mon, 28 Nov 2022 20:07:32 GMT
Last-Modified: Sat, 26 Nov 2022 18:18:57 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
img.bigcloud.cyou/thumb/402061.jpg
200 OK 32 kB URL HTTP/2 img.bigcloud.cyou/thumb/402061.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 150x300, components 3\012- data
Hash e158e73e8cc706032cace746fa57b373
7af0ed5eabd8ca8dd6a46ace6f49af9b46fbf096
9591fe6e71fcd4515ed4e68966db898780f2e3b62aa8965f7169d67b347564d6
GET /thumb/402061.jpg HTTP/1.1
Host: img.bigcloud.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
date: Sun, 27 Nov 2022 10:37:28 GMT
content-type: image/jpeg
content-length: 32460
last-modified: Wed, 07 Oct 2020 22:10:38 GMT
etag: "5f7e3cde-7ecc"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.xiusebf9.com/upload/vod/20221027-1/c76f6d0eed64d2c31641dfae5797fede.jpg
200 OK 79 kB URL HTTP/2 img.xiusebf9.com/upload/vod/20221027-1/c76f6d0eed64d2c31641dfae5797fede.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 085b3ccbe6439f0ca2fb8e5d9d6a2812
9544b5cf4d3a1a353da0d34da4c286636311c65b
6cb756fe5e2ecbe566d3007bcf46c3aed73c3dd04d6740a36d60df09856068c7
GET /upload/vod/20221027-1/c76f6d0eed64d2c31641dfae5797fede.jpg HTTP/1.1
Host: img.xiusebf9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/webp
content-length: 79248
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=90913
content-disposition: inline; filename="c76f6d0eed64d2c31641dfae5797fede.webp"
etag: "6359cbea-16321"
expires: Sun, 25 Dec 2022 19:23:33 GMT
last-modified: Thu, 27 Oct 2022 00:08:10 GMT
vary: Accept
cf-cache-status: HIT
age: 141376
accept-ranges: bytes
server: cloudflare
cf-ray: 770a3e0068a4b512-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 713110b0838936ab9b0cd24708b26b66
2e48b089adc155cd198aedf7b0bb51c044f09eba
b4e10306bea541ea65250d957a3ea3b20b0fb2f66e5ceaec93cd9e954aeecc64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4E10306BEA541EA65250D957A3EA3B20B0FB2F66E5CEAEC93CD9E954AEECC64"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10970
Expires: Sun, 27 Nov 2022 13:42:39 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/10/qnyv5lqy04g.jpg
200 OK 14 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/10/qnyv5lqy04g.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 58d758bc277e8a4dacc099d1db1ebd16
98ee3b2c75fc58f459898ce9f6bac1c94bd8be74
56088ff13b5d894f4ab726fda1d56b8c064eef7b871dfd77ddc7a9bfb5c78729
GET /upload/vod/2022/10/qnyv5lqy04g.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 13612
cf-bgj: h2pri
etag: "634690a5-352c"
last-modified: Wed, 12 Oct 2022 10:02:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4306
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qreBaOe3KSvV8EdGE1tSSvZF8Fh5jkkr%2Fl1Ryw7unqrcXQTJ81zUWpYFEuDZDBNCds47dYCtwJoUEgrFAUeJYtZrDG21qsXNf4mTEwPYnjlshJRys3vXnFf%2B%2BUIeeSkEgg%2Fe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e006aef7731-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 713110b0838936ab9b0cd24708b26b66
2e48b089adc155cd198aedf7b0bb51c044f09eba
b4e10306bea541ea65250d957a3ea3b20b0fb2f66e5ceaec93cd9e954aeecc64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4E10306BEA541EA65250D957A3EA3B20B0FB2F66E5CEAEC93CD9E954AEECC64"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10970
Expires: Sun, 27 Nov 2022 13:42:39 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 32ff3bb0b85df894ce711c3d658c3cf6
be53c4908173a18f247b82306a604cb26cb18649
dafdbab07d6e2e93c820762bd7397dbc8bc0ceb143ef5f47554eccb79ff1915b
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 01 Dec 2022 07:55:01 GMT
ETag: "be53c4908173a18f247b82306a604cb26cb18649"
Last-Modified: Sun, 27 Nov 2022 07:55:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1031
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3e009feb0b61-OSL
thumbs.7dakcdn.com/resimler/b/996673/%C3%A7illi-%C3%BCvey-k%C4%B1z-karde%C5%9Fini-yalayarak-sikiyor.jpg
200 OK 49 kB URL HTTP/2 thumbs.7dakcdn.com/resimler/b/996673/%C3%A7illi-%C3%BCvey-k%C4%B1z-karde%C5%9Fini-yalayarak-sikiyor.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Hash 3e85ad087a4db248c016e6eb28b8da78
4bce27f64ea2f91511544808391de84fd4cbf105
b522353418800b9d4558e69b1f766d406778c14b6340bb71d87904a79c02885b
GET /resimler/b/996673/%C3%A7illi-%C3%BCvey-k%C4%B1z-karde%C5%9Fini-yalayarak-sikiyor.jpg HTTP/1.1
Host: thumbs.7dakcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 49369
last-modified: Fri, 15 Jan 2021 12:05:21 GMT
vary: Accept-Encoding
etag: "60018501-c0d9"
expires: Thu, 01 Dec 2022 08:21:10 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2254719
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S5KK%2Fgzy5lKXFnzPog0QqGVk1ysiyPTiV%2BLJJPTLyPWDPgBqkHfuYNTYpNwrBkRPug31V3tF1xeRxHPz6V9KLuVDJOPnc%2FJlDTmB0G2VM%2BT9wedyTnzTsisxS3SjqFniVh%2B0Ds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e00add0b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 8.3 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash f92be9bba4aa6f90c3da82179477bb42
732f8d74b86f57b3cfca90aba43036a630be345c
a2504f7ea4194a92e2df084237354c77fedeaf807c8f696109afd6a4b69541fe
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 01 Dec 2022 08:01:12 GMT
ETag: "11be39ecd4e508f178477864a54a10f4cc735a6b"
Last-Modified: Sun, 27 Nov 2022 08:01:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2197
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3e00c8210b61-OSL
img.qdrama.top/vod/20220503-1/3ceefa0eb8c99f6ec4274b471c802e06.jpg
200 OK 23 kB URL HTTP/1.1 img.qdrama.top/vod/20220503-1/3ceefa0eb8c99f6ec4274b471c802e06.jpg
IP
File type JPEG image data, progressive, precision 8, 186x268, components 3\012- data
Hash 1d5fa1c97cb40cc2d67e911b7274d287
6e8e5c257956b12c2513bf4d572a59df93674dea
591815e7ad91708d374d133e2e5255fe0df2d56bc8eeb1d277d8a2968d6ad19c
GET /vod/20220503-1/3ceefa0eb8c99f6ec4274b471c802e06.jpg HTTP/1.1
Host: img.qdrama.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: image/jpeg
Content-Length: 22908
Connection: keep-alive
Cache-Control: max-age=2592000
Cf-Bgj: imgq:100,h2pri
Cf-Polished: origSize=24701, status=webp_bigger
ETag: "6270e02d-607d"
Expires: Tue, 27 Dec 2022 08:53:05 GMT
Last-Modified: Tue, 03 May 2022 07:56:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: HIT
Age: 3218
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFd%2FtkIsotudNiu9g3fsmMVkRUm2%2FxVlbdSsvyFbPwPeQ1Gjw6lAJuhmp0yHeSMeg2fH4L56cWL00GJA6SltmLN361JM%2BNhU%2FCaIDAhNRuSuiKBMoP7p%2BBSs9zce21gRmA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 770a3e00aed5b503-OSL
twitterdouga.com/_next/image?url=https://pbs.twimg.com/amplify_video_thumb/1578326706703589377/img/dNRecInql48J3_7R.jpg&w=640&q=75
200 OK 14 kB URL HTTP/2 twitterdouga.com/_next/image?url=https://pbs.twimg.com/amplify_video_thumb/1578326706703589377/img/dNRecInql48J3_7R.jpg&w=640&q=75
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5a7ad14de4f9e9a12bcf410bfba7f728
82293d2c654aaaf03ca51fd603a58426f8da80c4
18d09d6fc742a9203a3ec07e32698ec3ac2e2c7c992db94aa9d04dcec3b6908c
GET /_next/image?url=https://pbs.twimg.com/amplify_video_thumb/1578326706703589377/img/dNRecInql48J3_7R.jpg&w=640&q=75 HTTP/1.1
Host: twitterdouga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 411911
cache-control: public, max-age=604800
content-disposition: inline; filename="dNRecInql48J3_7R.webp"
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
content-type: image/webp
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 16:14:38 GMT
last-modified: Tue, 22 Nov 2022 16:14:38 GMT
server: Vercel
strict-transport-security: max-age=63072000
vary: Accept
x-imgix-render-farm: 01.592
x-matched-path: /_next/image
x-vercel-cache: HIT
x-vercel-id: arn1::nwrt8-1669545589900-7758ad17d1d4
content-length: 13648
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 19f740df0ba18008a966ab33d67ae345
11be39ecd4e508f178477864a54a10f4cc735a6b
01a0947094477c25d800d249cd86451aad7d3d2000680cde458ffa49d7f5f50c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 01 Dec 2022 08:01:12 GMT
ETag: "11be39ecd4e508f178477864a54a10f4cc735a6b"
Last-Modified: Sun, 27 Nov 2022 08:01:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2197
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3e00e8660b61-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 32ff3bb0b85df894ce711c3d658c3cf6
be53c4908173a18f247b82306a604cb26cb18649
dafdbab07d6e2e93c820762bd7397dbc8bc0ceb143ef5f47554eccb79ff1915b
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 01 Dec 2022 07:55:01 GMT
ETag: "be53c4908173a18f247b82306a604cb26cb18649"
Last-Modified: Sun, 27 Nov 2022 07:55:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1031
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3e00fc54b4f3-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 19f740df0ba18008a966ab33d67ae345
11be39ecd4e508f178477864a54a10f4cc735a6b
01a0947094477c25d800d249cd86451aad7d3d2000680cde458ffa49d7f5f50c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 01 Dec 2022 08:01:12 GMT
ETag: "11be39ecd4e508f178477864a54a10f4cc735a6b"
Last-Modified: Sun, 27 Nov 2022 08:01:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2197
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3e010940b512-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a4ade826c5e12e896dec1320642ccfa4
cbb022dc7f4640dab9dd54a3188b23a447e0ed6e
72d0a15a3419398b6fc1aaa3f07c5f598d5fc5c6765fe3d6ffaa648f154d8715
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72D0A15A3419398B6FC1AAA3F07C5F598D5FC5C6765FE3D6FFAA648F154D8715"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=924
Expires: Sun, 27 Nov 2022 10:55:13 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 148d7916502dccb2fccc2f8f5e052797
6e257a4f022850f0ecbf443a3923a70337b4f1d8
e343248f41bd5a3869d678b887610d25af10b61fdb3b39d999dd5d039d02ad61
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E343248F41BD5A3869D678B887610D25AF10B61FDB3B39D999DD5D039D02AD61"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2250
Expires: Sun, 27 Nov 2022 11:17:19 GMT
Date: Sun, 27 Nov 2022 10:39:49 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/10/rop1syn5zpl.jpg
200 OK 13 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2022/10/rop1syn5zpl.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash bd1934626b1e75409b0d8e3b1fc7e89a
e8a4214456ffa07acbcbc19018b1117dee08d152
eec49b4245859db2b70eba890eb95d08893dd9ab6cc049c3495cb56a9f1b5add
GET /upload/vod/2022/10/rop1syn5zpl.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 13432
cf-bgj: h2pri
etag: "634690aa-3478"
last-modified: Wed, 12 Oct 2022 10:02:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3605
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtrVxuNVRMlMhXBPxK2oD%2FDn5Pwe%2FdtrSRWu6un4d4tOcGbvmpJ3sPxO2CiFJDtIB%2FHbItwa0gDlJlBGVqehHUOxnRiSB7f57ODppQ92%2Bc0pPjs9olSdPDSvJS%2F%2BZRVPo8Zb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e015c277731-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
moav.com/contents/videos_screenshots/19000/19012/preview.jpg
200 OK 136 kB URL HTTP/2 moav.com/contents/videos_screenshots/19000/19012/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 1280x720, components 3\012- data
Size 136 kB (135617 bytes)
Hash 87788bf0ca0304a55efc8fefbcaced23
9a09a0dc61bc0f2579108545c6a0a99080829e84
6182d4e6960ff2aae490e55879ea067321b0b32c3d01d69f75db3d5d05972592
GET /contents/videos_screenshots/19000/19012/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 135617
last-modified: Thu, 24 Mar 2022 23:52:57 GMT
etag: "623d0459-211c1"
expires: Wed, 21 Dec 2022 09:58:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 520860
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkrRKzObEJwYv2kp%2FN99ogIioIM2TdqFXz%2BgOGNXYanEzNpD50JaeaBplLaWDG73k7oN98Zo%2FxAM6Yn2m%2FpdM4bMPjJ74Ve%2FfuL40DXWugHGkbE4D70uDnGPMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e015f7ddc31-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pic32.msn90.com/pic/20220527/a83488d219274d9228297f4698d1b2e0/1.jpg
200 OK 14 kB URL HTTP/2 pic32.msn90.com/pic/20220527/a83488d219274d9228297f4698d1b2e0/1.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.134.100", baseline, precision 8, 480x640, components 3\012- data
Hash f90773161b291e31d5e74607bd4a7bfe
cde3e0902546a9addcc2613c18176c5102413b69
5aeefd02f23741a6187980eb0ee8f77c503c2c570fa865731898f17d8668111d
GET /pic/20220527/a83488d219274d9228297f4698d1b2e0/1.jpg HTTP/1.1
Host: pic32.msn90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: https://www.xzylm.com
date: Thu, 24 Nov 2022 07:00:33 GMT
content-type: image/jpeg
content-length: 14381
last-modified: Fri, 27 May 2022 04:44:03 GMT
cache-control: max-age=2592000
accept-ranges: bytes
etag: "62905713-382d"
expires: Sat, 24 Dec 2022 07:00:33 GMT
age: 272356
via: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])
X-Firefox-Spdy: h2
img.ukuapi.com/upload/vod/20220711-1/4399356ace93e347e91e14522112c11d.jpg
200 OK 22 kB URL HTTP/2 img.ukuapi.com/upload/vod/20220711-1/4399356ace93e347e91e14522112c11d.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 200x300, components 3\012- data
Hash 126bc6e793ede62d6c84b763a826808c
dc169345bd5580ae8bba8cf0f9d7292b5ab539fd
3036d39e17c7deadd15136fdd00b69c86a42e81816266b7aaf2cd2da4b1482e5
GET /upload/vod/20220711-1/4399356ace93e347e91e14522112c11d.jpg HTTP/1.1
Host: img.ukuapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 21949
cache-control: max-age=31536000
cf-bgj: h2pri
etag: "62cbe707-55bd"
expires: Mon, 28 Nov 2022 05:06:35 GMT
last-modified: Mon, 11 Jul 2022 09:01:59 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2525594
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoXSczEbxaxhaxO7TGsmvUX7sktkN1sen7d9ZsmVGclur0iDd3o3yCpBCsltHajcJIEENJigQXrik5noekXMtiXEiNhjbePfxd7Yyu1sgpuM63HT%2FfgR9u0%2BPvfBhhFEYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e016edcb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 349a6975c374fd0c24e26be61d29f590
29da35c0762aae7336cdaa53314b5608c4cb3807
3ef3ee6cc65bbaa1e7b4b8b6b5a90dd09e9fd67bd77c9ce274b68702d55e71d7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3EF3EE6CC65BBAA1E7B4B8B6B5A90DD09E9FD67BD77C9CE274B68702D55E71D7"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Sun, 27 Nov 2022 12:00:12 GMT
Date: Sun, 27 Nov 2022 10:39:50 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 406eb3c3a2c40f143a748ad92709e3c3
26f62fc5f90e4afee766dda5ace0d48c8a1863de
856876fd27cb3cac58813e7b943b70dc0e7fd36587c9673e6e1904d10a139d53
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 14:30:27 GMT
Expires: Fri, 02 Dec 2022 14:30:26 GMT
Etag: "26f62fc5f90e4afee766dda5ace0d48c8a1863de"
Cache-Control: max-age=445236,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a3e014e81b4fd-OSL
static.thisav.com/images/videothumbs/626477-1.jpg
200 OK 4.1 kB URL HTTP/2 static.thisav.com/images/videothumbs/626477-1.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9428751ff80ee2a4d8b9fbb262b44dcf
76a4be47816dba9554e0cb00e65ed0b6933b3394
e6a3b8737a349f6674aa36439d2fd751b7f75d5f4db400d951020b780abcb9f2
GET /images/videothumbs/626477-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/webp
content-length: 4146
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=16808
content-disposition: inline; filename="626477-1.webp"
etag: "62b04d53-41a8"
expires: Sun, 25 Dec 2022 09:59:15 GMT
last-modified: Mon, 20 Jun 2022 10:34:59 GMT
vary: Accept
cf-cache-status: HIT
age: 175103
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SOgjM1ElOSAC52YlCTZcxyLG5MdoclzF7rJeY0vYry9Wy6cGzs9IfcDF1rQcQ0sD1XDNDmh%2Bvh7xMbVmcsfWqlUznWwtrBXiyOseehk8iBZnvFUT4Fy8rZgoF0UU2DkGcRL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e01bb4cb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn9.hifiporn.fun/picture/original/nUE0pUZ6Yl9xnF5jnT5wMT-hL_9gY3McMTIipl8lZQVlZQtiZwDiAQR0ZmNmZQRkY3EbqJ1vp181YlugCJIUGzEVM_SuLJRcXT1bCKIcnSELZ3IfpKEyryZ5qJ-cZGLhnaOaXFfbXRucEzyDo3WhYzM1ovysoJIaozEbM_SuLJSgnUIcnUE-Z3IfpKEyraZ5qJ-kAv5dpTp5v7P/(HiFiPorn.fun)_hot-stepmom-indonesiaatribut-ibu-cantik-bokong-besar-preview-6.jpg
200 OK 14 kB URL HTTP/2 cdn9.hifiporn.fun/picture/original/nUE0pUZ6Yl9xnF5jnT5wMT-hL_9gY3McMTIipl8lZQVlZQtiZwDiAQR0ZmNmZQRkY3EbqJ1vp181YlugCJIUGzEVM_SuLJRcXT1bCKIcnSELZ3IfpKEyryZ5qJ-cZGLhnaOaXFfbXRucEzyDo3WhYzM1ovysoJIaozEbM_SuLJSgnUIcnUE-Z3IfpKEyraZ5qJ-kAv5dpTp5v7P/(HiFiPorn.fun)_hot-stepmom-indonesiaatribut-ibu-cantik-bokong-besar-preview-6.jpg
