Report - av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]

Report Overview

Submitted URL
av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]
IP
148.72.246.38
ASN
#26496 AS-26496-GO-DADDY-COM-LLC
Submitted
2022-11-26 02:48:10
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
100

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
vjs.zencdn.net	4968	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	748 B	431 kB	151.101.86.217
i.cdnkimg.com	8049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	901 B	19 kB	45.133.44.37
jp.xero.porn	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	4.3 kB	172.67.218.79
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	104.18.32.68
js.wpadmngr.com	25762	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	337 B	374 B	45.133.44.24
ve14.pornve.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	14 kB	51.38.62.22
7mmtv.sx	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	636 B	172.67.218.77
js.gazo.space	338490	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	3.0 kB	104.21.235.170
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	67 kB	151.101.85.229
www.w3schools.com	17487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	5.8 kB	192.229.133.221
www.thisav.com	369325	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	614 B	1.3 kB	104.27.205.87
ggjav.com	395854	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	296 B	167.99.26.195
nereserv.com	40015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	517 B	320 B	157.90.84.246
static.bookmsg.com	47495	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	442 B	863 B	88.198.136.234
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	32 kB	142.250.74.170
en.ero-video.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	3.2 kB	69.36.160.167
1041598d1a.da1a0e7bb3.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	320 B	45.133.44.25
7mmtv.tv	179405	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	1.6 kB	172.67.202.161
tb-lb.sb-cd.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	69 kB	104.18.200.68
yavtube.com	365949	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	780 B	104.21.233.216
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
www.javbangers.com	654333	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	1.1 kB	185.94.237.100
pornve.com	360339	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	665 B	51.222.43.181
m.thisav.com	437225	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	11 kB	104.27.205.87
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	41 kB	34.120.237.76
static.thisav.com	366329	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	29 kB	242 kB	104.27.205.87
javtube.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	747 B	9.5 kB	82.118.242.43
av.xvideos-dl.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	780 B	13 kB	148.72.246.38
www.tktube.com	620593	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	1.5 kB	172.64.170.25
cc8ffe7ceb.da1a0e7bb3.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	19 kB	168.119.25.22
ve11.pornve.com	939746	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	17 kB	51.38.54.145
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	591 B	104.16.123.175
comments.gazo.space	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	295 B	7.6 kB	104.21.235.170
jsjs.gazo.space	402093	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	60 kB	104.21.235.170
www.sextvx.com	646544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	1.8 kB	172.67.137.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.8 kB	20 kB	23.36.76.226
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	5.3 kB	23.36.76.226
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	3.7 kB	87.250.251.119
www.porntrex.com	255588	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	1.4 kB	109.201.134.96
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	763 B	142.250.74.168
img2.xiangbinjun.com	339934	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	824 B	210 kB	54.230.111.89
cdn.sc.gl	166967	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	701 B	3.3 kB	104.21.13.216
fp.metricswpsh.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	885 B	787 B	157.90.84.242
e3d5e80fdb.8659c84895.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	102 kB	45.133.44.24
rz.nakadashi.pw	444676	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	20 kB	1.7 MB	172.64.128.21
file.tktube.com	580457	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	894 B	186 kB	172.64.170.25
cdn-1.ggjav.com	865495	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	801 B	161 kB	51.79.204.224
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	727 B	3.3 kB	104.18.20.226
openloadpro.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	3.2 kB	172.67.220.157
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	5.1 kB	104.17.25.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	19 kB	142.250.74.3
page.myfile-host.info	496623	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	498 B	536 B	150.95.129.59
hpjav.com	6481	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	942 B	179.43.144.210
spankbang.com	17974	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	758 B	104.19.137.100
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
cacrip.nakadashi.pw	404078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	307 B	9.5 kB	172.64.128.21
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	18 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	100.20.30.105
kissjav.com	278548	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	1.5 kB	82.118.242.43
www.ptt.sex	666769	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	4.6 kB	104.21.63.169
twitter.com	123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	1.7 kB	104.244.42.193
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	1.9 kB	143.204.42.88
videos3.naibago.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	824 B	1.6 kB	143.204.55.66
24hjav.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	19 kB	104.21.34.13
kissjav.li	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	44 kB	82.118.242.43
s.viiqvmfb.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	218 B	185.196.197.130
cdnmedia4.ero-video.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	1.0 kB	23.237.196.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	comments.gazo.space/comments/embed.js?37	Phishing
2022-11-26	medium	jsjs.gazo.space/index.php?js=very	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://kissjav.com/zh/118723/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://www.tktube.com/videos/26644/fc2-ppv-1399264-a//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://ggjav.com/en/main/video?id=127759/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://kissjav.com/zh/101632/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1207449-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B131-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://javfan.one/uncensored/180520//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://tktube.com/videos/34841/fc2-ppv-14445022//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://kissjav.com/100760/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://javfan.one/uncensored/254260//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://pornve.com/z4tr3otgl5cl/FC2PPV_1249144_46.html/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://pornve.com/6sbwynkgu7gl/FC2PPV_1399264_A__7.html/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://javtube.net/zh/145302/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1401329-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E3%81%A7%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%E2%91%A1-%E7%89%B9%E5%85%B8%E5%8B%95%E7%94%BB%E3%81%AB//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://kissjav.com/106780/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1249144-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B146-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://hpjav.com/86333/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://yavtube.com/movie/FC2-PPV-1379912/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://kissjav.com/104171/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1222122-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B137-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://www.porntrex.com/video/1131202/fc2ppv-1347321/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://kissjav.com/124660/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://www.tktube.com/videos/19134/fc2-ppv-1099298-20-3//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://kissjav.com/99068/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1185022-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B122-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E4%BD%9C%E5%93%81//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://www.tktube.com/videos/26645/fc2-ppv-1399264-b//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://javtube.net/81393/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://jp.xero.porn/video/urpfv41vqpj4mlre101895/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://jp.xero.porn/video/b48tfg2a80m3i1pt188276/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://jp.xero.porn/video/iw1m4csxjfqsad4p130402/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://javfan.one/uncensored/254262//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://en.ero-video.net/movie/?mcd=ZKnITRCTOXVj2i8c/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://jp.xero.porn/video/u23wspm0l31nh333154643/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://pornve.com/03n9apkkehi5/FC2PPV_1510547_B__.html/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://kissjav.com/103386/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1220150-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B136-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E3%82%A2%E3%83%B3%E3%82%B0%E3%83%AB//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://7mmtv.tv/zh/uncensored_content/26887/[fc2-ppv%201523617]%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20%E5%8B%95%E7%94%BB%E3%80%90%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98%E3%80%80%E7%95%AA%E5%A4%96%E7%B7%A8%E3%80%91%E2%80%BB%E7%89%B9%E5%85%B8%E3%81%AB%E9%9B%A3%E6%B3%A2%E3%82%B9%E2%97%8B%E3%83%90_%E7%9B%AE%E9%9A%A0%E3%81%97%EF%BC%88%E5%88%A5%E8%A7%92%E5%BA%A6%E5%8B%95%E7%94%BB%EF%BC%89/index.html/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://www.javbangers.com/video/95580/fc2-ppv-1401329/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://ggjav.com/en/main/video?id=98649/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://kissjav.com/124651/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://24hjav.com/watch/fc2-ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%95%AB_SEzvmdJGEXGFDkW.html/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://kissjav.com/zh/118722/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://www.sextvx.com/ja/video/303594/stickam-teen-flashing-tits-pussy/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://www.javbangers.com/video/91972/fc2-ppv-1367526-1/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://spankbang.com/3mdt6-3fta7z/playlist/porn/title/myhash/3	Phishing
2022-11-26	medium	rz.nakadashi.pw/v/s://www.tktube.com/videos/69371/fc2-ppv-1887749//title/myhash/3	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	8659c84895.com	Sinkholed
2022-11-26	medium	da1a0e7bb3.com	Sinkholed
2022-11-26	medium	8659c84895.com	Sinkholed
2022-11-26	medium	da1a0e7bb3.com	Sinkholed
2022-11-26	medium	da1a0e7bb3.com	Sinkholed
2022-11-26	medium	da1a0e7bb3.com	Sinkholed
2022-11-26	medium	8659c84895.com	Sinkholed
2022-11-26	medium	8659c84895.com	Sinkholed
2022-11-26	medium	8659c84895.com	Sinkholed