IP
ASN #399045 DEDIOUTLET-NETWORKS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash 1fb82bf62c69e57fa05f8f19fdc3dba5
f0417df64c1519c4f19d1f108cbc73596d171207
a0ad36ba3a3301eae6ddf022971785292815016df34bbabb09525d77fdbccb65
GET /picture/original/nUE0pUZ6Yl9xnF5jnT5wMT-hL_9gY3McMTIipl8lZQVlZQtiZwDiAQR0ZmNmZQRkY3EbqJ1vp181YlugCJIUGzEVM_SuLJRcXT1bCKIcnSELZ3IfpKEyryZ5qJ-cZGLhnaOaXFfbXRucEzyDo3WhYzM1ovysoJIaozEbM_SuLJSgnUIcnUE-Z3IfpKEyraZ5qJ-kAv5dpTp5v7P/(HiFiPorn.fun)_hot-stepmom-indonesiaatribut-ibu-cantik-bokong-besar-preview-6.jpg HTTP/1.1
Host: cdn9.hifiporn.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
content-length: 13794
accept-ranges: bytes
last-modified: Sun, 27 Nov 2022 10:39:49 GMT
cache-control: max-age=8640000
expires: Tue, 07 Mar 2023 10:39:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
static.thisav.com/images/videothumbs/609077-1.jpg
200 OK 3.4 kB URL HTTP/2 static.thisav.com/images/videothumbs/609077-1.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 39f51d4bf1f6d6c3c998f790d07ad2e0
4fa32aacfd5e02da3f3800c6be07a33307ae4c2a
e3d0f320a418f7d97701da3b2cb49e69572a0a8a8153737b4f3c0755ed95140a
GET /images/videothumbs/609077-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/webp
content-length: 3352
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=15643
content-disposition: inline; filename="609077-1.webp"
etag: "6209ed0c-3d1b"
expires: Mon, 28 Nov 2022 00:35:12 GMT
last-modified: Mon, 14 Feb 2022 05:47:56 GMT
vary: Accept
cf-cache-status: HIT
age: 2541754
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4v%2B0dI9KVxnYLaJQuW3kV7jlwsYGkU%2BI6Q95EpxkR8ahI91DhWlUfoFQT3TnVpn%2FqD38HRUo%2FBAZne7ys%2Fkn9vAN1%2Fl4%2FxPIl8iE0O0NzHjJBgHAd%2FUHVYUfl3i5%2FuS%2BVK0r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e01fba0b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.thisav.com/images/videothumbs/638739-1.jpg
200 OK 1.4 kB URL HTTP/2 static.thisav.com/images/videothumbs/638739-1.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c226be577c97350813b5b1ebc4f6e44
95632ec0a93ea12b820e12cd699ac535546e35a6
8a73a4fb422dceae270942b3363f7f87e3083b3787ee1be480c4b7d07942afa7
GET /images/videothumbs/638739-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/webp
content-length: 1368
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10050
content-disposition: inline; filename="638739-1.webp"
etag: "631f734f-2742"
expires: Fri, 23 Dec 2022 03:25:21 GMT
last-modified: Mon, 12 Sep 2022 17:58:39 GMT
vary: Accept
cf-cache-status: HIT
age: 371538
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUb1USxEckntqh8qG6eIkdA%2BSOcTGF93SZSd3W%2Ff3g2B5JgxzwmSoLmesttTfDnp5D7w%2FstiWdoa61jJHPC%2BEWF4rSFOyokJKDqIJ1s1zT0DI%2FBbASNLe5V2TqFe0jrXbElC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e022beeb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hentaiprn.b-cdn.net/wp-content/uploads/2019/03/Kuroinu-3.jpg
200 OK 50 kB URL HTTP/2 hentaiprn.b-cdn.net/wp-content/uploads/2019/03/Kuroinu-3.jpg
IP
ASN #34989 ServeTheWorld AS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 834x651, components 3\012- data
Hash aeda2874c694ad6dd607451ed80353cf
70eaaf21904d25955e430662ef1e8e858bba5f69
7a516b5fb61a44febbe044391a882d2127978f82e2ddd39218e14eecfefeb7e8
GET /wp-content/uploads/2019/03/Kuroinu-3.jpg HTTP/1.1
Host: hentaiprn.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/jpeg
content-length: 50044
server: BunnyCDN-NO1-830
cdn-pullzone: 961623
cdn-uid: e010e020-dd00-441b-8c13-e1874b59f38e
cdn-requestcountrycode: NO
age: 2486
alt-svc: h3=":443", h3-29=":443"
cache-control: max-age=31536000
etag: "6050c382-c37c"
last-modified: Tue, 16 Mar 2021 14:41:06 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sG7WRuZl4nk7DEvj%2FCQuUB6dP4TiiOADhGmMvCkoIUHoq5eHwCN8ehQJ8WiX7ny5ZJMIIaO4TyXRQuwYZY%2FLxURhnoI5FNQT9ulaGLqoYT7XHqoe%2FIGSA%2FSYGH4IoxsN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 76f4e1b47b0fb51b-OSL
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/24/2022 20:26:48
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1d8bdc423f653c0f142f89a3168d54fb
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.thisav.com/images/videothumbs/327858-1.jpg
200 OK 3.0 kB URL HTTP/2 static.thisav.com/images/videothumbs/327858-1.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fade82a9f1b7c8e204dc821df6ca1b76
af7585609e373cead82957dd82bde4d648397be5
b5fb5c2d8a7723d4c1948075ec74a25d8e07b7ab504a7298d4b821ae13373e1f
GET /images/videothumbs/327858-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/webp
content-length: 2996
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14237
content-disposition: inline; filename="327858-1.webp"
etag: "5a0f10d6-379d"
expires: Sat, 10 Dec 2022 17:29:13 GMT
last-modified: Fri, 17 Nov 2017 16:39:50 GMT
vary: Accept
cf-cache-status: HIT
age: 1444109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vlNrFCw2ITNdeP69PT62bawEIM8NBjY1bBCRaREOXeXhXj9%2FjyjtkmKexdVTolvP57BpyOZ%2B%2BKRkPGWkrpQU5foHf%2BqueIcLbcon6Jz4qvmIkdwgFYZalWNb%2FZqj6cHpbgi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e023bfdb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 458f983def6f76d2c8ccf039f2db90d7
cb929b5c6bde46970cfb24af92639360b69dfe33
a1b6fe8a046c762d8ede6aceb7495544814cda611acba1fe50910dba3b1fe2ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4531
Cache-Control: max-age=123533
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:50 GMT
Etag: "63826c50-117"
Expires: Mon, 28 Nov 2022 20:58:43 GMT
Last-Modified: Sat, 26 Nov 2022 19:43:12 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
sycdn.comtucdncom.com/upload/vod/20210402-1/3f11a75ffe28c191ba465a51e92e0447.jpg
429 Too Many Requests 634 B URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20210402-1/3f11a75ffe28c191ba465a51e92e0447.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d3f2bf8363d56bd576a1f71dc0432e5d
30b76e2993009160de6155b088a64020f77c47b3
c4bff7e6b49aadb92d1b4700cebb1b93d8d563d84b87901285c752c4ebbac1ca
GET /upload/vod/20210402-1/3f11a75ffe28c191ba465a51e92e0447.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: Tengine
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 634
Connection: keep-alive
www.nsfwnudes.com/previews/1/b785b833e2ebc9eb05e2106e24b21fd1.jpg
200 OK 22 kB URL HTTP/1.1 www.nsfwnudes.com/previews/1/b785b833e2ebc9eb05e2106e24b21fd1.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, baseline, precision 8, 360x640, components 3\012- data
Hash 59aa17984b8448c158b8e83e787a3b0f
e197442466bee36fe112abbb98e4dd927408d783
6a5858f83dfdd9a277e4f648d853ce1647be24313018c9ed510a5dfee50d1844
GET /previews/1/b785b833e2ebc9eb05e2106e24b21fd1.jpg HTTP/1.1
Host: www.nsfwnudes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/jpeg
Content-Length: 21704
Last-Modified: Thu, 05 Mar 2020 11:43:48 GMT
Connection: keep-alive
ETag: "5e60e5f4-54c8"
Expires: Tue, 27 Dec 2022 10:39:50 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 278 B IP
Hash 48d97025de34714a78219538b71f1040
64ba68662c8682b0c5b1077a68026c0bc4486f26
db1575cc33b788d0cd49f0bbfc20dac2c07de955d07f542057ce440e2b836e6c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3627
Cache-Control: max-age=143859
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:50 GMT
Etag: "6382bf3e-116"
Expires: Tue, 29 Nov 2022 02:37:29 GMT
Last-Modified: Sun, 27 Nov 2022 01:37:02 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 313 B IP
Hash 0e766078c27bbaa2e6c8f41e9c4e6969
ad91efb26f1ed74da1d1b117e4a630e455a79e73
75ba69708fc1a0eeefc840324c09e7b3e2186d7cd70290d589ff69ddb93441ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4988
Cache-Control: max-age=87241
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:50 GMT
Etag: "6381dcc3-139"
Expires: Mon, 28 Nov 2022 10:53:51 GMT
Last-Modified: Sat, 26 Nov 2022 09:30:43 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ocsp.sectigo.com/
200 OK 472 B IP
Hash 1c61dbb2a70a407e22104aba90c617ae
7aa827267fa616714872db6e43b4283de46f6005
9c766d81754b4e8e1dfee8c9093b462ce5897e6448affa7e9370b85cedc5c0e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 06:07:50 GMT
Expires: Sat, 03 Dec 2022 06:07:49 GMT
Etag: "7aa827267fa616714872db6e43b4283de46f6005"
Cache-Control: max-age=501479,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a3e002d23b517-OSL
jukujo69.jp/wp-content/uploads/2022/02/cropped-jukujologo.png
200 OK 3.2 kB URL HTTP/2 jukujo69.jp/wp-content/uploads/2022/02/cropped-jukujologo.png
IP
ASN #7506 GMO Internet,Inc
File type PNG image data, 200 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a5c4bb39eea5a9efe94641740af6723
e74f584b2060d1b704bb35129c19c8ecbf5a5ce0
c786f01b7025968802234a5d1b1a28d7db0254d85b320b9801fe9ddbe81903b7
GET /wp-content/uploads/2022/02/cropped-jukujologo.png HTTP/1.1
Host: jukujo69.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 10:39:50 GMT
content-type: image/png
last-modified: Thu, 24 Feb 2022 07:20:20 GMT
accept-ranges: bytes
content-length: 3194
date: Sun, 27 Nov 2022 10:39:50 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
pics.dmm.co.jp//digital/video/arm00514/arm00514pl.jpg
200 OK 185 kB URL HTTP/1.1 pics.dmm.co.jp//digital/video/arm00514/arm00514pl.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x535, components 3\012- data
Size 185 kB (185333 bytes)
Hash 22a48a1197b9af3d17236e57f7b940d8
3245da40407e36d71c296258fa4caa77ece32446
bae12cbda858f95c97922b1eb634b7cb007b4e3cd617d8963575bb558aa54d0a
GET //digital/video/arm00514/arm00514pl.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 27 Nov 2022 10:39:49 GMT
Content-Type: image/jpeg
Content-Length: 185333
Connection: keep-alive
Last-Modified: Wed, 20 Apr 2016 07:40:58 GMT
ETag: "5717328a-2d3f5"
X-Pics-Origin: digital-master
X-Cache-Status: HIT
Set-Cookie: app_uid=ygb2CmODPnVC6Hv+4MtuAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
Accept-Ranges: bytes
img.biguz.net/11752071b906f91c42e98c948cd26bf0.jpg
403 Forbidden 146 B URL HTTP/2 img.biguz.net/11752071b906f91c42e98c948cd26bf0.jpg
IP
ASN #14576 HOSTING-SOLUTIONS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9fe3cb2b7313dc79bb477bc8fde184a7
4d7b3cb41e90618358d0ee066c45c76227a13747
32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864
GET /11752071b906f91c42e98c948cd26bf0.jpg HTTP/1.1
Host: img.biguz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Sun, 27 Nov 2022 10:37:27 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
booru.allthefallen.moe/data/preview/4e/d8/4ed843e781f52ff457d9685a8d662d88.jpg
200 OK 6.0 kB URL HTTP/2 booru.allthefallen.moe/data/preview/4e/d8/4ed843e781f52ff457d9685a8d662d88.jpg
IP
File type JPEG image data, progressive, precision 8, 150x84, components 3\012- data
Hash 34a29994b1f7690e4ec77371d10f7f91
26a97a8b3e1b3b9dfaa8498e501833900982003b
14ac4e315e8596f17ee86eb676a256abf7fd5a0bf0ac4ffb7cb11980180e19ab
GET /data/preview/4e/d8/4ed843e781f52ff457d9685a8d662d88.jpg HTTP/1.1
Host: booru.allthefallen.moe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/jpeg
content-length: 5982
last-modified: Sat, 26 Feb 2022 02:57:52 GMT
etag: "62199730-175e"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
thisav.com/favicon.ico
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:50 GMT
Location: https://www.thisav.com/favicon.ico
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFlq%2FVpSdf4EzYxB5cSyshEXC%2F37ozz6Jk0MEegKj7rXktSHWidazeqR8lfwffx0KpHCrDX64SYZrGJktqU1W5rGsNxCvgXb7Yxc4B1R6vuIoB%2FJ96oUub%2Bro3g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3e03bafe0b61-OSL
alt-svc: h2=":443"; ma=60
chomikuj.pl/favicon.ico
200 OK 1.1 kB IP
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash b513e8cf150c117948b360910737829a
2faa64a928292b6610c24d124b228556918d9422
f10065b1ef7d122f763e7fe95150c015c75485c466a7538252d7b5a711713058
GET /favicon.ico HTTP/1.1
Host: chomikuj.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private
last-modified: Tue, 20 Sep 2022 12:19:04 GMT
etag: W/"cd1d792cebccd81:0"
set-cookie: guid=eb355904-748f-4089-9b15-e53620e79954; expires=Wed, 27-Nov-2024 10:39:50 GMT; path=/; HttpOnly; SameSite=Lax
rcid=5; expires=Mon, 27-Nov-2023 10:39:50 GMT; path=/; SameSite=Lax
x-server: m51
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a3e035b5fb4f4-OSL
Content-Encoding: gzip
pic.duga.jp/unsecure/planetplus/0242/noauth/jacket_240.jpg
200 OK 35 kB URL HTTP/1.1 pic.duga.jp/unsecure/planetplus/0242/noauth/jacket_240.jpg
IP
ASN #9370 SAKURA Internet Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 240x340, components 3\012- data
Hash 693d4659e8fd11e18bfd8af90fc14bf6
2cef678d211cb6f72410d7dcc28f0094fedf5e6c
ca74340dfd2d76147956a5ec0ddf232d8c281a9e6b39fb575f3fd30a93947416
GET /unsecure/planetplus/0242/noauth/jacket_240.jpg HTTP/1.1
Host: pic.duga.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/jpeg
Content-Length: 34937
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2016 15:15:30 GMT
ETag: "578f9592-8879"
Expires: Sat, 03 Dec 2022 15:06:26 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
subo228.com/20220925/4GqAraEa/1.jpg
200 OK 39 kB URL HTTP/1.1 subo228.com/20220925/4GqAraEa/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, software=www.meitu.com], baseline, precision 8, 426x239, components 3\012- data
Hash 28dade64cf817950adb49f02b0543861
faecd9a5cf9d326b7fd024a76036d63e55ec62c3
f492674a26598bff5345b6705d14b07c27e97000274e33b1331b794da4bb767f
GET /20220925/4GqAraEa/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/jpeg
Content-Length: 38965
Last-Modified: Fri, 25 Nov 2022 03:53:44 GMT
Connection: keep-alive
ETag: "63803c48-9835"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
subo228.com/20211210/uxk4CZvQ/1.jpg
200 OK 14 kB URL HTTP/1.1 subo228.com/20211210/uxk4CZvQ/1.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density -2874x-2941, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x569, components 3\012- data
Hash ec70090d8474fc2a4ba85d7f1dd60942
89c762b308bb4af7911f7b535a33bcb239842f97
0e0bc86a9c505dd9e4468e7416910a462adbc2cf947402617e6ce104b14c64f4
GET /20211210/uxk4CZvQ/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/jpeg
Content-Length: 14166
Last-Modified: Fri, 25 Nov 2022 03:53:49 GMT
Connection: keep-alive
ETag: "63803c4d-3756"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 279 B IP
Hash 5b203bd3b4d2debdd6fba2c9860b5589
d7b6b005b9878e39e2ea479d4fd2e99d1cb6942f
7790f15a93ce89d92fc4eb54c7f29f09caa84f553568d5b0c8ceafc480fb3c80
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5982
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:50 GMT
Last-Modified: Sun, 27 Nov 2022 09:00:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
pic.duga.jp/unsecure/intec/0349/noauth/jacket_240.jpg
200 OK 33 kB URL HTTP/1.1 pic.duga.jp/unsecure/intec/0349/noauth/jacket_240.jpg
IP
ASN #9370 SAKURA Internet Inc.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x340, components 3\012- data
Hash 05aa8184ecd1a1a4491e7ce66377eeb1
2058d28d1b6527b7137b5757c9b7e84937eeaa06
06e8b19efd064a9ccc69bdbb657504b4c6d4f38fc5efecdf7fe49f4dc6ff27e6
GET /unsecure/intec/0349/noauth/jacket_240.jpg HTTP/1.1
Host: pic.duga.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/jpeg
Content-Length: 33330
Connection: keep-alive
Last-Modified: Thu, 08 Feb 2018 10:37:35 GMT
ETag: "5a7c286f-8232"
Expires: Sun, 13 Nov 2022 01:02:27 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
subo228.com/20221121/cJhxjBGF/1.jpg
200 OK 40 kB URL HTTP/1.1 subo228.com/20221121/cJhxjBGF/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 426x237, components 3\012- data
Hash 42299eb4091641228312941919ee04e4
030da98704222fb8c834cb9a94de988426422ab5
43cfc000f37600659d0be0eec0e7e4deb334f9ed2644cc79610b13a924194ba1
GET /20221121/cJhxjBGF/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/jpeg
Content-Length: 40117
Last-Modified: Fri, 25 Nov 2022 03:53:43 GMT
Connection: keep-alive
ETag: "63803c47-9cb5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.nudeclap.com/favicon.ico
200 OK 1.4 kB URL HTTP/2 www.nudeclap.com/favicon.ico
IP
ASN #39572 DataWeb Global Group B.V.