JavaScript (37)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=UA-620120-3	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-620120-3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:24:47 Last Seen2023-03-11 20:27:55 Times Seen1 Hash 42369a0c5e11c9fdf2d3d59e3c53e607 bddecebc262d9efc2a1978a23ab9e7cfcd127de9 e4f10a773f9b0dd10e7a99439db40c6ecb96b92cbb99c3f60ffa3784d304d46f Loading...

	js.gazo.space/ckplayer/ckplayer.js	18 kB	2023-03-07	2023-03-13
Pretty URL js.gazo.space/ckplayer/ckplayer.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:48 Last Seen2023-03-13 19:07:55 Times Seen1 Hash d9b72ba2e1b95b96e6b8705f84d70336 ec691472aa7b27d09bfc01ba3fc19abd3eab5c8f 79fa3f8f48d2a01ea0d30d1202012aae8f8e8fe7c613e31c33499ceb09a66495 Loading...

	unpkg.com/videojs-flash/dist/videojs-flash.js	39 kB	2023-03-07	2024-01-06
Pretty URL unpkg.com/videojs-flash/dist/videojs-flash.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:18 Last Seen2024-01-06 23:43:58 Times Seen51 Hash b671db9a73a06770313c1a05bcdc0b58 12280acce4192448e93e3b2ef9e1adf6c6eba94a 9162832cc3ed9507d8f869dd0d4fd0dacde05a078172d82a98b05e0aef1f1a34 Loading...

	cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js	4.6 kB	2023-03-07	2023-11-29
Pretty URL cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js IP 104.21.13.216 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:11 Last Seen2023-11-29 04:54:59 Times Seen21 Hash ad8d3c443b4f0825dbc07561f0c9081e 6c05d5dd6a03c29d6b77570f888649c64f6d7425 de8b150e9593ca5d66475b276a55c3fbef2fc1e387d6db81913b410437f337f6 Loading...

	av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]	419 B	2023-03-11	2023-03-11
Pretty URL av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p] IP 148.72.246.38 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:24:47 Last Seen2023-03-11 20:24:47 Times Seen1 Hash 81a8d8d08c113272e2ceacbb41334af7 b534cb86bb373528e9227b1b52f5b32dc00bd208 1867c4c063c539cdb93217e821c0e0f93a708e9c1813cf75bdeab811b1a02326 Loading...

	cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js	11 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:01 Last Seen2024-04-25 20:13:12 Times Seen381 Hash ea77f824de2ef57acb12e7cb6596365e 10bad0dbdf30a0471c2c786b349daeb1dd19180e 2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c Loading...

	js.gazo.space/tvjw/swfobject.js	6.6 kB	2023-03-07	2024-02-04
Pretty URL js.gazo.space/tvjw/swfobject.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:07 Last Seen2024-02-04 21:46:46 Times Seen6 Hash 7a6c21ae1cb801526ffaeec09632e674 f4a5e547828433fded182b1ccd841b0fa043f29c 5f88bd03c2f7f3656db6df5cf29f719231c8daafe2560cdf774e0f4ea49bcf47 Loading...

	av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]	352 B	2023-03-07	2023-03-13
Pretty URL av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p] IP 148.72.246.38 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:12 Last Seen2023-03-13 19:07:55 Times Seen1 Hash 527da7e7e88332b3b63f215b00542b5b 3a348a7786bec88f8fb5f825787ca4c40a76ef74 2910f06e7ae950614aa4cbd75cc27778426d4684cf02020cb3acfd6fd167d93f Loading...

	av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]	42 B	2023-03-07	2023-03-13
Pretty URL av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p] IP 148.72.246.38 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:48 Last Seen2023-03-13 19:07:55 Times Seen1 Hash f3c3855a71ee2403b49eb2c0f0e4b43e 61790790082b83edab4bd5e08e7d5ae12fe35862 54f184498ad6f870b1d43cc9728d3219cfebd6aa6c3f650bb7e8823d1a3bf828 Loading...

	js.gazo.space/tagjpa.php?noself=1&url=av.xvideos-dl.top/tags/8	181 B	2023-03-07	2023-03-11
Pretty URL js.gazo.space/tagjpa.php?noself=1&url=av.xvideos-dl.top/tags/8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:12 Last Seen2023-03-11 21:39:28 Times Seen1 Hash d1db173aed470acf39075cfc2e1644e8 28890ab9c2a0536f350fe645801da75993f5a743 8673054ce80646d3bca3cf14808649ed21a4c60c6405ec250b850381a07fe971 Loading...

	e3d5e80fdb.8659c84895.com/10a97da5a56bf3f19b5c5a93f873ab36.js	90 kB	2023-03-08	2023-03-11
Pretty URL e3d5e80fdb.8659c84895.com/10a97da5a56bf3f19b5c5a93f873ab36.js IP 45.133.44.24 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:53 Last Seen2023-03-11 23:53:15 Times Seen1 Hash 1a3566b4e9ff66cd773524edfc39519a 383cdd4fedd078278a5a49d05e4d5fec24a89e2f ebaf99a56e7577a727e5e1f330ae095407183e64f6f2a880e299ad4283cd7b4c Loading...

	e3d5e80fdb.8659c84895.com/81a904aea6b7338289ed7316c86e3727.js	297 kB	2023-03-08	2023-03-11
Pretty URL e3d5e80fdb.8659c84895.com/81a904aea6b7338289ed7316c86e3727.js IP 45.133.44.24 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:53 Last Seen2023-03-11 23:53:15 Times Seen1 Hash 763052291fa888c7d7fc017a48a83c26 f7a44a2353fc8337d4a0f6245755b537845d1447 fedc48db43b2328c0a245cad41741b3b3796e03fb4b3bcad9f86790b18eae0c4 Loading...

	cdnjs.cloudflare.com/ajax/libs/videojs-contrib-hls/5.10.1/videojs-contrib-hls.js	678 kB	2023-03-08	2023-07-24
Pretty URL cdnjs.cloudflare.com/ajax/libs/videojs-contrib-hls/5.10.1/videojs-contrib-hls.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:26:38 Last Seen2023-07-24 09:52:51 Times Seen6 Hash a826820d52c716fb653dfe3455ec3f11 f7f55cb9f41cfa8d367bc7b3d331f296c27e8952 deaf7b5fbf02ae8d9767f948863c57a016d040ea3a6c944ca28396382942320e Loading...

	js.gazo.space/tagjpa.php?noself=1&url=av.xvideos-dl.top/tags/8	14 B	2023-03-07	2024-04-25
Pretty URL js.gazo.space/tagjpa.php?noself=1&url=av.xvideos-dl.top/tags/8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:12 Last Seen2024-04-25 20:13:12 Times Seen88 Hash 13b29d7aeaa1d827a9a3feeb39148a43 da2040ef13a2d1ce62b0eef9c6ced0fe14f66b28 d2d18329527d4d7d4acda028f92281274ac2a08bd840af1c0480620582f98338 Loading...

	e3d5e80fdb.8659c84895.com/adfe84a1ecfdf5fa2977d9740d66dc94.js	44 kB	2023-03-11	2023-03-11
Pretty URL e3d5e80fdb.8659c84895.com/adfe84a1ecfdf5fa2977d9740d66dc94.js IP 45.133.44.24 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:24:47 Last Seen2023-03-11 22:23:50 Times Seen1 Hash 43062046daf0d4e85e84536fc6879f90 490374459f1f343923019c954e3e0c54d127b819 7b09ee3bbe055db7564f1ba4efcc8ffaf25bf58cba2c74a9641f4f11917f77e5 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 22:18:40 Times Seen106156 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	js.gazo.space/tagjpa.php?noself=1&url=av.xvideos-dl.top/tags/8	97 kB	2023-03-11	2023-03-11
Pretty URL js.gazo.space/tagjpa.php?noself=1&url=av.xvideos-dl.top/tags/8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:24:47 Last Seen2023-03-11 20:24:47 Times Seen1 Hash d611b49e1619ba3ba8a47523221ece79 7a6ef2da8248f2c3d03e44d9f1e33948fac967df 114b892664d62dc37ea68ef5b0c29dce77acfa5d19e0baa898d67fcc478f74c9 Loading...