File type MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel\012- data
Hash a390948e7c1bb9b1afd6df554d642bc3
94807e2d4e77109cfb598c1b4400a1dc3a1fe10f
89d6a2d39a99def303236f02e42f89b061d85aa6c50c1b56e14e7836a8b6f5a8
GET /favicon.ico HTTP/1.1
Host: www.nudeclap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/x-icon
content-length: 1406
last-modified: Tue, 09 Jun 2020 18:39:32 GMT
etag: "5edfd764-57e"
accept-ranges: bytes
X-Firefox-Spdy: h2
twitter.com/favicon.ico
200 OK 1.2 kB IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 630d203cdeba06df4c0e289c8c8094f6
eee14e8a36b0512c12ba26c0516b4553618dea36
bbce71345828a27c5572637dbe88a3dd1e065266066600c8a841985588bf2902
GET /favicon.ico HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:50 UTC
perf: 7626143928
server: tsa_o
set-cookie: guest_id=v1%3A166954559051765378; Max-Age=34214400; Expires=Thu, 28 Dec 2023 10:39:50 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0
content-length: 1150
x-transaction-id: 3c359ef07d96f7f9
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: b2ed11d8d9e0d27f4b8dd02b2ec8a5a3a1cba39c8bffe3367b0233ee1e7fbb58
X-Firefox-Spdy: h2
www.thisav.com/favicon.ico
301 Moved Permanently 0 B URL HTTP/1.1 www.thisav.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:50 GMT
Location: https://www.thisav.com/favicon.ico
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OD5qjpOTVZ28WUQeCYGNKXGIcyO5Wcl%2Bchw%2B4Ys8k8PJ%2B3heBJjwwnLSMX3274JsTk4zwNYSHb%2BxfREvBK%2FTZveE0B5tqF1O1hZwsTu1kgbUjEWXJNehLPOPPbBhvt90"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3e04fd18b503-OSL
alt-svc: h2=":443"; ma=60
douga100ka.net/sam/3584.jpg
200 OK 23 kB URL HTTP/2 douga100ka.net/sam/3584.jpg
IP
ASN #7506 GMO Internet,Inc
File type JPEG image data, JFIF standard 1.00, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x240, components 3\012- data
Hash 31c3b009022f87a4ea16c10f21cd3325
8dbfa79a05a77a228df6e3aeb8245fa7c32aada8
96edbf48862cd053e7144469ae2ba2c2f5914eeadc6311794daa4ede7a92eca3
GET /sam/3584.jpg HTTP/1.1
Host: douga100ka.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 10:39:50 GMT
content-type: image/jpeg
last-modified: Thu, 13 Dec 2018 15:00:00 GMT
accept-ranges: bytes
content-length: 22710
date: Sun, 27 Nov 2022 10:39:50 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.hlm1.com/favicon.ico
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.hlm1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:50 GMT
Location: http://www.honglm1.xyz/favicon.ico
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDH2F0ShFO0%2FnZ71SjUxKBP2WbHh2tL5Bu9MNynoiO%2BhfiAqO3BK6BtsFumz3Ujhj4dDBvywbCsndYLOZAFIikcq3NyRcgd9MQqiOUz8NutKSTUQ%2BwiXqt9Sahl2bS8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3e0549fc1bfe-OSL
alt-svc: h2=":443"; ma=60
pic.laoyapic.com/upload/vod/20220430-1/7af96fcb27d1a364a487f0595949d4a2.jpg
200 OK 9.1 kB URL HTTP/1.1 pic.laoyapic.com/upload/vod/20220430-1/7af96fcb27d1a364a487f0595949d4a2.jpg
IP
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 34a451be1b84d4992ca1cec1adcdebe8
d0fd736f5563ae140fe9766a63ccfe724d89b31d
18ec700ce7548370146349d009460bd54484365a707e1cda8a61e9566b45e7cd
GET /upload/vod/20220430-1/7af96fcb27d1a364a487f0595949d4a2.jpg HTTP/1.1
Host: pic.laoyapic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/jpeg
Content-Length: 9106
Last-Modified: Sat, 10 Sep 2022 18:23:12 GMT
Connection: keep-alive
ETag: "631cd610-2392"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/papaduanpian-img/avid58075592e16ad.jpg
429 Too Many Requests 614 B URL HTTP/1.1 sycdn.comtucdncom.com/papaduanpian-img/avid58075592e16ad.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7434592954fc0f096b14884206be61b2
4ce95afaac04e5534ed0589d7623886d8921c0b3
ff9c8848b0c66adf30d4481685e7a2ad73de6a0028d8c2d879260757d8a04fef
GET /papaduanpian-img/avid58075592e16ad.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: Tengine
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 614
Connection: keep-alive
pics.dmm.co.jp/digital/video/mum00134/mum00134jp-3.jpg
200 OK 95 kB URL HTTP/2 pics.dmm.co.jp/digital/video/mum00134/mum00134jp-3.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x534, components 3\012- data
Hash f5bd1ec2050caa631ed3a30a4ba9706a
79546de48eacc699e81cf2382b1d9a48188a2d0c
0cfc7d0774fb6604afe9a96a7a1f3dff081708bf30e3145ed600baf9c4157fdd
GET /digital/video/mum00134/mum00134jp-3.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/jpeg
content-length: 95185
last-modified: Mon, 29 Sep 2014 08:28:34 GMT
etag: "54291832-173d1"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb2CmODPnZCknv8benrAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
uzbum.su/favicon.ico
301 Moved Permanently 518 B IP
Hash 73910517ad135b833fe9b7d14250dfbe
d14eb95959879ca1d13378b04d8b7784568714c6
71ea79d2eaae0378b350b1198ed380a4ce6490e29684346c35bf18ce6fc65342
GET /favicon.ico HTTP/1.1
Host: uzbum.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: text/html; charset=iso-8859-1
location: https://ru.uzbum.su/favicon.ico
cache-control: max-age=120
cf-cache-status: HIT
age: 719
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgxubqI928S0bTWhkbngPeccaqo6j3iSUZvhq1nruqbUu%2B2xWR7MpscXU4HJsAX6ZAyyh1fXjIIxNAh3TubMA9oSYhpMUHKHoeQG1EyRCw5XshBSykQMa28RFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e04ed080afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stickamvids.net/favicon.ico
301 Moved Permanently 243 B URL HTTP/1.1 stickamvids.net/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash af4c9ac58385682bc5b3f3effedda4df
4983f2a7f4bceb66b9d80f22222ba90da13e6238
8b21f86ec51044985fa7e9f04e402508865490f9e59d1b84afaa662777cfb7fd
GET /favicon.ico HTTP/1.1
Host: stickamvids.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://stickamvids.net/favicon.ico/
Cache-Control: max-age=172800
Expires: Tue, 29 Nov 2022 10:39:50 GMT
www.moav.com/favicon.ico
200 OK 823 B IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 8baf0b75fa2aa5e359ea34022d4d7702
d4c201300b0ea53b159fa99038fd2fbacd2c9c08
5b571983ba4ea1796c43027bcc20a5f372c819748d10e2d9c83b22f24e9fa802
GET /favicon.ico HTTP/1.1
Host: www.moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 21 Feb 2022 04:33:56 GMT
ETag: W/"62131634-47e"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1795
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wTQqV8vjEgzMQRP%2F%2BomDKkDWCnR%2FU8y1l0F7fHnPAX3wjgDpS%2B6G8RXrCoRuX7N4P1Ux9Uc33f8xRMJBQICSoN6oRUQjW02857pzf7Zwoz3f%2BVDEgKpW2IyBHa%2FiBM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3e057bf07735-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 279 B IP
Hash 9fba6f51c5aa4bf1515af24b7f5c5f1b
1e088be5a7cb60876fde6e9c49a7571b20d9df6c
749cf6e82e62bc5ea7f5cecd50eeff533501ecc41db112a144a95afd08a32083
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6352
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:50 GMT
Last-Modified: Sun, 27 Nov 2022 08:53:59 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
douga.nakadashi.pw/favicon.ico
200 OK 2.4 kB URL HTTP/1.1 douga.nakadashi.pw/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1346), with CRLF, LF line terminators
Hash c95c7af659f4f1650ac67b799efcab69
2caa547d93715659c26a6aa625bd9d623fd3af0a
24188df39a3527f47a0ff0890c6399ba995e08bfb02687750bc16edb8a7744b1
GET /favicon.ico HTTP/1.1
Host: douga.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Host,Accept-Encoding
pdo-line8: host-douga.nakadashi.pw127.0.0.1-myhost-douga.nakadashi.pw127.0.0.1/favicon.ico
phost: douga.nakadashi.pw
line1066: notjp-nakadashi-myhost-douga.nakadashi.pw-filteron-
line2430: notjp-/favicon.ico-myhost-douga.nakadashi.pw-filteron-
Cache-Control: public, max-age=14400
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: EXPIRED
Xkey-5950: douga./favicon.ico-A-douga.nakadashi.pw-douga.nakadashi.pw-cacpdo0---yes
X-Proxy-Cache-LA2: EXPIRED
Xkey-la2: douga./favicon.ico-A-douga.nakadashi.pw-douga.nakadashi.pw-my_zone
X-Proxy-Cache-gjp: HIT
Xkey-g-jp: douga./favicon.ico-A-douga.nakadashi.pw--my_zone
CF-Cache-Status: HIT
Age: 11637
Last-Modified: Sun, 27 Nov 2022 07:25:53 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XroDZ5dyGkCDwCPr%2BhYZK%2Bhvj0fMykZPlHBPuxfMStww%2F7UsJjhG92aV7qy7W9TkX7Ze9ukNoHFl1hvq3mHZJAB5J61MPRSWIbX9nkXv2saUC4iwmKgto33Z01mLWGNnFGF3FE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770a3e059ad471bc-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.w3schools.com/w3css/4/w3.css
200 OK 5.3 kB URL HTTP/2 www.w3schools.com/w3css/4/w3.css
IP
File type Unicode text, UTF-8 (with BOM) text
Hash 94faabffc57cc57216dd144f322d95d2
372afce88f064afacff3af328993713986baff32
2ec8866edf3f9350e9ed8a0133f56e3e03b5a345f927ec3d14df70e3f5dfc855
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 11402
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Sun, 27 Nov 2022 10:39:50 GMT
etag: "0f7d0847c1d91:0+gzip"
last-modified: Sat, 26 Nov 2022 09:50:30 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2
stickamvids.net/favicon.ico/
404 Not Found 13 kB URL HTTP/1.1 stickamvids.net/favicon.ico/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (30105), with CRLF line terminators
Hash b5ef9a0e0b0a22270e370a5062b64c21
26602b617a9851647f1d17976d949092c3acd805
79b6d9963bef30addd03d7d58cbe77e7ab1caa191f208e27ed58d7f203d72c23
GET /favicon.ico/ HTTP/1.1
Host: stickamvids.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Vary: User-Agent
Content-Encoding: gzip
pic.duga.jp/unsecure/cando/0081/noauth/jacket_240.jpg
200 OK 43 kB URL HTTP/1.1 pic.duga.jp/unsecure/cando/0081/noauth/jacket_240.jpg
IP
ASN #9370 SAKURA Internet Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x340, components 3\012- data
Hash 7b7c51aec817667b1f6fedaad5f9a568
33cb117d1590f4b252de60ebfcd8996fa0654f72
17062f20f4e7ca82554c1bf7e4008c929c8d34df0b472c90e1069834b1a5cc0b
GET /unsecure/cando/0081/noauth/jacket_240.jpg HTTP/1.1
Host: pic.duga.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/jpeg
Content-Length: 42773
Connection: keep-alive
Last-Modified: Tue, 28 Apr 2015 23:53:21 GMT
ETag: "55401d71-a715"
Expires: Sun, 01 May 2022 08:51:28 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.nsfwnudes.com/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 www.nsfwnudes.com/favicon.ico
IP
ASN #39572 DataWeb Global Group B.V.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 8af584225eec09450b4db2d059b41a0a
fc79905533fff60338577722a0ad51b3ccc5d1ab
9f935f34c6af17f0afcdfac9fdab65c4b08a87f2da6d41547f09b5310f204d36
GET /favicon.ico HTTP/1.1
Host: www.nsfwnudes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Sat, 04 Apr 2020 07:28:18 GMT
Connection: keep-alive
ETag: "5e883712-47e"
Expires: Tue, 27 Dec 2022 10:39:50 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
pics.dmm.co.jp/digital/video/h_1092arbb00033/h_1092arbb00033ps.jpg
200 OK 12 kB URL HTTP/2 pics.dmm.co.jp/digital/video/h_1092arbb00033/h_1092arbb00033ps.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 147x200, components 3\012- data
Hash 7c2eca5258d46b1315ca62df6b0bd484
c3e851ea69fcde7ca7d232a18d06ace492816220
1421a6daf91ce397d306d2a05306b1b7b6bc45062f0bfe7db8abe309775eadb8
GET /digital/video/h_1092arbb00033/h_1092arbb00033ps.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/jpeg
content-length: 12482
last-modified: Mon, 28 Nov 2016 08:03:52 GMT
etag: "583be4e8-30c2"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb2CmODPnZCknv8benwAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
jp-xvideos-av.com/favicon.ico
404 Not Found 146 B URL HTTP/1.1 jp-xvideos-av.com/favicon.ico
IP
ASN #2519 ARTERIA Networks Corporation
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /favicon.ico HTTP/1.1
Host: jp-xvideos-av.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 146
Connection: keep-alive
okashik.atype.jp/images/2117-tbx-004/1.jpg
200 OK 97 kB URL HTTP/1.1 okashik.atype.jp/images/2117-tbx-004/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", baseline, precision 8, 450x634, components 3\012- data
Hash 6dd8c1ed6b061db29baa684928cd1061
67eb201a711ecbaf9fd6b7c8a52c95ae952c067e
3595e9b3d6ccf9a7f5e6cd9b498a016fbad904afdfe4fc0581838344b4d0518c
GET /images/2117-tbx-004/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:49 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:15:17 GMT
ETag: "f20239-17c37-5c43a3e5e4f75"
Accept-Ranges: bytes
Content-Length: 97335
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
fanat.men/favicon.ico
200 OK 613 B IP
ASN #207728 EUROHOSTER Ltd.
File type PNG image data, 28 x 28, 8-bit colormap, non-interlaced\012- data
Hash b3f6f54b56f089f47cd4c0833192a0ca
c33d27c17d574c1d48d6109b9cdab8b264d858f9
05d88fba4d8c1d3663f9a2cdff093507669e44604a66867c2bfd413c57ae2f03
GET /favicon.ico HTTP/1.1
Host: fanat.men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 613
Connection: keep-alive
Last-Modified: Sat, 26 Mar 2022 01:16:58 GMT
ETag: "265-5db14d5f4d3ab"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Sun, 11 Dec 2022 10:39:50 GMT
ocsp.digicert.com/
200 OK 279 B IP
Hash b23b6c71be48b607c6fa9ce17d5f7e65
fcee3f2748ffbac4822c0273a532aaf2743188ae
0b8ba83b51cc012ae4ee9ab45de3bc55ced5fff6fe854d002a81dd1bff3e99e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3042
Cache-Control: max-age=126343
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:50 GMT
Etag: "63827d1b-117"
Expires: Mon, 28 Nov 2022 21:45:33 GMT
Last-Modified: Sat, 26 Nov 2022 20:54:51 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
mtspn.com/favicon.ico
404 Not Found 315 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67932d4b695e1d6b19dfc2e3610761ff
a66898b36c94c53766e66c1a7aaeb149447ec083
ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0
GET /favicon.ico HTTP/1.1
Host: mtspn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 27 Nov 2022 10:39:50 GMT
Connection: close
Content-Length: 315
ru.uzbum.su/files/raznoe_porno/lishenie_devstvennosti_molodoy_devushki/screen.jpg
200 OK 86 kB URL HTTP/2 ru.uzbum.su/files/raznoe_porno/lishenie_devstvennosti_molodoy_devushki/screen.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 480x360, components 3\012- data
Hash f9740fd1504ae36d99920e7875703aa4
cc687ce30fc073223cb7a5d7cfea3f6e694692f7
c7ea4aa8a89fe93c793e0aecd7fe75551797215fc91a1620a539dad08e72f0ba
GET /files/raznoe_porno/lishenie_devstvennosti_molodoy_devushki/screen.jpg HTTP/1.1
Host: ru.uzbum.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: image/jpeg
content-length: 86372
last-modified: Sat, 05 Jan 2019 19:35:26 GMT
etag: "5c3106fe-15164"
cache-control: max-age=120
cf-cache-status: HIT
age: 1939
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S40c6kljqiOc5Vh1ScvjoykheR7X%2FJ0ZepDaYntYPDlHd%2FM%2FL6m5GSUFlzobkbA6POE%2FXt9Ac1WLEkpqodEEvkbljNhrWT1eMzf%2Bt2VNBCZ6F3EV1qMxeaqSH13pQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e07bfb40afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 8920a271735fcbee6d5757eed3f294d7
566b92e71b23df17db2431c8902b99e925a92b31
a67bc2efb90b87c16e0486b07c8323c01e0f51c34bb0e3ec302643c00a5f8a32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3391
Cache-Control: max-age=170951
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:51 GMT
Etag: "63832a00-116"
Expires: Tue, 29 Nov 2022 10:09:02 GMT
Last-Modified: Sun, 27 Nov 2022 09:12:32 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 87ba15080000bdb5443986bcef01da4c
d9f7316e0860794a336f9321dbe1fa685d6d2fc7
c8db87e589044bb801dc6967e9142e02de8a2be3a4aca6d2ebf818482d6d5440
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8DB87E589044BB801DC6967E9142E02DE8A2BE3A4ACA6D2EBF818482D6D5440"
Last-Modified: Sat, 26 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6491
Expires: Sun, 27 Nov 2022 12:28:02 GMT
Date: Sun, 27 Nov 2022 10:39:51 GMT
Connection: keep-alive
jukujo69.jp/favicon.ico
302 Found 0 B IP
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: jukujo69.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
link: <https://jukujo69.jp/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://jukujo69.jp/wp-content/uploads/2022/02/cropped-juku-32x32.png
content-length: 0
date: Sun, 27 Nov 2022 10:39:50 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
okashik.atype.jp/images/112-cpsky-106/1.jpg
200 OK 73 kB URL HTTP/1.1 okashik.atype.jp/images/112-cpsky-106/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Hash b30a33798392c3a9d428aafa4e082889
6d37a14db044b8987b298819ec78401830d922e6
7d11326102923646b9bb36d693db36517bf9e037c9c595e465fb7a90b755760b
GET /images/112-cpsky-106/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:50 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:00:50 GMT
ETag: "ec02c5-11cb4-5c43a0ab47325"
Accept-Ranges: bytes
Content-Length: 72884
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
okashik.atype.jp/images/112-cpsky-046/1.jpg
200 OK 82 kB URL HTTP/1.1 okashik.atype.jp/images/112-cpsky-046/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Hash d5c6d514ee8918d73014e83f55327250
36c754342181f2e9726959ec7f4cd5bbb19dcd6a
10902a25bdcd8facfbd7914f313c0d6bbeb737ecd2fb82456d8983808dcef01d
GET /images/112-cpsky-046/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:50 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:00:17 GMT
ETag: "ea2b56-14165-5c43a08bcfc6d"
Accept-Ranges: bytes
Content-Length: 82277
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
nijimo3.ocsp.secomtrust.net/
200 OK 1.6 kB URL HTTP/1.1 nijimo3.ocsp.secomtrust.net/
IP
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash c83530c61b688a83ea832861c3a0bd2e
0a5999e3166e4808bf14d8ebc03f9b930bde7378
a0885406836d621b788334c8dcf96bc7d06298348f3468472ae59200100a72a2
POST / HTTP/1.1
Host: nijimo3.ocsp.secomtrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:50 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Wed, 30 Nov 2022 11:49:03 GMT
Last-Modified: Sat, 26 Nov 2022 11:49:03 GMT
ETag: "c83530c61b688a83ea832861c3a0bd2e"
X-Powered-By: ASP.NET
Content-Length: 1560
Connection: close
www.honglm1.xyz/favicon.ico
200 OK 4.3 kB URL HTTP/1.1 www.honglm1.xyz/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash c56908ae3ea93c85e22d26f4135b7906
557f1384e6aca2ccc8cc485aa465883fb66c2fec
e7806b824fd0fe2d51f9927bc7e8426b8ab124c677a94d23b95f1454739f5bb1
GET /favicon.ico HTTP/1.1
Host: www.honglm1.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Sun, 25 Sep 2022 07:37:06 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63300522-10be"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
erogazoukeijiban.com/favicon.ico
500 Internal Server Error 2.5 kB URL HTTP/1.1 erogazoukeijiban.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 0f117acc9e5ffc8d386baff719d433cc
d8cc74f091ba5f499b7f790121e052b6fba1a02a
1bfe0a735b6d2cc950afd75abf5a50aa76d917b2a01f1cc49e704c3871a26840
GET /favicon.ico HTTP/1.1
Host: erogazoukeijiban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 500 Internal Server Error
Server: nginx
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
www.liangx3.xyz/favicon.ico
404 Not Found 153 B URL HTTP/1.1 www.liangx3.xyz/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a53e183b2c571a68b246ad570b76da19
7eac95d26ba1e92a3b4d6fd47ee057f00274ac13
29574dc19a017adc4a026deb6d9a90708110eafe9a6acdc6496317382f9a4dc7
GET /favicon.ico HTTP/1.1
Host: www.liangx3.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 10:39:50 GMT
Content-Type: text/html
Content-Length: 153
Via: 1.1 google
pics.dmm.co.jp/digital/video/mmt00007/mmt00007pl.jpg
200 OK 145 kB URL HTTP/2 pics.dmm.co.jp/digital/video/mmt00007/mmt00007pl.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 145 kB (144706 bytes)
Hash d5c930fa788b8308fe580c6c21217a53
8bce95de9c91c2ee184bda2a66035860d6c2f921
45cec2535b34c56a0a2435a48c9b3f719b20ddc40446758004cb7feb5d80e64b
GET /digital/video/mmt00007/mmt00007pl.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/jpeg
content-length: 144706
last-modified: Wed, 30 Jan 2013 03:33:20 GMT
etag: "51089480-23542"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb2CmODPnZCknv8ben3Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
booru.allthefallen.moe/favicon.ico
200 OK 1.4 kB URL HTTP/2 booru.allthefallen.moe/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel\012- data
Hash 6e0e9153e06145e0b8b8980fc6df2f75
345fa06c7ac3ddbb9990524c6aa59a1ea8880255
04b391e90205b8807840d64ae10d296fdb6ea3b4c135a45c31364d7b573b1fb0
GET /favicon.ico HTTP/1.1
Host: booru.allthefallen.moe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: image/x-icon
content-length: 1406
last-modified: Wed, 20 Oct 2021 18:13:29 GMT
etag: "61705c49-57e"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
hentainoutage2.blog.jp/favicon.ico
404 Not Found 1.6 kB URL HTTP/1.1 hentainoutage2.blog.jp/favicon.ico
IP
ASN #38631 LINE Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash ef7bdbc64923aa3835a2353a0542b3e1
a0a038c54033bdf7a3ad7609e0b10ce69ff3aa3c
2914f1eb71406f2389739d5fd5e05f3ca1bd73b2ba5acc2d4b1c85f70b7cb0c9
GET /favicon.ico HTTP/1.1
Host: hentainoutage2.blog.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: text/html
Content-Length: 1574
Connection: keep-alive
Keep-Alive: timeout=3
Vary: User-Agent,Accept-Encoding
X-Framework: JP/4.01
Set-Cookie: ldblog_u=4853b0cd57bc3f2930a2ccdde3d8d248; path=/; expires=Sat, 25-Feb-23 10:39:51 GMT
ldblog_u=c632311bf0f8fc1ce65762f14d1ffebe54f3a2851669545591.14438; path=/; expires=Sat, 25-Feb-2023 10:39:51 GMT
ldsuid=k1yS8mODPndhTklHhkPCAg==; expires=Sat, 25-Feb-23 10:39:51 GMT; path=/; Secure; HttpOnly;
P3P: CP="BUS OUR PHY STP ADM CUR DEV PSA PSD"
Content-Encoding: gzip
www.941pa4.xyz/favicon.ico
404 Not Found 20 B URL HTTP/1.1 www.941pa4.xyz/favicon.ico
IP
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /favicon.ico HTTP/1.1
Host: www.941pa4.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wo%2FXTwM2fehumK1jV4LKuFOWOe60sVcx2FmW5heWm3u2yRB0z8jyMf%2BqIfx25GSXf6odMKgaStiCR4va2%2BPT9bN3pJlsCKz%2BcyJA10wA%2BPsqSI9LtxR3VzfSZSobC2kiow%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3e093c72b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.xfluluxiu03.xyz/favicon.ico
404 Not Found 20 B URL HTTP/1.1 www.xfluluxiu03.xyz/favicon.ico
IP
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /favicon.ico HTTP/1.1
Host: www.xfluluxiu03.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auQa0IG0dNKffsg0FELxuKBq1uprIeGA85W57D%2FlPkopwrdkLbQJLT6nILbfV6UmuaMlP3XXZ29psObDGTOQz3BnAlYIbclswOQ8Di9ba1QP9SpMsKHkf3TKdBxkS5jol8dSmlu1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a3e0949950af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sectigo.com/
200 OK 471 B IP
Hash 7d872c68ca48df16b661e1f800a1f5e3
91ba8eb6b6953c817129e7e7459e96bff73df7b7
6d20da984042eff075cd2f759bc2476d38caf1689516b524766cf821d3d436af
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 10:10:48 GMT
Expires: Sun, 04 Dec 2022 10:10:47 GMT
Etag: "91ba8eb6b6953c817129e7e7459e96bff73df7b7"
Cache-Control: max-age=602455,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a3e088f54b517-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 7d872c68ca48df16b661e1f800a1f5e3
91ba8eb6b6953c817129e7e7459e96bff73df7b7
6d20da984042eff075cd2f759bc2476d38caf1689516b524766cf821d3d436af
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 10:10:48 GMT
Expires: Sun, 04 Dec 2022 10:10:47 GMT
Etag: "91ba8eb6b6953c817129e7e7459e96bff73df7b7"
Cache-Control: max-age=602455,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a3e09abbeb524-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 7d872c68ca48df16b661e1f800a1f5e3
91ba8eb6b6953c817129e7e7459e96bff73df7b7
6d20da984042eff075cd2f759bc2476d38caf1689516b524766cf821d3d436af
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 10:10:48 GMT
Expires: Sun, 04 Dec 2022 10:10:47 GMT
Etag: "91ba8eb6b6953c817129e7e7459e96bff73df7b7"
Cache-Control: max-age=602455,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a3e09af590b4d-OSL
ocsp.digicert.com/
200 OK 280 B IP
Hash fe4ca6c249f31532daff4ed7a9dd7755
4f0a6682ac388fd3a5110ee0314bc1404d8c8fba
4b36d6c592429a9af83266204fe4e2e3b872c31b11b9d0538f65e74b33c5d745
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4953
Cache-Control: max-age=118566
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:51 GMT
Etag: "63825744-118"
Expires: Mon, 28 Nov 2022 19:35:57 GMT
Last-Modified: Sat, 26 Nov 2022 18:13:24 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
douga100ka.jp/favicon.ico
200 OK 12 kB URL HTTP/1.1 douga100ka.jp/favicon.ico
IP
ASN #131921 GMO GlobalSign Holdings K.K.
File type MS Windows icon resource - 3 icons, 48x48, 24 bits/pixel, 32x32, 24 bits/pixel\012- data
Hash 27845c577fdf36a2feaf3f367e1974db
d4875913015d68825c5b6a21b3478cdee6692aed
532904c817159bfb463e2fc71d5f9706a5d681e00412728c3106b6231005de55
GET /favicon.ico HTTP/1.1
Host: douga100ka.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:51 GMT
Server: Apache
Last-Modified: Tue, 29 Sep 2020 21:37:24 GMT
ETag: "2eee-5b07a96ad6d00"
Accept-Ranges: bytes
Content-Length: 12014
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
www.yaoji1.xyz/favicon.ico
200 OK 0 B URL HTTP/1.1 www.yaoji1.xyz/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.yaoji1.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
ETag: "61424bb6-0"
x-backend-server: ip-10-201-16-216.ec2.internal
Accept-Ranges: bytes
pornochika.net/favicon.ico
200 OK 3.1 kB URL HTTP/2 pornochika.net/favicon.ico
IP
Hash b4ba2568a504e16517ec65dd921f4331
f8007940fc62dcb655d7e4516f79ae58f0d40fc8
a08634f11ef4cce6b6cfe0826830f3b686a578182fcf942bfec00bc084157d13
GET /favicon.ico HTTP/1.1
Host: pornochika.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/x-icon
last-modified: Fri, 19 Jun 2020 07:13:57 GMT
vary: Accept-Encoding
etag: W/"5eec65b5-58e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4566641fcbb7b0b6517ce88fc248692f
7b76477a4bbb4a07f6f2e0fe2f78d62fc5c3f6b5
b36ca5ccc6397d8ba5b473f2d98221b359532419c09eda7f99f0ddb57d11880c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B36CA5CCC6397D8BA5B473F2D98221B359532419C09EDA7F99F0DDB57D11880C"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3356
Expires: Sun, 27 Nov 2022 11:35:47 GMT
Date: Sun, 27 Nov 2022 10:39:51 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 148d7916502dccb2fccc2f8f5e052797
6e257a4f022850f0ecbf443a3923a70337b4f1d8
e343248f41bd5a3869d678b887610d25af10b61fdb3b39d999dd5d039d02ad61
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E343248F41BD5A3869D678B887610D25AF10B61FDB3B39D999DD5D039D02AD61"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2248
Expires: Sun, 27 Nov 2022 11:17:19 GMT
Date: Sun, 27 Nov 2022 10:39:51 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 349a6975c374fd0c24e26be61d29f590
29da35c0762aae7336cdaa53314b5608c4cb3807
3ef3ee6cc65bbaa1e7b4b8b6b5a90dd09e9fd67bd77c9ce274b68702d55e71d7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3EF3EE6CC65BBAA1E7B4B8B6B5A90DD09E9FD67BD77C9CE274B68702D55E71D7"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4821
Expires: Sun, 27 Nov 2022 12:00:12 GMT
Date: Sun, 27 Nov 2022 10:39:51 GMT
Connection: keep-alive
aosikazy13.com/20221004/Bxwi1ISQ/1.jpg
404 Not Found 146 B URL HTTP/2 aosikazy13.com/20221004/Bxwi1ISQ/1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /20221004/Bxwi1ISQ/1.jpg HTTP/1.1
Host: aosikazy13.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: text/html
content-length: 146
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 7d872c68ca48df16b661e1f800a1f5e3
91ba8eb6b6953c817129e7e7459e96bff73df7b7
6d20da984042eff075cd2f759bc2476d38caf1689516b524766cf821d3d436af
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 10:10:48 GMT
Expires: Sun, 04 Dec 2022 10:10:47 GMT
Etag: "91ba8eb6b6953c817129e7e7459e96bff73df7b7"
Cache-Control: max-age=602455,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a3e083fc5b4fd-OSL
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash e52fcf9c821f9bc3e6deeebd726df97d
847c390c1ad5fe978cbed0b45a21e279a81bc5f8
b92f11db90c6bb53383655e21d6c79093bda52a78a658a704c9f8c0f27a9043f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B92F11DB90C6BB53383655E21D6C79093BDA52A78A658A704C9F8C0F27A9043F"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6115
Expires: Sun, 27 Nov 2022 12:21:46 GMT
Date: Sun, 27 Nov 2022 10:39:51 GMT
Connection: keep-alive
aosikazy13.com/20221004/PKh0CDkd/1.jpg
404 Not Found 146 B URL HTTP/2 aosikazy13.com/20221004/PKh0CDkd/1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /20221004/PKh0CDkd/1.jpg HTTP/1.1
Host: aosikazy13.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: text/html
content-length: 146
access-control-allow-origin: *
X-Firefox-Spdy: h2
aosikazy13.com/20221004/Uno9VWsT/1.jpg
404 Not Found 146 B URL HTTP/2 aosikazy13.com/20221004/Uno9VWsT/1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /20221004/Uno9VWsT/1.jpg HTTP/1.1
Host: aosikazy13.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: text/html
content-length: 146
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 65790a4da847a1d13f99d9486d44fb00
4694f7c48cade51ddfa175dc87583f47c2309d87
72a805a63ee5c329f8ff5d0c38c3ba59ffd471e3c7eef699bce52c68eba17255
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4838
Cache-Control: max-age=117007
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:51 GMT
Etag: "638251a0-118"
Expires: Mon, 28 Nov 2022 19:09:58 GMT
Last-Modified: Sat, 26 Nov 2022 17:49:20 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash fda20012ba2e4ad18811acdcfe6d62b4
eabbd9cae98f3618ec7a3db0933a23f7757fcbdd
f4f6380ec73d2f87b606b90d9200c580ee91b6db0c552737b5bf561f4d8e9fad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F4F6380EC73D2F87B606B90D9200C580EE91B6DB0C552737B5BF561F4D8E9FAD"
Last-Modified: Sat, 26 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19098
Expires: Sun, 27 Nov 2022 15:58:09 GMT
Date: Sun, 27 Nov 2022 10:39:51 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 7a314360fce192e226f1e6cd7c76da72
4d1379db0599bd3bf023a2fefd634560d02a62cf
665f67993099d99bdad193f0809eae217cc1176e134320cdfb11dd36d9b7eafa
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "665F67993099D99BDAD193F0809EAE217CC1176E134320CDFB11DD36D9B7EAFA"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7220
Expires: Sun, 27 Nov 2022 12:40:11 GMT
Date: Sun, 27 Nov 2022 10:39:51 GMT
Connection: keep-alive
okashik.atype.jp/favicon.ico
200 OK 27 kB URL HTTP/1.1 okashik.atype.jp/favicon.ico
IP
ASN #2527 Sony Network Communications Inc.
File type MS Windows icon resource - 1 icon, -106x-106, 8 bits/pixel\012- data
Hash c96307b54559ba5b66bf64349fffaeed
ed0cf0bb16c7920bd8d9d07ca64cdeb5bac869b0
00690fc9a758e373f131eb5748f95d55238b0b60dca77bbfdb9c04949db74f88
GET /favicon.ico HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:51 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:22:28 GMT
ETag: "dc0718-6906-5c439817e2b05"
Accept-Ranges: bytes
Content-Length: 26886
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
eronukichan.blogterest.net/favicon.ico
200 OK 4.3 kB URL HTTP/1.1 eronukichan.blogterest.net/favicon.ico
IP
ASN #59253 Leaseweb Asia Pacific pte. ltd.
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash fb91f30211964b611bf39955e0938076
b0fb1b9af61280950dfee4bbcc8a077466751203
4472d39e6d2ec3fffc6b274160e858e3f0e9292f9e26f2aa1f801a8879c6a5a1
GET /favicon.ico HTTP/1.1
Host: eronukichan.blogterest.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: close
Last-Modified: Wed, 04 Apr 2018 05:49:31 GMT
ETag: "5ac4676b-10be"
Expires: Sat, 03 Dec 2022 09:36:45 GMT
Cache-Control: max-age=2592000
X-Cache-Status: HIT
Accept-Ranges: bytes
video.sex169.org/favicon.ico
200 OK 3.9 kB URL HTTP/1.1 video.sex169.org/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (875), with CRLF, LF line terminators
Hash 8ad1b1b866fed5d2a42c507510d8e2c0
ec2b0de20f4bfaec426c00bd445efc7d28f1704d
c83fbccc9373a4ea17aec456dc6643d5548e571eff363a24819b7871bd1a7ebf
GET /favicon.ico HTTP/1.1
Host: video.sex169.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.36
Set-Cookie: PHPSESSID=dc9td0ha3qf088acvu598kj971; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.lxs2.xyz/favicon.ico
301 Moved Permanently 318 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 87b4dd7261033778a03278364da143ec
b97fd0906a54c4a45cf55d1d965ff81022fe2622
a4176305076f2feaaefc9b434e7611b851dee4594b55ee2512e35f0dfb6a5735
GET /favicon.ico HTTP/1.1
Host: www.lxs2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 318
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://www.lxs2.xyz/favicon.ico
ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
IP
Hash 176d38e608983568aa2590425a22dd34
daf14cd648c8cf1eb21bb1c44defeb017c5d84e6
1335fdfe6ca15771617ce854d75ec6886c4b41c2a7954753d0619b1dc065fec4
POST /s/gts1p5/Uzl9FVb0AGo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pics.pornfhd.com/digital/video/mmt00007/mmt00007pl.jpg
200 OK 145 kB URL HTTP/2 pics.pornfhd.com/digital/video/mmt00007/mmt00007pl.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 145 kB (145051 bytes)
Hash 463ca5b32c437410c0f4cc72c1fa6795
6dbcc64e4f8a9dc8c9380159c1b7b6a8e6b7f6dc
800ee64352ff1000b405853b2e57c7f0c1c645ab779baf2d6133c55a400ed607
GET /digital/video/mmt00007/mmt00007pl.jpg HTTP/1.1
Host: pics.pornfhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: image/jpeg
last-modified: Wed, 30 Jan 2013 03:33:20 GMT
vary: Accept-Encoding
etag: W/"51089480-23542"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2388869
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYEywQJW4%2FZgkVVeMKw%2F6s%2Bb5kSnZdalxP45r7cHECUhCgDj5TrDN1rvOqiBXv0faGkTsLnVjG%2FwG%2Br8%2FxUZIwJC3QSpSilwXhCWLDkEDEruCNBT4uyvlf43tNT1ydTLX%2Frq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e008833d174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
001.manyse.com/2206/img/FC2-PPV-2933435.jpg
200 OK 126 kB URL HTTP/2 001.manyse.com/2206/img/FC2-PPV-2933435.jpg
IP
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14, height=2160, bps=0, manufacturer=Apple, model=iPhone 11 Pro, width=2880], baseline, precision 8, 600x600, components 3\012- data
Size 126 kB (126134 bytes)
Hash 2aea008af7cc8f8dc0e707da475c10ee
6da14916f7c5bd0373d5ed27358cb4bca407a7f4
298150014eb91551c16cfcb0ef8370d08f885393af82db4ba9604f6ad4da11e1
GET /2206/img/FC2-PPV-2933435.jpg HTTP/1.1
Host: 001.manyse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: image/jpeg
content-length: 126134
last-modified: Sun, 04 Sep 2022 16:03:10 GMT
etag: "6314cc3e-1ecb6"
expires: Tue, 27 Dec 2022 10:39:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
access-control-allow-origin: https://manymv.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 2985771c10982d7d7c8f0619f1657096
d0985d23d95a676556e726ff70f5eba2db72fad3
eee1403464a2b7fdd9a7154b26e6855994ff164609af4f4ab69383c208501143
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3849
Cache-Control: max-age=135423
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:51 GMT
Etag: "63829d6d-117"
Expires: Tue, 29 Nov 2022 00:16:54 GMT
Last-Modified: Sat, 26 Nov 2022 23:12:45 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash f99936a9b36294042b0aa8ad3ead6bae
610d53e8c94bddcf8b04c41b4f4471da3cb2eaa9
33bc1b2963af1e182b82229e5ce69bf5e844085fdc5d9f9b4238d500ff075546
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "33BC1B2963AF1E182B82229E5CE69BF5E844085FDC5D9F9B4238D500FF075546"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1063
Expires: Sun, 27 Nov 2022 10:57:34 GMT
Date: Sun, 27 Nov 2022 10:39:51 GMT
Connection: keep-alive
nijimo3.ocsp.secomtrust.net/
200 OK 1.6 kB URL HTTP/1.1 nijimo3.ocsp.secomtrust.net/
IP
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash aa7d64679608bde4956421af75b38398
a06b8a06c8fb04ac03bb60859e1535c0b1114cec
3815d49074343780bd63e8056629bebeb1caba1c93e2a64b57ac9f9623d6e83f
POST / HTTP/1.1
Host: nijimo3.ocsp.secomtrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:50 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Wed, 30 Nov 2022 11:49:03 GMT
Last-Modified: Sat, 26 Nov 2022 11:49:03 GMT
ETag: "aa7d64679608bde4956421af75b38398"
X-Powered-By: ASP.NET
Content-Length: 1560
Connection: close
aosikazy13.com/20221004/CQdCA44H/1.jpg
404 Not Found 146 B URL HTTP/2 aosikazy13.com/20221004/CQdCA44H/1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /20221004/CQdCA44H/1.jpg HTTP/1.1
Host: aosikazy13.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: text/html
content-length: 146
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 0709ed43a5e291c6b2a477448c4b425b
a25975f93961ce0a51a63f3c3d23635c25ae5a4d
42831c2eef2561abe3d2207e9dfd7e60d5828c29ecf8b9f7787ec140f0e670f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5325
Cache-Control: max-age=167526
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:51 GMT
Etag: "63831510-117"
Expires: Tue, 29 Nov 2022 09:11:57 GMT
Last-Modified: Sun, 27 Nov 2022 07:43:12 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 84c58294d2dfddc5ef479327ed5eb88a
d0bb754a17e3b8bafe2da0c5a8396dc2954a03c7
72d51e22bf4e920f03ea224004a31916f0f5606a069f91667fb69fe3a2034eca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 34
Cache-Control: max-age=121151
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:51 GMT
Etag: "63827494-117"
Expires: Mon, 28 Nov 2022 20:19:02 GMT
Last-Modified: Sat, 26 Nov 2022 20:18:28 GMT
Server: ECS (amb/6B7D)
X-Cache: HIT
Content-Length: 279
okashik.atype.jp/images/106-taskj-092/1.jpg
200 OK 357 kB URL HTTP/1.1 okashik.atype.jp/images/106-taskj-092/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 450x634, components 3\012- data
Size 357 kB (357306 bytes)
Hash c6fe5d6a21a486dd975fbd45c908ca42
733d4552fbf08399d65f0ff3e4c5867a969d74fc
d6e36116f3464af125c138746ce1be28df092eb7a25c258fa7d8c7efaaaae8e0
GET /images/106-taskj-092/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:50 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:47:51 GMT
ETag: "e806a2-573ba-5c439dc46825d"
Accept-Ranges: bytes
Content-Length: 357306
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
www.appav1.xyz/favicon.ico
200 OK 1.9 kB URL HTTP/2 www.appav1.xyz/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 95e1423a68626c52a7452071eaec3104
4a912b2492c7885b8c80bdbb3d63a100bd3415dc
93d7fb8160a6c47edd39eef6642bdab92d8273d408b2083c863d2b00e2a3eeed
GET /favicon.ico HTTP/1.1
Host: www.appav1.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=229HRae1Z4yYDESNCq1iSPIOME1VAfpqHsk4KzC31hMzEGPn3GNlmMuK14AwQRs4LJxPJUfYwEX2ME%2F294Jy7dNWQ0ykkNDF9ZdvAwz6kh87BQc4%2BMI70pQdJAyIaemJeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0c7d6b0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 96e4d593e4c21b26944f9357dcc5680e
53404c273d4f5920b233a37c29d0ebc09bbff952
f6e1cbe4d1ee561af6e1a515f306c326b2aafce11232232904b170df521eca1c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6240
Cache-Control: max-age=152249
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:51 GMT
Etag: "6382d5d0-117"
Expires: Tue, 29 Nov 2022 04:57:20 GMT
Last-Modified: Sun, 27 Nov 2022 03:13:20 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 6c4ebe93b35dac663fce059443602258
46354d6c3389c17db1ec63b572c8dc2745bb05a3
1b98f0f362ec4d7d7021d803b56e15be0887900b28c57e06d656b5afee5e8836
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1B98F0F362EC4D7D7021D803B56E15BE0887900B28C57E06D656B5AFEE5E8836"
Last-Modified: Sat, 26 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=369
Expires: Sun, 27 Nov 2022 10:46:00 GMT
Date: Sun, 27 Nov 2022 10:39:51 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 66ba5d11b5c0fa71c9b3171cdb2906b1
77d8c58faad6d4dd818b3ea0bef406b313cc261b
d36987e288f57bce61e86f3f4c48e4905d16cd5a1157d34fb1364f3051d8755d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3199
Cache-Control: max-age=107781
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:51 GMT
Etag: "638233fd-117"
Expires: Mon, 28 Nov 2022 16:36:12 GMT
Last-Modified: Sat, 26 Nov 2022 15:42:53 GMT
Server: ECS (amb/6B7D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 278 B IP
Hash 60bd65c61bb34bf92881cb0083409d65
40ab75c6b5edf52174ddedc58043aa7438e5d4e5
efa62c5ea79fac9d1526ea844f07b32f943aec51211b6028e170376b34210d8e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5580
Cache-Control: max-age=127059
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "638275ff-116"
Expires: Mon, 28 Nov 2022 21:57:31 GMT
Last-Modified: Sat, 26 Nov 2022 20:24:31 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
appav1.xyz/favicon.ico
200 OK 1.9 kB IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash ece118124aae3f31b79186e172ce245c
8e9448a62c9cd9a38308100b6e328c9f9b90d5b5
775dd9453ff16fe9fcd4f50c35fe03e68962c310016a065e3082652557d7e04a
GET /favicon.ico HTTP/1.1
Host: appav1.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3939
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbtdOzf%2FhtPhleEhS3pI1g7J5g%2BBrLc9jA7OD57AjwHk8VSBBLeOdDZnw71blYA0Alyv%2FFBIJYonMgiGo4YAeMOkv8Q%2FudF%2F5NoS7%2FikYHJ0y%2B7ktLalbR8hxjrO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0d8e780b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dramasq.co/favicon.ico
301 Moved Permanently 208 B URL HTTP/1.1 www.dramasq.co/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ec31181eeb2f50f30c67bb1418c3891b
385820a53838aaa8215241bf7cec9058ad3d1c15
88e23b9a9e821f549899472fc14f97cebb4c9e592e4596343808c717ecb173e6
GET /favicon.ico HTTP/1.1
Host: www.dramasq.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.dramasq.co/
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 488
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOeFivKcHPZDKT9MhrG003QxUBl%2B8XTaNp3fmBd70EStsoRTP%2F99EqSJgzfWWamewrY77aOJeIqfzQAgwO3PcfKPtsLK0C1ziutOFMDzNzG%2F8o%2BiDzMjaXl7p69FBA9%2B9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 770a3e0e18691c16-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4a392c3c440e895c9072086c3720a4fd
6fb437a401465285136203ecc066328d2ff94f59
1474e17adbd25ec67067cfead0d69add7a70a95088fa5135cac812d165f23bbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1474E17ADBD25EC67067CFEAD0D69ADD7A70A95088FA5135CAC812D165F23BBD"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2908
Expires: Sun, 27 Nov 2022 11:28:20 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
www2.javhdporn.net/favicon.ico
302 Found 143 B URL HTTP/2 www2.javhdporn.net/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cb7b8f439b04c00f4a2d78160ddfee8d
9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4
12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e
GET /favicon.ico HTTP/1.1
Host: www2.javhdporn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html
content-length: 143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ey9cFR8TFa6WFVhCGHFKShCNLh%2B%2F5SOM7geNVH0ShCZzksgQ%2FtPvW0iFMjKm0QYflpVZkqwIx7w2MJqyBPi%2Fxb3fr5nLcsGxbEedgKMY%2FMZC3gSF0skPW3ZWmNN%2BePWHeELucMw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0e4c2cdcbb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.appav.site/favicon.ico
200 OK 2.2 kB URL HTTP/2 www.appav.site/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash f7549233113b74fac5005294cfd6eafd
aed8bf35418c5763b77c30fe3487f460d2b42cbb
d2b8555fb49ce5d7d29e8942618583e41bc43dfdf8aca9d80c24c204da6dceee
GET /favicon.ico HTTP/1.1
Host: www.appav.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1787
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwLWSvPh6aC5K7f1QxcxBLlsQsxc6iB2p0UTSg8DJolL%2Fmi41wtBip6bX41nb5IIPvgHs%2BxvSXTPEOAwHpqh%2FeANu0Ruj6sgv1G8aUUfdty989tpbs5KYbHKfF%2BD67CyNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0c0e30fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Vy4SmaUWAMQ
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Vy4SmaUWAMQ
IP
Hash 942740740e4f5498b08ad9c6d0d8b558
01b35db9e6595833024de8ab74c2a4aae86adb95
e5d5dfc0da9f114b5d5408c60988bf35dc4738abcfc2adc9001063161b0377cb
POST /s/gts1p5/Vy4SmaUWAMQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/V9gdxYaJcs0
200 OK 6.3 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/V9gdxYaJcs0
IP
Hash d39ccf8b5b26503326a10f8d7484a9b2
bfb3f05be027c636acf23c10aa370fa6ef42a43c
cee7db4fd2e4181b1089d037519944d5a010b4a859e82a4b7e19b7c599cef462
POST /s/gts1p5/V9gdxYaJcs0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
muryouav.avximg.com/2020-01/thumb/11OyxRw9oqWhFAcT.jpeg
200 OK 102 kB URL HTTP/1.1 muryouav.avximg.com/2020-01/thumb/11OyxRw9oqWhFAcT.jpeg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x200, components 3\012- data
Size 102 kB (102498 bytes)
Hash 333d4d6d7cdd6277ebd34881aa2e3973
e694c82a1cbc27a2ecc23b47083916ffb6ea169a
4414c56444fb7071712db80c1c41f92667b11a54cbc975d5527d74b9c1001bbf
GET /2020-01/thumb/11OyxRw9oqWhFAcT.jpeg HTTP/1.1
Host: muryouav.avximg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:51 GMT
Content-Type: image/jpeg
Content-Length: 102498
Connection: keep-alive
Last-Modified: Tue, 14 Jan 2020 05:38:25 GMT
Expires: Sun, 27 Nov 2022 11:09:51 GMT
Cache-Control: max-age=1800
Accept-Ranges: bytes
www.latinporn.tv/favicon.ico
404 Not Found 47 kB URL HTTP/2 www.latinporn.tv/favicon.ico
IP
Hash 5f69e6a478f16409cd53bb6934867477
dac69e296000201d6b526aa7ac5243e89e3ae98f
0e4c1f865703b65553b3b83b1c7228b594bd7715afd4c7b14f5fb2ec7b7f7b27
GET /favicon.ico HTTP/1.1
Host: www.latinporn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.16.1
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: text/html; charset: utf-8;charset=UTF-8
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=4o1d516udh09ps2aggd9hv5s04; path=/
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash a5623a5321c2eaaf5d015e556a0c7a2b
c3a1d5b35237219784335c9ecda3a0e15d91657b
3a15764bb1d182668c1f5b497604317c99598a9f6401fb9b1752fc7147c8e382
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4536
Cache-Control: max-age=96520
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "638202c9-117"
Expires: Mon, 28 Nov 2022 13:28:32 GMT
Last-Modified: Sat, 26 Nov 2022 12:12:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
www.dramasq.co/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.dramasq.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 11:39:52 GMT
Location: https://www.dramasq.co/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuUh9ORIo6lFQ0J7pVqxBOAFrLirHb4DyeAeyWSL%2FlMHIHXAd%2BmgJBCvZUGypj6TIHViDsuBch0z4Tu%2BP9VlDDm8w9nlkKG%2FV8yuUYpr1dYLrOwnzLNGd6o20SfQq0QV%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 770a3e0f6ad3b4eb-OSL
7dak.com/favicon.ico
200 OK 1.2 kB IP
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 4583f1095abf919676112ca23a640088
d9e78fcb773ed6297baf6e217f35726e1e5e6e46
682711f7834dc3fa34637a2140d514c60c432fda116baacd9f64d6b7d523b3b8
GET /favicon.ico HTTP/1.1
Host: 7dak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/x-icon
last-modified: Tue, 11 Aug 2020 18:52:14 GMT
vary: Accept-Encoding
etag: W/"5f32e8de-3aee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 74299f17922bf653fb0bc3d9985393bc
74dc360467d795e583ac900478da230e23411dc4
48fb5a59b744d26627f0664a8c1b7a397d0c81e7c162e0be31442c982a20650d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "48FB5A59B744D26627F0664A8C1B7A397D0C81E7C162E0BE31442C982A20650D"
Last-Modified: Fri, 25 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6037
Expires: Sun, 27 Nov 2022 12:20:29 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
www.dramasq.co/
301 Moved Permanently 49 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (42555), with no line terminators
Hash d40ded9c9b9cff9175295a67378dfa89
4e4fd134d7b1f62e0a6b779efd7089dfb893ca6b
e1d382ca47840bd2abaf9864d94add857fcb0c4b9927b03488e6260e96d877e4
GET / HTTP/1.1
Host: www.dramasq.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 10:39:52 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.qdrama.top/
Link: <https://img.dramasq.co>; rel="preconnect",<https://img.dramasq.co>; rel="dns-prefetch"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 2989
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2DlY10pBaXeD74LROLFuib%2FFnTQ1m9TXf2dO4oJ%2FJtwKGMj9bgeN8PhdVNfmqJTsfGPrbzrHy5EpQmG6B307MkE2xHftN2Y9Xm4j8Qf%2FDpVT5nLp6k3OItMJijZFxqMaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 770a3e0fd9d91c16-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash 8b931a301a725adcbdfed71891fce585
4421f2365c65a03f389a699108fab3412520183b
b2116dd8821f933c969117e47ca726d789d9bf9b023242f5a1af018979c7b3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=153883
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "6382f493-117"
Expires: Tue, 29 Nov 2022 05:24:35 GMT
Last-Modified: Sun, 27 Nov 2022 05:24:35 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 5d37656a0eb3461434feef933d6cdfdf
5a9e7143a9e50b9ea8ae627259460c1dd2bc6ef8
161716f70a40311d178062a1223deb89c2163ef118cdac9e9e62badd811b0198
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169397
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "6383312d-117"
Expires: Tue, 29 Nov 2022 09:43:09 GMT
Last-Modified: Sun, 27 Nov 2022 09:43:09 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 280 B IP
Hash da7f9b5a87fd9945278318c68c227f8c
3afaef2a24b21b40cbea852badb1897cc8361cc8
2fc0938010c8e211b22c4607b0947534bbc6c4587ffcb0f01fe7fcd94d8d091a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 926
Cache-Control: max-age=111293
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "63824a97-118"
Expires: Mon, 28 Nov 2022 17:34:45 GMT
Last-Modified: Sat, 26 Nov 2022 17:19:19 GMT
Server: ECS (amb/6B76)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fafa38cca35f0d6d6c546f17ec3ab97a
abad4cc925768d41384428fb7bcdfc074e39b084
e0d6e149236e238b584491bbc22eaa9910d1f63141c86cb60b1781cdab00f41e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D6E149236E238B584491BBC22EAA9910D1F63141C86CB60B1781CDAB00F41E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4361
Expires: Sun, 27 Nov 2022 11:52:33 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
hifimov.co/favicon.ico
200 OK 1.2 kB IP
ASN #399045 DEDIOUTLET-NETWORKS
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b4f251d3904c06d03eca94cd26d2c03f
957b9afa61b7c9caf7f9ac8917c0ff042b353f1b
840e212b5e59880e5e710d8b6ce75538fb221036710d6736bd61e292db4d26c7
GET /favicon.ico HTTP/1.1
Host: hifimov.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Sat, 28 Sep 2019 20:03:00 GMT
expires: Sun, 04 Dec 2022 10:39:52 GMT
cache-control: max-age=604800
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
xn--icktho51ho02a0dc.com/wp-content/uploads/2017/03/taskw013.jpg
403 Forbidden 2.1 kB URL HTTP/2 xn--icktho51ho02a0dc.com/wp-content/uploads/2017/03/taskw013.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (531)
Hash 63d8944a15be6bc0a90d05b4760c5538
cabbb591f75d5bc5108e9ba37cb9bdb33dc9824a
e62c6b0484115bbee0c02b8373597d4513b462f462c0ae6ac88139f74ac98e76
GET /wp-content/uploads/2017/03/taskw013.jpg HTTP/1.1
Host: xn--icktho51ho02a0dc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 27 Nov 2022 10:39:49 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYbuiqwWcs3eL5grbN%2BC3mACzqQxj0gvKqA53%2BCY9aYk2sWvYjcxr1aQOD%2FaA0%2B1MhRVG%2FltOayln3ybKBDtdU8oEG%2BNUsUY6gtPFaol4mCS8vQbjdhF1l67t51hfFYgnvRrzPH25CQQvUU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770a3dfcbb75b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
amp.hifiporn.fun/favicon.ico
301 Moved Permanently 162 B URL HTTP/2 amp.hifiporn.fun/favicon.ico
IP
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: amp.hifiporn.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html
content-length: 162
location: https://amp.hifiporn.fun/
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c6a25ccbdb7b461b5ee974b8d824640d
dca8a9c28f64d7c6f91cd17afb73f1a21dd2f017
6dfd1e7c49fc6613a0879ab0d2a025cbb7db4406ef3392b3e6506198c9b7e462
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118391
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "63825737-1d7"
Expires: Mon, 28 Nov 2022 19:33:03 GMT
Last-Modified: Sat, 26 Nov 2022 18:13:11 GMT
Server: ECS (dcb/7EA4)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZZnTwppJlzjy37l3yMMWuh5tgaSA8pVqaOz6wDcYREiTsRWx_yFEIA==
Age: 4792
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc8b7a376eae14f19b6c5a58b4dc9deb
8e7c2ab3ab62a91fcff61a0b42ccb5c035134a08
32bcbcf36c31399f918ff452981557d04707d3e5f8554748bed930fb3099a758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32BCBCF36C31399F918FF452981557D04707D3E5F8554748BED930FB3099A758"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6799
Expires: Sun, 27 Nov 2022 12:33:11 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fb4013fdc29093924bbf58d195a3fc3
14ff3df232d430f78a2200c4b21e88b95069e338
21d66847acfd3dc4870904b0abc040aadb4f2e8b38f4ef4d6a8480eec7fd9a20
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21D66847ACFD3DC4870904B0ABC040AADB4F2E8B38F4EF4D6A8480EEC7FD9A20"
Last-Modified: Fri, 25 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10210
Expires: Sun, 27 Nov 2022 13:30:02 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cadbf233f12e981d9da7c182770450f7
426348a8785a97c7c8fc394afced90886ca7cfa0
756b894f2885a33f84f39ed0de8b34b5a44c4297ffc333fe6c0c73bcd57b8eae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "756B894F2885A33F84F39ED0DE8B34B5A44C4297FFC333FE6C0C73BCD57B8EAE"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9279
Expires: Sun, 27 Nov 2022 13:14:31 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
www.sokmil.com/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 www.sokmil.com/favicon.ico
IP
ASN #9607 BroadBand Tower, Inc.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f243152e0bb1b7e931e83c23c0323ad9
f96b60d635eebe8493c553fcb678dfb6bf7b3f21
0ad0eaefd3558dda714af20aeaaecf657778f5c7e17ec1444093e1ed2a828dd4
GET /favicon.ico HTTP/1.1
Host: www.sokmil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:52 GMT
Server: Apache
Last-Modified: Tue, 25 Jun 2019 04:16:18 GMT
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=315360000, public
Expires: Wed, 24 Nov 2032 10:39:52 GMT
Service-Worker-Allowed: /
Connection: close
Content-Type: image/vnd.microsoft.icon
kissjav.com/favicon.ico
200 OK 1.2 kB IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 0ff7e3a24a7ed8cd60bc0fcd92fcf935
4d61cd969455c158b7ca1854d8eeca53c7aa1152
d7a0993e561a9a25c1ecb544260bc1e1b5302267f90524e63c98393f7c69be06
GET /favicon.ico HTTP/1.1
Host: kissjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:39:52 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Thu, 03 Jan 2019 09:28:04 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5c2dd5a4-47e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
r18.video/favicon.ico
200 OK 13 kB IP
Hash 6d57de7611fac4ef28c298877cad20b4
263beccbb6c5a825198ee752e63e844c9aedf35d
630bbc798585850cdd4d05f29476b438f36b8bdef854fa44de9755e3b18a77cf
GET /favicon.ico HTTP/1.1
Host: r18.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/x-icon
last-modified: Sat, 05 Dec 2020 16:56:42 GMT
etag: W/"5fcbbbca-30c5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UhKljfhv6jdhKNifY6w9D6sAFPJZWJxiYdecfSGyqn29X6CkPCR3jAE%2BGJoX0cBweDbuubkz9v3bf9xXAo50fa15tYgnyR4KUfSNhUCEGgyQcbXcW9%2FRJfkEeM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e045e8fb4ee-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hsex.men/favicon.ico
200 OK 17 kB IP
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 1eb845d3627997115d49137ddb5f9d76
b0e1e48daa0f617c1ed026250f0520af37c2876e
883217f913b58228ddbab8c0867a3e9fe4357534b87e360bc8318140ee0901b6
GET /favicon.ico HTTP/1.1
Host: hsex.men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
date: Sun, 27 Nov 2022 10:39:34 GMT
content-type: image/x-icon
content-length: 16958
last-modified: Sun, 07 Aug 2022 04:36:27 GMT
etag: "62ef414b-423e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
movie-ga.com/wp-includes/images/w-logo-blue-white-bg.png
200 OK 4.1 kB URL HTTP/2 movie-ga.com/wp-includes/images/w-logo-blue-white-bg.png
IP
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: movie-ga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/png
content-length: 4119
cache-control: public, max-age=604800
expires: Mon, 13 Jun 2022 21:42:30 GMT
etag: "1017-60483f07-a8e0df8;;;"
last-modified: Wed, 10 Mar 2021 03:37:43 GMT
cf-cache-status: HIT
age: 5137
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uhJCDaDPPeMfHmHH7x5eWqOaScgSItKLe%2BuDaeECY0yUeEqj8iirVGUiDBMlw3JIA3a7%2FfllX1om8nKUtHxLfwA52iOl2ubWh7qLmiyNBOgIcz2X3vLV6gsu9TXhjQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e114bc00b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/lAc75oMMseg
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/lAc75oMMseg
IP
Hash 1cdced5ebfa5e73391c4309f00080fbb
365fa84f178425e96661d87a6cd82b46ae5c5379
e25ad56501866652bcdd9da529fc5bb14b3064ab151202383f7f8e00c951a237
POST /s/gts1p5/lAc75oMMseg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.wpadmngr.com/npc/sdk/wp-banners.js
200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Sun, 27 Nov 2022 10:44:52 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash e52fcf9c821f9bc3e6deeebd726df97d
847c390c1ad5fe978cbed0b45a21e279a81bc5f8
b92f11db90c6bb53383655e21d6c79093bda52a78a658a704c9f8c0f27a9043f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B92F11DB90C6BB53383655E21D6C79093BDA52A78A658A704C9F8C0F27A9043F"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6114
Expires: Sun, 27 Nov 2022 12:21:46 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
biguz.net/favicon.ico
403 Forbidden 575 B IP
ASN #14576 HOSTING-SOLUTIONS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e30ae560a233b48e7a61979776dc2bba
8949f5f1f85cca910072e22fabf34c1ddd067baa
0444da1288bab65b2cade7ca8ce75792d2ac7639d534e57b55e511a5cf2f8c70
GET /favicon.ico HTTP/1.1
Host: biguz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Sun, 27 Nov 2022 10:37:11 GMT
content-type: text/html
content-length: 575
etag: "60616904-23f"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash fda20012ba2e4ad18811acdcfe6d62b4
eabbd9cae98f3618ec7a3db0933a23f7757fcbdd
f4f6380ec73d2f87b606b90d9200c580ee91b6db0c552737b5bf561f4d8e9fad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F4F6380EC73D2F87B606B90D9200C580EE91B6DB0C552737B5BF561F4D8E9FAD"
Last-Modified: Sat, 26 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19097
Expires: Sun, 27 Nov 2022 15:58:09 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
amp.hifiporn.fun/
301 Moved Permanently 162 B IP
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: amp.hifiporn.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html
content-length: 162
location: https://amp.hifiporn.fun/xxx/
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 65790a4da847a1d13f99d9486d44fb00
4694f7c48cade51ddfa175dc87583f47c2309d87
72a805a63ee5c329f8ff5d0c38c3ba59ffd471e3c7eef699bce52c68eba17255
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4839
Cache-Control: max-age=117007
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "638251a0-118"
Expires: Mon, 28 Nov 2022 19:09:59 GMT
Last-Modified: Sat, 26 Nov 2022 17:49:20 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 7a314360fce192e226f1e6cd7c76da72
4d1379db0599bd3bf023a2fefd634560d02a62cf
665f67993099d99bdad193f0809eae217cc1176e134320cdfb11dd36d9b7eafa
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "665F67993099D99BDAD193F0809EAE217CC1176E134320CDFB11DD36D9B7EAFA"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7219
Expires: Sun, 27 Nov 2022 12:40:11 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
www.bp4x.com/favicon.ico
301 Moved Permanently 134 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /favicon.ico HTTP/1.1
Host: www.bp4x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html
content-length: 134
location: https://www.jav24.com:443/favicon.ico
X-Firefox-Spdy: h2
nnpapa4.com/favicon.ico
301 Moved Permanently 162 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: nnpapa4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html
content-length: 162
location: https://www.nnpapa4.com/favicon.ico
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 3da35c3a8076ceaa379860e81dffa44c
48a63fd05a2612200e372877d8cd0673ca8f9ac3
e13fd233b341839bb71bd5f448c45ad50500d0110e37a1d614b0ac68b1f98cc2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E13FD233B341839BB71BD5F448C45AD50500D0110E37A1D614B0AC68B1F98CC2"
Last-Modified: Sat, 26 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3273
Expires: Sun, 27 Nov 2022 11:34:25 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 2985771c10982d7d7c8f0619f1657096
d0985d23d95a676556e726ff70f5eba2db72fad3
eee1403464a2b7fdd9a7154b26e6855994ff164609af4f4ab69383c208501143
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3850
Cache-Control: max-age=135423
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "63829d6d-117"
Expires: Tue, 29 Nov 2022 00:16:55 GMT
Last-Modified: Sat, 26 Nov 2022 23:12:45 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
nijimo3.ocsp.secomtrust.net/
200 OK 1.6 kB URL HTTP/1.1 nijimo3.ocsp.secomtrust.net/
IP
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash 05b9ca69d919202885191850ecbacba1
a4c8c884b419527ce94192f1139720744e8d763f
9a20f378199206f79d5d4a5ceee53040cb47911ad9e252cf938e2ba49efe2f17
POST / HTTP/1.1
Host: nijimo3.ocsp.secomtrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:52 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Wed, 30 Nov 2022 11:49:03 GMT
Last-Modified: Sat, 26 Nov 2022 11:49:03 GMT
ETag: "05b9ca69d919202885191850ecbacba1"
X-Powered-By: ASP.NET
Content-Length: 1560
Connection: close
ocsp.digicert.com/
200 OK 279 B IP
Hash 0709ed43a5e291c6b2a477448c4b425b
a25975f93961ce0a51a63f3c3d23635c25ae5a4d
42831c2eef2561abe3d2207e9dfd7e60d5828c29ecf8b9f7787ec140f0e670f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5199
Cache-Control: max-age=167399
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "63831510-117"
Expires: Tue, 29 Nov 2022 09:09:51 GMT
Last-Modified: Sun, 27 Nov 2022 07:43:12 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
www.lxs2.xyz/favicon.ico
404 Not Found 5.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (491), with CRLF, LF line terminators
Hash 9b113d615b6d28734b7e75798d72ecfa
a78e8b86419084196d46b457e19d79bab9a62abd
9a44bb1651402dc92349714bb8259a63851194f121f1e5d6402775b6b5edbfd1
GET /favicon.ico HTTP/1.1
Host: www.lxs2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 27 Nov 2022 10:39:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=79sg4pi3fmi6hsae8mgamrqg82; path=/
kt_referer=http%3A%2F%2Fav.xvideos-dl.top%2F; expires=Mon, 28-Nov-2022 10:39:52 GMT; Max-Age=86400; path=/; domain=.lxs2.xyz
kt_ips=91.90.42.154; expires=Mon, 28-Nov-2022 10:39:52 GMT; Max-Age=86400; path=/; domain=.lxs2.xyz
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 279 B IP
Hash 88fa498ca6be9cdb58bb415bb12bf61a
b811803ccd132788c41df429605f340a1834b63f
741d1a19f28539d4d5d0cbb66bfaf0b0743d80a32ea4d8f5caca171e9a2f399e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3586
Cache-Control: max-age=170447
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "63832745-117"
Expires: Tue, 29 Nov 2022 10:00:39 GMT
Last-Modified: Sun, 27 Nov 2022 09:00:53 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
IP
Hash 176d38e608983568aa2590425a22dd34
daf14cd648c8cf1eb21bb1c44defeb017c5d84e6
1335fdfe6ca15771617ce854d75ec6886c4b41c2a7954753d0619b1dc065fec4
POST /s/gts1p5/Uzl9FVb0AGo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 834aa718e46db84440588fbdda18204c
1f3fe54d432fd18abce04ac16ca169e4d5f07de5
eaa90f388b2c7fbb5ee72b8b530b9b351d62923ea4289e61cfd912bed688aebd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4759
Cache-Control: max-age=134178
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "63829503-117"
Expires: Mon, 28 Nov 2022 23:56:10 GMT
Last-Modified: Sat, 26 Nov 2022 22:36:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
nijimo3.ocsp.secomtrust.net/
200 OK 1.6 kB URL HTTP/1.1 nijimo3.ocsp.secomtrust.net/
IP
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash b415c913f2a972dc264fe3adab91c882
e33b2658c22bdcc934bd869b8c3e5d20aa86ac4e
16ece1b8e0d80f82e6e577cc8530340a088d26a470293ec5e559d2ea1aebb51a
POST / HTTP/1.1
Host: nijimo3.ocsp.secomtrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:52 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Wed, 30 Nov 2022 11:49:03 GMT
Last-Modified: Sat, 26 Nov 2022 11:49:03 GMT
ETag: "b415c913f2a972dc264fe3adab91c882"
X-Powered-By: ASP.NET
Content-Length: 1560
Connection: close
www.nanrenb.xyz/favicon.ico
301 Moved Permanently 324 B URL HTTP/1.1 www.nanrenb.xyz/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3a558af21182f1446ae9694d8212b911
a91a7ba0ec775e8b072cf97b7baba8c405ba8f94
daa741a8c619361d0d1ac78be851155f0493488f22398c77bcb5f6543958af83
GET /favicon.ico HTTP/1.1
Host: www.nanrenb.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 27 Nov 2022 10:39:52 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 324
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://www.nanrenb.xyz/favicon.ico
www.liaoai.xyz/favicon.ico
301 Moved Permanently 279 B URL HTTP/2 www.liaoai.xyz/favicon.ico
IP
Hash 66ba5d11b5c0fa71c9b3171cdb2906b1
77d8c58faad6d4dd818b3ea0bef406b313cc261b
d36987e288f57bce61e86f3f4c48e4905d16cd5a1157d34fb1364f3051d8755d
GET /favicon.ico HTTP/1.1
Host: www.liaoai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 10:39:52 GMT
location: http://www.liaoai1.xyz/favicon.ico
cache-control: max-age=3600
expires: Sun, 27 Nov 2022 11:39:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uscX3NekM9jOP47HGSxZaXNUJsWgHHFdPY%2FlivQAjmlutgVsgpBUn1ssrTunG%2BnvK1NvzKs8vIDhi1PqE%2FVYnUbcAdHayUvM80jR5lU3Sj7IojIWhRCgRmBazP13xqEOrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e10793bfac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 60bd65c61bb34bf92881cb0083409d65
40ab75c6b5edf52174ddedc58043aa7438e5d4e5
efa62c5ea79fac9d1526ea844f07b32f943aec51211b6028e170376b34210d8e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "638275ff-116"
Last-Modified: Sun, 27 Nov 2022 10:00:48 GMT
Server: ECS (amb/6B7D)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
IP
Hash 176d38e608983568aa2590425a22dd34
daf14cd648c8cf1eb21bb1c44defeb017c5d84e6
1335fdfe6ca15771617ce854d75ec6886c4b41c2a7954753d0619b1dc065fec4
POST /s/gts1p5/Uzl9FVb0AGo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4a65d58a18.7a07c25a29.com/ec8384a546668869aeca46562f679d38.js
200 OK 35 kB URL HTTP/2 4a65d58a18.7a07c25a29.com/ec8384a546668869aeca46562f679d38.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash e6711ca4a079ac117bc08974c95b3816
786154e835834417fa00f2756f95d1edfaff7bc1
2eadd40b199b6ecf26a46c60d2b3631ab8e74952ace1c455f133c3f8e82417a5
Analyzer Verdict Alert quad9 Sinkholed
GET /ec8384a546668869aeca46562f679d38.js HTTP/1.1
Host: 4a65d58a18.7a07c25a29.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 15 Nov 2022 13:38:16 GMT
etag: W/"63739648-17810"
content-encoding: gzip
expires: Sun, 27 Nov 2022 10:44:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
amp.hifiporn.fun/xxx/
200 OK 10 kB IP
ASN #399045 DEDIOUTLET-NETWORKS
Hash f366d555ee8ad9b1088c6eb423ae63cc
fdaebd2e4004c57d4ab0a1bf820db9c54e988cb7
eae8e04ed36bd1900ba3b10bdfbf886a01c201161e31b63263eecac0e99fc153
GET /xxx/ HTTP/1.1
Host: amp.hifiporn.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=604800
expires: Sun, 04 Dec 2022 10:39:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
rfdxfy.jiuse6666.com/favicon.ico
200 OK 15 kB URL HTTP/2 rfdxfy.jiuse6666.com/favicon.ico
IP
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 79687d77e084027caf9d01059a41ec8c
19482bfa446c6482b0e40d43f77cb08bfa56c64f
b7d9a1e430882d4dc17134f461ef9ff06fdfb19c3f197df3221f39fdd5e8d40d
GET /favicon.ico HTTP/1.1
Host: rfdxfy.jiuse6666.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/x-icon
content-length: 15406
last-modified: Tue, 01 Sep 2020 15:07:12 GMT
etag: "5f4e63a0-3c2e"
j-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ts-video.com/favicon.ico
404 Not Found 1.2 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: ts-video.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 27 Nov 2022 10:39:52 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
hentaiprn.com/wp-content/uploads/2021/07/favicon-32x32-1.png
200 OK 244 B URL HTTP/2 hentaiprn.com/wp-content/uploads/2021/07/favicon-32x32-1.png
IP
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash aa6ca0c5b76e474eca3b61c9ad3c2fc9
b76e48a1e89b985ff2de5595a5191f5a464bc785
38a46369902d2e2aeb89599c0b45399d707017cb08b118cef6bcfa707bf5d7cd
GET /wp-content/uploads/2021/07/favicon-32x32-1.png HTTP/1.1
Host: hentaiprn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/png
content-length: 244
last-modified: Thu, 15 Jul 2021 14:24:54 GMT
etag: "60f04536-f4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynbJ9CXilW0Pe1YRhKoQdECGbto%2Fg8X3%2Bfx%2FZrMSF7DEOhKGT0uOk78gdFCfiUh4%2BVrX4%2FKA%2BswEcNup4HSxPRXaxIlbh2eLEKMvXZMTqFrS6d6O3NIqCFCfHchim9nw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e13cfa8b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 8421760e68bf8f0179f5756c193a635f
1ca8f06b9408b39177f060c389647c6cf7f6164d
b95b8448724255b51fe66c4f9c68e79745792d0e1c6f0a264b3ee3c58f91b9ef
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B95B8448724255B51FE66C4F9C68E79745792D0E1C6F0A264B3EE3C58F91B9EF"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21178
Expires: Sun, 27 Nov 2022 16:32:50 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 4c4556c965bda3dcb2840d386e8109a6
7ee923f0e5dd79c18eec1106149368e30452ee66
24fe0a1f3b7689c311a07794d571cdcb07eb2e36a01a7f895e4a3d453bab0a28
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "24FE0A1F3B7689C311A07794D571CDCB07EB2E36A01A7F895E4A3D453BAB0A28"
Last-Modified: Fri, 25 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1935
Expires: Sun, 27 Nov 2022 11:12:07 GMT
Date: Sun, 27 Nov 2022 10:39:52 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash a5623a5321c2eaaf5d015e556a0c7a2b
c3a1d5b35237219784335c9ecda3a0e15d91657b
3a15764bb1d182668c1f5b497604317c99598a9f6401fb9b1752fc7147c8e382
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 400
Cache-Control: max-age=92385
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:52 GMT
Etag: "638202c9-117"
Expires: Mon, 28 Nov 2022 12:19:37 GMT
Last-Modified: Sat, 26 Nov 2022 12:12:57 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 279
gaybilibili.com/favicon.ico
200 OK 0 B URL HTTP/2 gaybilibili.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: gaybilibili.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/x-icon
content-length: 0
cf-ray: 770a3e11cd8ab4fd-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=864000
etag: "633c22f8-0"
last-modified: Tue, 04 Oct 2022 12:11:36 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
access-control-allow-credentials: true
server-timing: cf-q-config;dur=6.0000020312145e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FLuqZNvV6CJ8Lpwp62dJ8s69kLlD3QddqyKrVdCMGDVoDmrif2qYp6YVeV%2F1IvhyNv62pJXHoOFMT0yvRQS3ZaGwSNprJuTfegbxkQHMXcD78cWua32%2F4MeFlzO45m5tc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 7e42c37fc059666ff88cf6c6f82b5302
86e683a4cd5c38282b2a672dc5cc094d844a6837
ba1f2bf8a545a2f677ba0dd0a509fb4a4bcaa605710413ccea7627273eb25dc8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6589
Cache-Control: max-age=111185
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:53 GMT
Etag: "6382340d-117"
Expires: Mon, 28 Nov 2022 17:32:58 GMT
Last-Modified: Sat, 26 Nov 2022 15:43:09 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
www.lxs2.xyz/favicon.ico
404 Not Found 5.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (491), with CRLF, LF line terminators
Hash 952a59f869bce4fcc22fbd0ad2818090
6f08aa27b003b46ab4b4bb4e15feafce126a411e
08ea5bfc3c1374e3e392b5d22ce7c468be6f7686427ebe08dded18d0591259a7
GET /favicon.ico HTTP/1.1
Host: www.lxs2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 27 Nov 2022 10:39:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=6l71v2su94bl8g04v7iutser15; path=/
kt_referer=http%3A%2F%2Fav.xvideos-dl.top%2F; expires=Mon, 28-Nov-2022 10:39:53 GMT; Max-Age=86400; path=/; domain=.lxs2.xyz
kt_ips=91.90.42.154; expires=Mon, 28-Nov-2022 10:39:53 GMT; Max-Age=86400; path=/; domain=.lxs2.xyz
Content-Encoding: gzip
xvideo-jp.com/favicon.ico
200 OK 4.4 kB URL HTTP/2 xvideo-jp.com/favicon.ico
IP
ASN #10013 FreeBit Co.,Ltd.
Hash 35cde5e2e811d41e92f3405bacfddbb3
d3dcc056dc6c87c4f0bb6f778225aecae206af71
26ef1b8bbcc29f5a0cce3abfffeb3ddf4afe129a5e06ecd508973732b311ede3
GET /favicon.ico HTTP/1.1
Host: xvideo-jp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 09 Apr 2019 01:53:17 GMT
etag: "5cabfb0d-0"
expires: Mon, 28 Nov 2022 10:39:52 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 74299f17922bf653fb0bc3d9985393bc
74dc360467d795e583ac900478da230e23411dc4
48fb5a59b744d26627f0664a8c1b7a397d0c81e7c162e0be31442c982a20650d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "48FB5A59B744D26627F0664A8C1B7A397D0C81E7C162E0BE31442C982A20650D"
Last-Modified: Fri, 25 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6036
Expires: Sun, 27 Nov 2022 12:20:29 GMT
Date: Sun, 27 Nov 2022 10:39:53 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 280 B IP
Hash da7f9b5a87fd9945278318c68c227f8c
3afaef2a24b21b40cbea852badb1897cc8361cc8
2fc0938010c8e211b22c4607b0947534bbc6c4587ffcb0f01fe7fcd94d8d091a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 422
Cache-Control: max-age=110788
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:53 GMT
Etag: "63824a97-118"
Expires: Mon, 28 Nov 2022 17:26:21 GMT
Last-Modified: Sat, 26 Nov 2022 17:19:19 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 279 B IP
Hash 8b931a301a725adcbdfed71891fce585
4421f2365c65a03f389a699108fab3412520183b
b2116dd8821f933c969117e47ca726d789d9bf9b023242f5a1af018979c7b3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 9
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:53 GMT
Etag: "63805194-117"
Last-Modified: Sun, 27 Nov 2022 10:39:44 GMT
Server: ECS (amb/6B7D)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/Vy4SmaUWAMQ
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Vy4SmaUWAMQ
IP
Hash 942740740e4f5498b08ad9c6d0d8b558
01b35db9e6595833024de8ab74c2a4aae86adb95
e5d5dfc0da9f114b5d5408c60988bf35dc4738abcfc2adc9001063161b0377cb
POST /s/gts1p5/Vy4SmaUWAMQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash 3e853fc9543cfd3df730eb18ab0c9fcf
9601bb74464276239f27b8b33577da4eb907ea7d
f2858a22aa837bd434f626fa1804b65fff05352f4d5f0c2680f047efe84ef8ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5260
Cache-Control: max-age=126018
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:53 GMT
Etag: "6382732f-116"
Expires: Mon, 28 Nov 2022 21:40:11 GMT
Last-Modified: Sat, 26 Nov 2022 20:12:31 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/s/gts1p5/V9gdxYaJcs0
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/V9gdxYaJcs0
IP
Hash 5ee43fd46360cebe56217adc2604e904
35de4b47064bf3926f524af1533ebc4c603d820c
ed9aed5a459f38c7221c176fc9df1561f566d0d57af8a1514f957a627cdba0c8
POST /s/gts1p5/V9gdxYaJcs0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 84c58294d2dfddc5ef479327ed5eb88a
d0bb754a17e3b8bafe2da0c5a8396dc2954a03c7
72d51e22bf4e920f03ea224004a31916f0f5606a069f91667fb69fe3a2034eca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2566
Cache-Control: max-age=123681
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:53 GMT
Etag: "63827494-117"
Expires: Mon, 28 Nov 2022 21:01:14 GMT
Last-Modified: Sat, 26 Nov 2022 20:18:28 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a924686fd91de33f608d7cd0f77c9a3a
eeedd8a60ed13937d208ab1b0c52941bc3adfd6c
5a657d750119365722f54df436b0d2d1a538dd85464142b34acf28cc06edd702
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A657D750119365722F54DF436B0D2D1A538DD85464142B34ACF28CC06EDD702"
Last-Modified: Sat, 26 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11889
Expires: Sun, 27 Nov 2022 13:58:02 GMT
Date: Sun, 27 Nov 2022 10:39:53 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash 6f53ae8e0c4e0d0214fd188e6977332a
3a03063e07eedf342a3953ee620875f34b83fac2
588a1f3acb37968acece87773839e52070ea352909c765f7d5d778680be2c7b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4854
Cache-Control: max-age=87852
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:53 GMT
Etag: "6381dfaf-116"
Expires: Mon, 28 Nov 2022 11:04:05 GMT
Last-Modified: Sat, 26 Nov 2022 09:43:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 63d66e877f15961a85914fe9323c4a57
2d77ed8b59301e637d1710f2734553abbda7da22
99509797e80cd6c860d60aaf4a058a64e7f4c2424d35bca8050051e35dafb9e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4409
Cache-Control: max-age=150032
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:53 GMT
Etag: "6382d450-116"
Expires: Tue, 29 Nov 2022 04:20:25 GMT
Last-Modified: Sun, 27 Nov 2022 03:06:56 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 22944642e7ac944155abedac566c3151
377a57b2d4dd7e6ea456fe7c18a0b0a5ce5b2565
7598dadfbe878f5fbb45500c882b47cc02e37402127e2f6e8feebe1aed42b7b3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7598DADFBE878F5FBB45500C882B47CC02E37402127E2F6E8FEEBE1AED42B7B3"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5336
Expires: Sun, 27 Nov 2022 12:08:49 GMT
Date: Sun, 27 Nov 2022 10:39:53 GMT
Connection: keep-alive
www.qdrama.top/
200 OK 9.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (40824), with no line terminators
Hash c9a6b62e101af3dfcc89be1f98324bc0
7337682c9dd8137c167a97f4debc5e5201e4b541
fc036f4b1948b81c4d289c8f063efdaff094f63377a3666ef1ab237f7fbf4853
GET / HTTP/1.1
Host: www.qdrama.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:39:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://img.qdrama.top>; rel="preconnect",<https://img.qdrama.top>; rel="dns-prefetch"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Sun, 27 Nov 2022 09:43:14 GMT
Cache-Control: max-age=120
CF-Cache-Status: HIT
Age: 2164
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7ZU09atdNhqu9zYaZD0Qtmx2o4q%2FWcU01IM4FDYHxcckW%2BoOcurDS4h22MzLwvAzlzwwDsFAsTK2biQl%2FiEZcYd9x9MBu9EXUsjLFAQYpo2OGnqAMjIxRrxk0uXM3wR4w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 770a3e152a05b503-OSL
Content-Encoding: br
www.nnpapa4.com/favicon.ico
200 OK 4.3 kB URL HTTP/2 www.nnpapa4.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 15d93d43222caa4d4a65451d686d9801
3acc394918580efa0a6006ba21f6b64b753accbd
7f5b00645c1500a589a9fb69b8c67866ab65d0d915b1007815fcb1b9884e80f3
GET /favicon.ico HTTP/1.1
Host: www.nnpapa4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:53 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Mon, 26 Apr 2021 16:27:41 GMT
etag: "6086e9fd-10be"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dmm.co.jp/favicon.ico
301 Moved Permanently 867 B URL HTTP/2 www.dmm.co.jp/favicon.ico
IP
Hash c65f77aed5b46dd49440423751edce65
102b574db67a8aaac9ad0515b7dd96096ce29501
b9d6109443d609bc8919da260d07508f46c14bcd31a731d550c30d877059b2ab
GET /favicon.ico HTTP/1.1
Host: www.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
content-length: 198
location: https://p.dmm.co.jp/p/favicon.ico
date: Sun, 27 Nov 2022 10:39:53 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ceABOaOnXJYzhoLhpwHKR8ls_-y_2Dger7K1bZ1DNBw_XA-LqdrEIA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash f698af79af86df37509a71fbd683b84e
e011be435264df537601471f064b2654c5d25a14
32e47cfe36750cdef7f6257f5744ad0f4a61dc26d1047f0ace55af2e2a46c6ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4698
Cache-Control: max-age=142071
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:53 GMT
Etag: "6382b416-118"
Expires: Tue, 29 Nov 2022 02:07:44 GMT
Last-Modified: Sun, 27 Nov 2022 00:49:26 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 4c4556c965bda3dcb2840d386e8109a6
7ee923f0e5dd79c18eec1106149368e30452ee66
24fe0a1f3b7689c311a07794d571cdcb07eb2e36a01a7f895e4a3d453bab0a28
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "24FE0A1F3B7689C311A07794D571CDCB07EB2E36A01A7F895E4A3D453BAB0A28"
Last-Modified: Fri, 25 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21577
Expires: Sun, 27 Nov 2022 16:39:30 GMT
Date: Sun, 27 Nov 2022 10:39:53 GMT
Connection: keep-alive
notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=d
200 OK 2.3 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=d
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (2268), with no line terminators
Hash f2a2d9db3c7ea3ce7629f3c1f8ea1dc7
70b02c8e06420008bb2a9506db8d01a75bb7dd5e
c777eea2c2fa757dfb57e4d923f3fda52368c3d1c8a8dd0e9dfe3b1c0cb6d311
GET /tags?tag_id=23782&timezone_olson=UTC&version_name=d HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 27 Nov 2022 10:39:53 GMT
content-type: application/json
content-length: 2268
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
lvv2.com/favicon.ico
200 OK 18 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (768)
Hash 311f3d44b7fa325e1f47ff484a1a6b89
31307dcbdecfecd12e8e38554738cee085224d7d
9664420495de95ea5abe2888a863ff167e8c44e893a93af9247434846c101231
GET /favicon.ico HTTP/1.1
Host: lvv2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/7.3.6
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="CAO PSA OUR"
vary: Accept-Encoding
cf-cache-status: BYPASS
set-cookie: PHPSESSID=en8d69lc3f1747b05dsqrftfsf; path=/
lvv2_FXSVwm_sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
lvv2_FXSVwm_auth=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
lvv2_FXSVwm_sid=qa2zqD; expires=Mon, 27-Nov-2023 10:39:44 GMT; Max-Age=31536000; path=/; secure; HttpOnly
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCyzB5eMWqGyAyepUXKhgijKa3Th4n1RjQXRX%2ByrUD3WWdGKbXrINlT4IEsMNUleVhiQH1NxE0np4x1iSej52FnydCBqaVP%2Ba0gf5QfkvYGRZBVq9EhIVKnk9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770a3e109ed58880-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0cb237b3bf290a9426c1d9cceee9e290
39dc439a7c518954933233d7084ef8333e2495e8
8303c46588ee034a0f8429c1986407b3962e07465ae8e98e12174c0c170d07b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8303C46588EE034A0F8429C1986407B3962E07465AE8E98E12174C0C170D07B5"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19805
Expires: Sun, 27 Nov 2022 16:09:58 GMT
Date: Sun, 27 Nov 2022 10:39:53 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 22944642e7ac944155abedac566c3151
377a57b2d4dd7e6ea456fe7c18a0b0a5ce5b2565
7598dadfbe878f5fbb45500c882b47cc02e37402127e2f6e8feebe1aed42b7b3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7598DADFBE878F5FBB45500C882B47CC02E37402127E2F6E8FEEBE1AED42B7B3"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5336
Expires: Sun, 27 Nov 2022 12:08:49 GMT
Date: Sun, 27 Nov 2022 10:39:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 57f1c942a517110091ea6d2d3c1f90fa
b1c828b49a38a1c719436414d3d92152dfb168e8
a11f9071220418e2cc5ca95e1dcdfe6daba304d0ae986b5b8dafaf47fbb6244d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A11F9071220418E2CC5CA95E1DCDFE6DABA304D0AE986B5B8DAFAF47FBB6244D"
Last-Modified: Fri, 25 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9865
Expires: Sun, 27 Nov 2022 13:24:18 GMT
Date: Sun, 27 Nov 2022 10:39:53 GMT
Connection: keep-alive
4a65d58a18.7a07c25a29.com/58f2ad5e91ac3a536fc14adbd3d493d3.js
200 OK 17 kB URL HTTP/2 4a65d58a18.7a07c25a29.com/58f2ad5e91ac3a536fc14adbd3d493d3.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash a534024fda1735ecea49212acd1b38a0
e2af8d980f2c35b00c6e906c13d207f1612e067c
c30c9563058c05ebc8f32d20f81276caea680f79b7a7dab1a6bdc1f10deabd1a
Analyzer Verdict Alert quad9 Sinkholed
GET /58f2ad5e91ac3a536fc14adbd3d493d3.js HTTP/1.1
Host: 4a65d58a18.7a07c25a29.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:53 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 25 Nov 2022 13:22:47 GMT
etag: W/"6380c1a7-adbb"
content-encoding: gzip
expires: Sun, 27 Nov 2022 10:44:53 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/lAc75oMMseg
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/lAc75oMMseg
IP
Hash 1cdced5ebfa5e73391c4309f00080fbb
365fa84f178425e96661d87a6cd82b46ae5c5379
e25ad56501866652bcdd9da529fc5bb14b3064ab151202383f7f8e00c951a237
POST /s/gts1p5/lAc75oMMseg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dec5c7295d.47daeb1eac.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjc4MzIwMTI0ODkyMjkxMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMiIsInRhZ19pZCI6MjM3ODIsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6Mi4xLCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiIlRTYlODklQkUlRTQlQjglOEQlRTUlODglQjAlRTclQkQlOTElRTklQTElQjUtJUU0JUI4JUE0JUU2JTgwJUE3JUU3JUE0JUJFJTJDSDA5MzAtVEswMDEzJTJDJUUzJTgyJUE4JUUzJTgzJTgzJUUzJTgzJTgxJUUzJTgxJUFBMDkzMCUyQyVFNiU5RSVBMSVFOSU4NyU4RSUyQyVFNSU5NSU5MyVFNSVBRCU5MCUyQzQzJUU2JUFEJUIzLSVFNCVCOCVBNCVFNiU4MCVBNyVFNyVBNCVCRSUyQyVFNiU4OSVCRSVFNCVCOCU4RCVFNSU4OCVCMCVFNyVCRCU5MSVFOSVBMSVCNS0lRTUlQTYlOTYlRTUlQTclQUMlRTclQTQlQkUlMjAifQ==
200 OK 0 B URL HTTP/2 dec5c7295d.47daeb1eac.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjc4MzIwMTI0ODkyMjkxMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMiIsInRhZ19pZCI6MjM3ODIsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6Mi4xLCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiIlRTYlODklQkUlRTQlQjglOEQlRTUlODglQjAlRTclQkQlOTElRTklQTElQjUtJUU0JUI4JUE0JUU2JTgwJUE3JUU3JUE0JUJFJTJDSDA5MzAtVEswMDEzJTJDJUUzJTgyJUE4JUUzJTgzJTgzJUUzJTgzJTgxJUUzJTgxJUFBMDkzMCUyQyVFNiU5RSVBMSVFOSU4NyU4RSUyQyVFNSU5NSU5MyVFNSVBRCU5MCUyQzQzJUU2JUFEJUIzLSVFNCVCOCVBNCVFNiU4MCVBNyVFNyVBNCVCRSUyQyVFNiU4OSVCRSVFNCVCOCU4RCVFNSU4OCVCMCVFNyVCRCU5MSVFOSVBMSVCNS0lRTUlQTYlOTYlRTUlQTclQUMlRTclQTQlQkUlMjAifQ==
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjc4MzIwMTI0ODkyMjkxMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMiIsInRhZ19pZCI6MjM3ODIsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6Mi4xLCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiIlRTYlODklQkUlRTQlQjglOEQlRTUlODglQjAlRTclQkQlOTElRTklQTElQjUtJUU0JUI4JUE0JUU2JTgwJUE3JUU3JUE0JUJFJTJDSDA5MzAtVEswMDEzJTJDJUUzJTgyJUE4JUUzJTgzJTgzJUUzJTgzJTgxJUUzJTgxJUFBMDkzMCUyQyVFNiU5RSVBMSVFOSU4NyU4RSUyQyVFNSU5NSU5MyVFNSVBRCU5MCUyQzQzJUU2JUFEJUIzLSVFNCVCOCVBNCVFNiU4MCVBNyVFNyVBNCVCRSUyQyVFNiU4OSVCRSVFNCVCOCU4RCVFNSU4OCVCMCVFNyVCRCU5MSVFOSVBMSVCNS0lRTUlQTYlOTYlRTUlQTclQUMlRTclQTQlQkUlMjAifQ== HTTP/1.1
Host: dec5c7295d.47daeb1eac.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:53 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=23782
200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=23782
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22293
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 27 Nov 2022 10:39:53 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://av.xvideos-dl.top
Set-Cookie: id=12308670025332845842; Expires=Mon, 27 Nov 2023 10:39:53 GMT; Secure; SameSite=None
Vary: Origin
www.nanrenb.xyz/favicon.ico
404 Not Found 5.2 kB URL HTTP/1.1 www.nanrenb.xyz/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (320), with CRLF, LF line terminators
Hash e386ef355b110e5981c1eee5f11da73a
8f60804666cd6d29e75673498c914b9649f131db
98d547b97becca8f695da620bd63c7a901b88e730adec476f6d8ee3d5514a82d
GET /favicon.ico HTTP/1.1
Host: www.nanrenb.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 27 Nov 2022 10:39:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=9srbgkstrbpqk432u40hp01u71; path=/
kt_referer=http%3A%2F%2Fav.xvideos-dl.top%2F; expires=Mon, 28-Nov-2022 10:39:53 GMT; Max-Age=86400; path=/; domain=.nanrenb.xyz
kt_ips=91.90.42.154; expires=Mon, 28-Nov-2022 10:39:53 GMT; Max-Age=86400; path=/; domain=.nanrenb.xyz
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 87e97dc71aa5421c5d65f231b4bb3705
3c27a5b251e456c27823d83370e07cbfbd77386d
fc8792c7dbd760121d46c5695189e3f98a5a079bc0e5aabbfdca4fe3911332ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC8792C7DBD760121D46C5695189E3F98A5A079BC0E5AABBFDCA4FE3911332EF"
Last-Modified: Sat, 26 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18366
Expires: Sun, 27 Nov 2022 15:45:59 GMT
Date: Sun, 27 Nov 2022 10:39:53 GMT
Connection: keep-alive
pornolampa.net/favicon.ico
200 OK 13 kB URL HTTP/2 pornolampa.net/favicon.ico
IP
Hash 8a5b47ffe3fb8933d2c28e8df2168fe2
3073aaab92f185fd1a6f3a0a55f8d627d43c90eb
f096980081e410118f0b4cc429daeaf30c93aa2081e042a622973ff120ebecc2
GET /favicon.ico HTTP/1.1
Host: pornolampa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/x-icon
last-modified: Sat, 29 Aug 2020 07:14:20 GMT
vary: Accept-Encoding
etag: W/"5f4a004c-6db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
bd2bc05960.47daeb1eac.com/in/multy
204 No Content 0 B URL HTTP/2 bd2bc05960.47daeb1eac.com/in/multy
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /in/multy HTTP/1.1
Host: bd2bc05960.47daeb1eac.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://av.xvideos-dl.top/
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.18.0
date: Sun, 27 Nov 2022 10:39:53 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
nereserv.com/in/dip?site=native-push&wl=1&event_id=1ec5ee3c-b34e-4e63-aa22-0115d327846f&subid=809032184&sid=1805955284&spot_id=17050&created_at=2022-11-27&timezone=0&ver=8.5.1&is_native=1
200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=1ec5ee3c-b34e-4e63-aa22-0115d327846f&subid=809032184&sid=1805955284&spot_id=17050&created_at=2022-11-27&timezone=0&ver=8.5.1&is_native=1
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=1ec5ee3c-b34e-4e63-aa22-0115d327846f&subid=809032184&sid=1805955284&spot_id=17050&created_at=2022-11-27&timezone=0&ver=8.5.1&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 27 Nov 2022 10:39:53 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
duga.jp/favicon.ico
200 OK 408 kB IP
ASN #7684 SAKURA Internet Inc.
File type MS Windows icon resource - 7 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size 408 kB (408142 bytes)
Hash 5425e9f6487051730183128ce840ae37
1e27308af6582504eed9294644ea448eaf9d4987
ab4bf8e5d8fb9f0bb09869175fbab745dc1557a46784643ba55db5f3b73d10de
GET /favicon.ico HTTP/1.1
Host: duga.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:52 GMT
server: Apache/2.4.46 (Unix) OpenSSL/1.0.2k-fips mod_antiloris/0.7.0
last-modified: Sun, 03 Mar 2019 07:34:13 GMT
etag: "63a4e-5832baaa00740"
accept-ranges: bytes
content-length: 408142
content-type: image/x-icon
X-Firefox-Spdy: h2
m.dianyingkang.com/favicon.ico
404 Not Found 29 kB URL HTTP/2 m.dianyingkang.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 84ba1ec3cb8dc2e3f506372bc1240d64
50a9d5a214a81410661ccfa4fcdf60b67b8a6549
f0c1283d694a42bcd74b84ff955d8ce8115592cab3447c57793d8795431d5104
GET /favicon.ico HTTP/1.1
Host: m.dianyingkang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/7.2.33
cache-control: max-age=14400
cf-cache-status: HIT
age: 105
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FpNIzTxIL%2FJlD1x4ltIBOFsw2UHBMv%2BJwyXsIfBMBtoObaaabN01aQ09sj87OF1mPGn0YR8r7yRQ%2FG5tneqfOGf97paHGGwOwaA6yZNHbkeyT2UsD9hVXsYxEVrGlrYkcZFJaY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e0ebd3d0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash f188729daea61e9d8db2f56f53409574
f4de39620245b910481955db773674f220c5f393
ac107b90701e1858457a050eea7fa3d472405b764b1a922e0f23750b0c684f58
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5187
Cache-Control: max-age=88211
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:54 GMT
Etag: "6381dfca-118"
Expires: Mon, 28 Nov 2022 11:10:05 GMT
Last-Modified: Sat, 26 Nov 2022 09:43:38 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
bbaviu.com/favicon.ico
200 OK 2.8 kB IP
File type MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel\012- data
Hash 059cca7af82c79f25ace25cb503ce4f3
42b3c452931e998a1383736cb1b5a14b2be2c40b
2beb11451bac07baf0d80f4c42e467e6b7644ef834d2d070acf61efeed7c935e
GET /favicon.ico HTTP/1.1
Host: bbaviu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/x-icon
last-modified: Thu, 17 Jan 2019 15:10:16 GMT
etag: W/"5c409ad8-1cee"
expires: Thu, 22 Dec 2022 22:13:34 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 390378
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBFy8r5Yyl6z0EgCaYda3NUkwozDHbiTmtLjLq1SjL2EtLHEK6feIEznu4WILFWqEMOrXnk8Ri2tdN886xfHtT4My41vJFcehgp5Smm0GiOetay0ZvTYZ8UcSJDS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0fe80db4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
iook.one/favicon.ico
200 OK 1.9 kB IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 0afed4655509d65ced39448eec89ac10
8041ed9a6c8b59fa45a6eeb754915547d85682a1
7db861a6d36b2eeef58ac2552fc23b35bd5b408d1c9a0a2218cd7b7c80d3bcbb
GET /favicon.ico HTTP/1.1
Host: iook.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:53 GMT
content-type: image/x-icon
last-modified: Fri, 28 May 2021 09:02:28 GMT
etag: W/"60b0b1a4-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3474
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcRpbB%2F0mixKMvUm2ba%2FOwbsT3Gqp13GKlSCsK6qLKH4IDEIVGqeO6EwapfTyUjZeMZPQ0cReysJa3Q1EhgExqqilIAkUh0DLLts8XBjGG1buq0pNMwqfWXw8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e145cc8b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash f188729daea61e9d8db2f56f53409574
f4de39620245b910481955db773674f220c5f393
ac107b90701e1858457a050eea7fa3d472405b764b1a922e0f23750b0c684f58
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5187
Cache-Control: max-age=88211
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:54 GMT
Etag: "6381dfca-118"
Expires: Mon, 28 Nov 2022 11:10:05 GMT
Last-Modified: Sat, 26 Nov 2022 09:43:38 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash f188729daea61e9d8db2f56f53409574
f4de39620245b910481955db773674f220c5f393
ac107b90701e1858457a050eea7fa3d472405b764b1a922e0f23750b0c684f58
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4180
Cache-Control: max-age=87204
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:39:54 GMT
Etag: "6381dfca-118"
Expires: Mon, 28 Nov 2022 10:53:18 GMT
Last-Modified: Sat, 26 Nov 2022 09:43:38 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
p.dmm.co.jp/p/favicon.ico
200 OK 15 kB URL HTTP/2 p.dmm.co.jp/p/favicon.ico
IP
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 585b7660a8d46df20f3a0f838b58e11a
c4b5148fad8e310257812bf99be815a8dd145af5
9cb6d660bbc93c9ff4b0b2a0e0253b5b5c5e102d35cbd8644e4690a3c6b00f69
GET /p/favicon.ico HTTP/1.1
Host: p.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 27 Nov 2022 10:39:53 GMT
content-type: image/x-icon
content-length: 15086
last-modified: Tue, 31 Jul 2018 10:18:36 GMT
etag: "5b60377c-3aee"
x-cache-status: HIT
set-cookie: app_uid=ygb2CmODPnlCknv8betlAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
twitterdouga.com/favicon.ico
200 OK 0 B URL HTTP/2 twitterdouga.com/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: twitterdouga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
age: 37005
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 27 Nov 2022 10:39:50 GMT
etag: W/"1bd3ff0ba271c6fd37dea361da3296eb"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /[username]
x-vercel-cache: STALE
x-vercel-id: arn1::nwrt8-1669545590546-8eefaba20a23
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://twitter.com/azt1211/status/1554483943214546945/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://twitter.com/azt1211/status/1554483943214546945/title/myhash/3
IP
Analyzer Verdict Alert fortinet Phishing
GET /v/s://twitter.com/azt1211/status/1554483943214546945/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:54 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://twitter.com/azt1211/status/1554483943214546945/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/36/ef/d3f850, lfm-1-3867, lmd-3867, lud-662781, xfvlen-1623339, fsize-631837, played-28
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://twitter.com/azt1211/status/1554483943214546945/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://twitter.com/azt1211/status/1554483943214546945/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 103611
last-modified: Sat, 26 Nov 2022 05:53:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BfsPx7fpb6MRI12P4JJ18KP5jPHi464KzRd4dWeyY0tC2ZEFByIQYeJYSQWzrVjrykIlp2OyBcbvIr08coAFRbSNkA%2FJwFaIQNwcLP3RmguYRyIQPxaIO1%2BVFz4h5XmW8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e1c0ef472fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/videojs-flash/dist/videojs-flash.js
302 Found 0 B URL HTTP/2 unpkg.com/videojs-flash/dist/videojs-flash.js
IP
GET /videojs-flash/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 27 Nov 2022 10:39:47 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-flash@2.2.1/dist/videojs-flash.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJWAFGBWSPT9GH1C07R4PVR9-ams
cf-cache-status: HIT
age: 275
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770a3deedff6b505-OSL
X-Firefox-Spdy: h2
uzbum.su/files/raznoe_porno/lishenie_devstvennosti_molodoy_devushki/screen.jpg
301 Moved Permanently 0 B URL HTTP/2 uzbum.su/files/raznoe_porno/lishenie_devstvennosti_molodoy_devushki/screen.jpg
IP
GET /files/raznoe_porno/lishenie_devstvennosti_molodoy_devushki/screen.jpg HTTP/1.1
Host: uzbum.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: text/html; charset=iso-8859-1
location: https://ru.uzbum.su/files/raznoe_porno/lishenie_devstvennosti_molodoy_devushki/screen.jpg
cache-control: max-age=120
cf-cache-status: HIT
age: 82
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2SA09gcHrCaZaEe9mQdaMnSzJHTOqaYZz2EUssBKL%2F%2Bl4H1H2YaLnLRDloXRL0LJfXQwBD3GZ53N%2FM2ggrJpqgp6mzsLa6I36JG4BpN1zpNwIxXnlOzV2gptg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e01c9ef0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
akvatoriasochi.ru/favicon.ico
301 Moved Permanently 0 B URL HTTP/2 akvatoriasochi.ru/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: akvatoriasochi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: text/html; charset=UTF-8
location: https://akvatoriasochi.ru/
cache-control: max-age=14400
cf-cache-status: HIT
age: 143845
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4r24vvLhZCCJLDUwqq5E69NfkSbilMaagRooPyyQsApdHM%2Bc2YhrgJBSrOzZXjaDhmjp8feXvhF%2FQYmfmWg19bhZBhad%2B79vciTUf9s9I3sqOu5vFKHE3imA9TZWuCN2Lc7MeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0babd2b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xszav2.com/favicon.ico
200 OK 0 B IP
GET /favicon.ico HTTP/1.1
Host: xszav2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/x-icon
last-modified: Sun, 01 Aug 2021 14:35:23 GMT
etag: W/"6106b12b-47e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6s%2BE2e5RNSjiwtV8xqI4IV2dTFKQ6bpn0GGPYmC8PHRrcY9xSIQ83Mxxl7UbOB5Zn7T1cWyE3r2zues4D75ljWbLylUzJdiK0MjYDrSCtoF9R2QpCmMxVKtq7lW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0d6b3db515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hentaiprn.com/favicon.ico
302 Found 0 B URL HTTP/2 hentaiprn.com/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: hentaiprn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html; charset=UTF-8
location: https://hentaiprn.com/wp-content/uploads/2021/07/favicon-32x32-1.png
cf-edge-cache: cache, platform=WordPress
link: <https://hentaiprn.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LihbxPce3F1slXzA6HM6kQZeIvXRph8xJ8bYLTst06qqIiJmRj5BX%2F70MeKwjErwHE4xbF0%2FRKtodcVosWXsfXcAlZCvV22H5u7gVaHSW2PdmIiBZWlUt%2BKNcuSzdqvB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0e799db51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.qrxly.xyz/favicon.ico
301 Moved Permanently 0 B URL HTTP/2 www.qrxly.xyz/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: www.qrxly.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 10:39:52 GMT
location: http://www.nanrenb.xyz/favicon.ico
cache-control: max-age=3600
expires: Sun, 27 Nov 2022 11:39:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CetfxHsBWciz3ESX1ymrpxKP6ADWPXN%2FcQxTFFqme%2F1XQ%2F1TYYFTF1IsFHmlzsGHyZlh8UVxutx8RPvW8vmXGyBWFuox8gr4odGYpZWsxC%2BRy150PexeDRIuannfgX%2Fw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e1008f9b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ioook.life/favicon.ico
301 Moved Permanently 0 B IP
GET /favicon.ico HTTP/1.1
Host: ioook.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html
location: https://iook.one/favicon.ico
cache-control: max-age=14400
cf-cache-status: HIT
age: 492
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppmu%2Bd%2BtKyVJ0qlfB4M4iMEXfMNIHvVfB%2Bfo%2B3hld8T5yvsooIxvJIOxOEG4J1ub%2BA5IsvDe6ArRt6LgPowSf10RQ6YjoNbsL51BqYajeozPUYHtmlcjzrrWbVia"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0f1e950b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4a65d58a18.7a07c25a29.com/1e9a067ab9421c931e092a37d792969d/23782?version_name=d
200 OK 0 B URL HTTP/2 4a65d58a18.7a07c25a29.com/1e9a067ab9421c931e092a37d792969d/23782?version_name=d
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /1e9a067ab9421c931e092a37d792969d/23782?version_name=d HTTP/1.1
Host: 4a65d58a18.7a07c25a29.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Sun, 27 Nov 2022 10:44:51 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
pornogids.net/favicon.ico
200 OK 0 B URL HTTP/2 pornogids.net/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: pornogids.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/x-icon
last-modified: Sun, 21 Jul 2019 07:09:41 GMT
etag: W/"5d340fb5-47e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4717
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDAfVqRqi6cuHOE8tLHZJlLfHokn9HeeUKWxxhQsNsCGVEIfrdtebTNXoIgbAbEYZx9X%2FJlGjr%2Bw86U6MFwfxSVwv0%2BknlW8uTl0TcmafZRYELi%2Fq%2Fp9R15237ipwg1G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e04cc207300-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.lxs2.xyz/videos/65284/xxx-av-24234-vol-02//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.lxs2.xyz/videos/65284/xxx-av-24234-vol-02//title/myhash/3
IP
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.lxs2.xyz/videos/65284/xxx-av-24234-vol-02//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:54 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.lxs2.xyz/videos/65284/xxx-av-24234-vol-02//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/8e/cd/4f0250, lfm-1-64442, lmd-64442, lud-481105, xfvlen-1919529, fsize-499319, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://www.lxs2.xyz/videos/65284/xxx-av-24234-vol-02//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.lxs2.xyz/videos/65284/xxx-av-24234-vol-02//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 332994
last-modified: Wed, 23 Nov 2022 14:10:00 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yE%2BMJhzL9wp4bg3wsa3fFYIozMLB6m84DFIngQSnu9VChMyZQynmxpM8kU0xjOP8NeX9p%2BVvaKI8DvgS%2BQMns9GsKjZ1rSfvkOzQPv0mVAUInxCS45qFwb6velKR1v9cai4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e1bfee372fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://hanyunb.com/vodplay/523880.shtml/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://hanyunb.com/vodplay/523880.shtml/title/myhash/3
IP
Analyzer Verdict Alert fortinet Phishing
GET /v/s://hanyunb.com/vodplay/523880.shtml/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:54 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://hanyunb.com/vodplay/523880.shtml/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/a9/bd/fa7736, lfm-1-14487, lmd-14487, lud-387104, xfvlen-897517, fsize-465567, played-178
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://hanyunb.com/vodplay/523880.shtml/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://hanyunb.com/vodplay/523880.shtml/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 566431
last-modified: Sun, 20 Nov 2022 21:19:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwk1ELX140zgOBmrzLxCEYVFVirDnsTLkYzddfiUoRvqistgVztmfD0Yx2My1a2UIrVhJ3YyrtFPOXvc5tYMJ7DM3hq9JXbOuKqEORaMjTqPAROMZvbPlyrmoyCAds5Gmvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e1c5f5072fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://twitter.com/libo324/status/745932524770238465/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://twitter.com/libo324/status/745932524770238465/title/myhash/3
IP
Analyzer Verdict Alert fortinet Phishing
GET /v/s://twitter.com/libo324/status/745932524770238465/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:54 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://twitter.com/libo324/status/745932524770238465/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/cc/b0/85c849, lfm-1-38235, lmd-38235, lud-647963, xfvlen-1566586, fsize-558146, played-61
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://twitter.com/libo324/status/745932524770238465/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://twitter.com/libo324/status/745932524770238465/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 62179
last-modified: Sat, 26 Nov 2022 17:23:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxuuC%2F67jsDpFpyAXL2yFsTdUC1gOigfFyEk%2BXYhqYskvlXx%2B4wFVIY2FUq2y4C3mLvNYR6e8TOxJen42HpY3jpEGMlx1w1E3ezpvYqHdeUi4fe1cwpf4ct4zp48TYCqeFY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e1c5f5372fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
thepervs.com/thumbs/65523.jpg
403 Forbidden 0 B URL HTTP/2 thepervs.com/thumbs/65523.jpg
IP
GET /thumbs/65523.jpg HTTP/1.1
Host: thepervs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 27 Nov 2022 10:39:48 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BjIEfxLaBjveCykHwzhFYSej9ILmbMGw27SmQSuB6kEexbArHeUryXVzMwuYgYmr158lZFaHFqqJMjPnGXJLXtPubGzxQ%2F74IG6p61GOqdcqAU9AESRbLBH4lz1M%2Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3df82953b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xn---jifanggecom-1j5sq16de9mhl3fn9p.xn--9kq80g37uthu.com/favicon.ico
403 Forbidden 0 B URL HTTP/2 xn---jifanggecom-1j5sq16de9mhl3fn9p.xn--9kq80g37uthu.com/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: xn---jifanggecom-1j5sq16de9mhl3fn9p.xn--9kq80g37uthu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsiRkgNeowKsM%2FY2a9ULR1UeCTqDkH03WsuPx1whUrCM%2BZdUm1XRLNHhYtuA4ohEp9mTEKIVY97NBLXDLVZiMlCtF%2B7W8U4nZIJgFOX%2Fvx216C8H3dMLI6F4Q7Y21Lrpy6Uvcn52m2lRCi4uc%2BfYuUty6JEbnfMHsUBsNTG%2BCCYIPlc4DNnkdYU6UA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770a3e0c0c110b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.jav24.com/favicon.ico
200 OK 0 B URL HTTP/2 www.jav24.com/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: www.jav24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:53 GMT
content-type: image/x-icon
last-modified: Tue, 13 Sep 2022 03:36:07 GMT
cache-control: public, max-age=1800, stale-while-revalidate=300
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1861
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tJLaY7ZitltANMcwZlnhJVJnpSjIuCgZA9hmLtVOWoWBgWMx3v14j55bwnZ0PnQaxf%2BuGzAwXafkufMTujQsxYk4%2B1msUsY%2FrJKxrCUhY88OsiGRw%2BaQYBib1pAqyz3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e15ed5f1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
appav2.buzz/favicon.ico
200 OK 0 B IP
GET /favicon.ico HTTP/1.1
Host: appav2.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5160
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlErQOjS5eVsu6D9%2BBjL%2FPSemV2dHeAX%2FBIUj7ypS%2F%2BWIYMePSaJMYzG0ohi7WprFHvh2PW4prnBXPCf8hXrqBj%2Fo%2F9T%2FL8NCypocsIVS2VsCduJDl5IFajMoLFuAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0f7b931c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
027678.com/favicon.ico
200 OK 0 B IP
GET /favicon.ico HTTP/1.1
Host: 027678.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/x-icon
last-modified: Thu, 17 Jan 2019 15:10:16 GMT
etag: W/"5c409ad8-1cee"
expires: Thu, 08 Dec 2022 11:41:14 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1637918
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FebBy%2FpzTNrEzlIGEQYCCyI02C79azdnG8T0MmI8CTKAdqg9yyE5%2FufGToXOIVBJXHSTvf708zZiZXCfMPSyY%2FtIRQ%2BXQ3uRkqhUOFze4zwVDB8QFjVwobox0EYV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0fad35b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.yavtube.com/yav-fc2ppv/storage50000.contents.fc2.com/file/342/34110922/1583903463.16.jpg
200 OK 0 B URL HTTP/2 cdn.yavtube.com/yav-fc2ppv/storage50000.contents.fc2.com/file/342/34110922/1583903463.16.jpg
IP
GET /yav-fc2ppv/storage50000.contents.fc2.com/file/342/34110922/1583903463.16.jpg HTTP/1.1
Host: cdn.yavtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:48 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 11 Mar 2020 05:11:03 GMT
etag: W/"5e6872e7-4ac36"
x-whom: 50002
cache-control: public, max-age=31536000
expires: Tue, 27 Dec 2022 10:31:37 GMT
x_cache: HIT
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZCPj21U3V2q%2BUA%2FtT8NUDWeERx0YxxCuK%2FVyrXwAxQQ6dfgOD8wWGJ16UhV6W%2BxExfdtuajDUnp9npCEi326rjNRsUM9wPLterQr4Dwm9QI0t7dCv1qkVq5D3%2FjD0ytGIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770a3df7beb77708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.moav.com/favicon.ico
200 OK 0 B IP
GET /favicon.ico HTTP/1.1
Host: www.moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:50 GMT
content-type: image/x-icon
last-modified: Mon, 21 Feb 2022 04:33:56 GMT
etag: W/"62131634-47e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 863
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YSyT%2F%2FkVK7x%2BfgajiYYrr0uaBNgKvWoYNoXygtmW3k0fW6GVEL6VN0KzAtNeWwrilSlQPdkjO1c4riOTXayQL13ODSPepcQ%2BsLrVE3jFMoJmm%2BABHGVAMI%2FLp3UIHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e05bdbddc31-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/://www.lxs2.xyz/videos/25243/766008f3657f4efb6349eca5232f7af2//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/://www.lxs2.xyz/videos/25243/766008f3657f4efb6349eca5232f7af2//title/myhash/3
IP
Analyzer Verdict Alert fortinet Phishing
GET /v/://www.lxs2.xyz/videos/25243/766008f3657f4efb6349eca5232f7af2//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:54 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/://www.lxs2.xyz/videos/25243/766008f3657f4efb6349eca5232f7af2//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/e7/b1/5bc162, lfm-1-2145, lmd-2145, lud-619956, xfvlen-1752994, fsize-573631, played-36
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/://www.lxs2.xyz/videos/25243/766008f3657f4efb6349eca5232f7af2//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/://www.lxs2.xyz/videos/25243/766008f3657f4efb6349eca5232f7af2//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 18980
last-modified: Sun, 27 Nov 2022 05:23:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYdfSJLgGAgWrbHVuOF4bRCrRKRDj95dcjzRWdRSQNqTe%2FDWE7yeJmu84UVZo5xpcwwGzc3wbUQzRhWLqwI2Ytsf5OTir%2BEHJNgTVdojoYXrIAuPJZInlkWUspWj%2F1kI%2Bog%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e1bfedf72fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.awood04.xyz/favicon.ico
404 Not Found 0 B URL HTTP/2 www.awood04.xyz/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: www.awood04.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLa1s5025eNfTm4XIoQCEv0pk7PmCGVhfzOFeuTgwSF63BVrWxsgEfP4hceuhOtNa3eCrua81809tNqEFoIBdSqhnTc15GE6VfCZbGtEkwcA70yPZXaeIhecrG8zDu2e%2FhU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e107f0d0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.lxs2.xyz/videos/48793/1pon-040821-001//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.lxs2.xyz/videos/48793/1pon-040821-001//title/myhash/3
IP
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.lxs2.xyz/videos/48793/1pon-040821-001//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:54 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.lxs2.xyz/videos/48793/1pon-040821-001//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/3e/bf/49a646, lfm-1-9892, lmd-9892, lud-823586, xfvlen-2207279, fsize-549896, played-3
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.lxs2.xyz/videos/48793/1pon-040821-001//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.lxs2.xyz/videos/48793/1pon-040821-001//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 13030
last-modified: Sun, 27 Nov 2022 07:02:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPgG6IZcP1HswEC5KE64SMOHwsHAuXnyBfVbBJeFrmR82HAB8Rrt6jARBYgkMfGrcSLcr2HNQ9kDL3NLxZJmhkleIaASEIY4VjnV1QHE2ZXCkceeakbSMqog5XVP5IeNYdY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e1bfee572fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.lxs2.xyz/videos/64871/h0930-tk0013-0930-43//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.lxs2.xyz/videos/64871/h0930-tk0013-0930-43//title/myhash/3
IP
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.lxs2.xyz/videos/64871/h0930-tk0013-0930-43//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:54 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.lxs2.xyz/videos/64871/h0930-tk0013-0930-43//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/b0/d6/de1451, lfm-1-2993, lmd-2993, lud-556178, xfvlen-1596678, fsize-472741, played-2
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://www.lxs2.xyz/videos/64871/h0930-tk0013-0930-43//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.lxs2.xyz/videos/64871/h0930-tk0013-0930-43//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 13030
last-modified: Sun, 27 Nov 2022 07:02:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wxax7b6Jdmr37x4oFtcqQDtHGc%2FA4uMnNr6HHbUOIVqgnCw2kAV%2BQEd7nqftfhdUDXFEo0O%2Br0OrsodjbrmnHu675SPsO6Upq%2BqoCHbY%2FRYz5vjmqu6NTcb6GSqHQUvS5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e1bfee172fa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
akvatoriasochi.ru/
200 OK 0 B IP
GET / HTTP/1.1
Host: akvatoriasochi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 303850
last-modified: Wed, 23 Nov 2022 22:15:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjxjNcEn9HBjMsNs%2FpdtVcZSlk5bfFmnTWdOstjZSRRha3r7wqtLDfjvsHDgmPUKwerxOwpfva5zyL44yDV8keRJvQFSNzWRzl%2BeuBL4N%2FP5YYJCkrYrTZTUKxNBixe15duMBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e0c5cb3b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nztyy.live/favicon.ico
200 OK 0 B IP
GET /favicon.ico HTTP/1.1
Host: nztyy.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: text/html;charset=UTF-8
cache-control: max-age=14400
cf-cache-status: HIT
age: 1579
last-modified: Sun, 27 Nov 2022 10:13:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DgMNAkGwkvPsRvzNHO0NWbAfXBxsNGxY1ysUlp0aO6nFj%2FnMhqu1kjIas%2FNQsOhXs52emGQbYFjZPHsVp%2BBgtyJN7KfCtvpDwHPTmRZm8WP3t61xKuv1ZuDKi4Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0c7ea5b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.xxx-avav.com/favicon.ico
301 Moved Permanently 0 B URL HTTP/2 www.xxx-avav.com/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: www.xxx-avav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 10:39:51 GMT
location: https://www.secret-av.com/
cache-control: max-age=3600
expires: Sun, 27 Nov 2022 11:39:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrIWLIUtURVSBo4i2TrTpBWBKlw%2BeYLBcksjibJxjqreoiopX8qtG5SY1pt3GW%2BAA73TWrT94xXfvhmT%2FfF3apIXqhf9sMeUWeXqbcUUl5s8G9Z973rPB0B7wP0CGT1sLHiz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0ce803b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.redwap.me/favicon.ico
200 OK 0 B URL HTTP/2 www.redwap.me/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: www.redwap.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: image/x-icon
last-modified: Fri, 09 Jul 2021 20:44:03 GMT
etag: W/"60e8b513-57e"
expires: Sun, 27 Nov 2022 23:37:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 212561
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8OATzWHdnZe9OxrJNjf1JlPvK96rwtEQVfKsr65oN2J6NAou5TaVc%2FliVV6ncfH%2BRn8NVblj3iK3ovkEmLNeHxOTnTy61bDzBqU6rj5QGvAZ92yy92DyyLT%2Fwg8nDIY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0d5c2c1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.jav321.com/favicon.ico
404 Not Found 0 B URL HTTP/2 www.jav321.com/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: www.jav321.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 140
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr6Hni%2BmA89fBfAyeUG%2FG99g%2BKqbcHgIRAGqePn6wZittCFKw%2F3Wg0SkuSvObIQFeE6G5fd%2BaD2c2QX8luk3Or0Fq2wYV0bx%2Fxo3eVdsIaOdZgAy82RQ5afcWRocZxYTqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0e799cb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
manymv.com/favicon.ico
200 OK 0 B IP
GET /favicon.ico HTTP/1.1
Host: manymv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: image/x-icon
last-modified: Mon, 03 Jan 2022 19:58:34 GMT
etag: W/"61d3556a-3c2e"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pyyh63ulS9iDlbo9QYIaHGbFzsqVCCt%2BnHCnydYJsTJQgXv%2F2F%2FkyxkEQR2FeEgMBKnNeCcvRG7VjxGpnycUO9hWZlor0ndpPTkG8npqwZmdi1Y0WvGlfUut3aN%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0dde7fb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
movie-ga.com/favicon.ico
302 Found 0 B IP
GET /favicon.ico HTTP/1.1
Host: movie-ga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html; charset=UTF-8
location: https://movie-ga.com/wp-includes/images/w-logo-blue-white-bg.png
link: <https://movie-ga.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
x-litespeed-cache-control: public,max-age=41708
x-litespeed-tag: 350_HTTP.200,350_HTTP.302,350_default,350_URL.b54ff2eddcb0060bcd786ce388d8d4d7,350_
x-litespeed-cache: miss
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jj35q0tsFbdXDBJl78wEH9KekhosjsD%2FaavUugD3xDajLIZZqcmKVvY6Q%2BMHqs%2F63mVynSiPjdA%2B0h76ug5HN%2FrMgANQu2QJI1q6PQTCzntlkTHR0RY8UQZuKmKTFoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0d68950b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
spankbang.com/favicon.ico
200 OK 0 B URL HTTP/2 spankbang.com/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: spankbang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: image/x-icon
last-modified: Tue, 03 May 2022 21:44:53 GMT
etag: W/"6271a255-3c2e"
access-control-allow-origin: *
cf-cache-status: HIT
age: 57
set-cookie: __cf_bm=CgGUt5hQQuSQSMDD6OULdeBIeMP0CUfZ.DoVTTuR7rE-1669545592-0-AShW/vQ0Wvefq3cqUnsGobEwYbygbmGoec3JTG4iBpNpZ6pMksKABAzi0A/lNo1PBYbmG6/0D/DF3KYj7gEP1TQ=; path=/; expires=Sun, 27-Nov-22 11:09:52 GMT; domain=.spankbang.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770a3e10da26b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sg.sxyprn.to/favicon.ico
404 Not Found 0 B IP
GET /favicon.ico HTTP/1.1
Host: sg.sxyprn.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 10:39:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yYX0U64uQcTn7zwM3ZTkoRStZnS8DLqobOv4Zv9qNaEHfmikQ1SkQdy3RsA7ohwBvCRWqZ82HQsv%2BcHDIh6mk4g0k61fhzA98PD%2BQRz3MdItQd8283hrqmwtVbBR3M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3e0e19dfb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aipaw2.xyz/favicon.ico
200 OK 0 B IP
GET /favicon.ico HTTP/1.1
Host: aipaw2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:51 GMT
content-type: image/x-icon
last-modified: Fri, 28 May 2021 09:02:28 GMT
etag: W/"60b0b1a4-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0jGfwglDRTShRdZS6qlksbOg61khK11ek0Vqibym%2FN4DMjhat2FPGQav1gGV2ebxiQBHmIr1MWU7cjjUJw91qK4eJoKaVpKERh2CIQ6UX2lI2iWSdK%2FpBQ0ziv2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a3e0c3af60b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4a65d58a18.7a07c25a29.com/0475c3a213601220913ee6b1e280a0b9.js
200 OK 0 B URL HTTP/2 4a65d58a18.7a07c25a29.com/0475c3a213601220913ee6b1e280a0b9.js
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /0475c3a213601220913ee6b1e280a0b9.js HTTP/1.1
Host: 4a65d58a18.7a07c25a29.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:53 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 22 Nov 2022 16:27:58 GMT
etag: W/"637cf88e-48777"
content-encoding: gzip
expires: Sun, 27 Nov 2022 10:44:53 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.gazo.space/index.php?js=av4&advertisement&
200 OK 0 B URL HTTP/2 js.gazo.space/index.php?js=av4&advertisement&
IP
GET /index.php?js=av4&advertisement& HTTP/1.1
Host: js.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:39:46 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsgazospacmh--GB-rm2400cb00211024a2990a/index.php?js=av4&advertisement&
55nloadrate: 0.3971875
cache-control: public, max-age=7200, s-max-age=1800
vary: Accept-Encoding
cf-cache-status: HIT
age: 247
last-modified: Sun, 27 Nov 2022 10:35:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0KcZHQFD0VcgXdHDug4zsHTOwj02jgWBadurQvy8H%2FinpSP1wJqVHEfKkwLBX0NWnx8jbv7TLEToM8aZQaBYCFKrns5aJaQGgfsfNpYaDzRh7VLpaKfRwovLwiJTf%2Bp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770a3de8d94b06d9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
148.72.246.38
23.224.46.197
113.52.156.18
104.21.235.170
54.38.207.238
94.130.33.133
5.45.72.54
23.36.79.17
87.250.250.119
93.184.220.29
151.101.86.217
87.98.225.181
158.69.248.225
82.118.242.43