	jsjs.gazo.space/index.php?js=very	50 B	2023-03-07	2023-03-17
Pretty URL jsjs.gazo.space/index.php?js=very IP 104.21.235.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:01 Last Seen2023-03-17 12:26:51 Times Seen1 Hash 421ad38998c4ba4be8c7d2ef7052fff7 0b7a60cc19488c484869c8186de45188e286e442 d555e3836dea4d506baf0307e6d3d3af3db7633b2270ba85a5592a9515b48afa Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 22:44:20 Times Seen37075059 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]	12 B	2023-03-07	2024-04-25
Pretty URL av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p] IP 148.72.246.38 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:12 Last Seen2024-04-25 20:13:12 Times Seen88 Hash b4b936eab4235f662d4eb756534d69d7 4ee18cb14eaf40e117a19a7f86dcefe6291bc0cf f7650ed40588ee2d1128869afc47866ee4eb09d4860ce1c3e07c9860b7242d33 Loading...

	av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]	24 B	2023-03-07	2023-03-13
Pretty URL av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p] IP 148.72.246.38 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:48 Last Seen2023-03-13 19:07:55 Times Seen1 Hash 0cefed2949db62202cd30107649080af c4f5bf729aa1be370fd6b2ec694a0f1ae030321d 28b1856e18e3179111dad0e8462626fb7a849aacafa2c071f2034fa1ba3aaf5b Loading...

	av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]	175 B	2023-03-07	2023-03-13
Pretty URL av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p] IP 148.72.246.38 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:48 Last Seen2023-03-13 19:07:55 Times Seen1 Hash 19849edbfdeb14dbff5cb5fe12fbf08a 4ec8c856a0fac3ad55050a49ee6372042ea85f28 27be15f485e2836a9a950f4945137e2bed416aeb34e2c9e59a7d6a57451f668b Loading...

	av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]	14 B	2023-03-07	2023-03-13
Pretty URL av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p] IP 148.72.246.38 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:48 Last Seen2023-03-13 19:07:55 Times Seen1 Hash 2f27071b4c83c1d196973751ed80c395 3e94be3c31c0313245443dd54c5cb8e4c3b81fa7 5fe41e6ddedd65f964997706a0e5c910703e28e6318d9680019597e43a6dad88 Loading...

	vjs.zencdn.net/7.8.2/video.js	1.9 MB	2023-03-07	2023-11-07
Pretty URL vjs.zencdn.net/7.8.2/video.js IP 151.101.86.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:49 Last Seen2023-11-07 15:50:58 Times Seen3 Hash 52c53a33bb2cd149f293eb14fb22505d ab93f823ff6c7fe51d78b6efa2daf0a77f8a9114 c8b0876dbf1fe7fff19cc79b46ab00e9c1f980c3a0ad1be123bcfcd41eb9d3e1 Loading...

	comments.gazo.space/comments/embed.js?37	18 kB	2023-03-08	2023-03-13
Pretty URL comments.gazo.space/comments/embed.js?37 IP 104.21.235.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:54:53 Last Seen2023-03-13 19:07:55 Times Seen1 Hash becabfe6272e43412c4b278c795c5f6d d02405fc3fa1ea59068b35487544e01ae4cafa62 e9605bc3fde8e8032cbede9ffd175fa36833625d4ce2fdfeb26a055c31440ade Loading...

	js.gazo.space/jw6.1/jwplayer.js	77 kB	2023-03-07	2023-03-13
Pretty URL js.gazo.space/jw6.1/jwplayer.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:49 Last Seen2023-03-13 19:07:55 Times Seen1 Hash 586f5e925a808223d2c74880129b3764 17864574569d1e7153dee05bfc7580728b786034 5b87210a4a2f080990a9b1059c710c0c4051f0667a100c28dd2f380390792628 Loading...

	cdn.jsdelivr.net/hls.js/latest/hls.min.js	224 kB	2023-03-07	2023-12-28
Pretty URL cdn.jsdelivr.net/hls.js/latest/hls.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:48 Last Seen2023-12-28 16:11:59 Times Seen11 Hash b55a12f998779f639f0b0dd6cc0f3be1 742ac86d0ce4833c4ebbfba944f84bd6021cd342 2c5c9f73e58c3fac08577552188e1cafba4d972e0a88d25f913915b9ac082a81 Loading...

	av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]	156 B	2023-03-11	2023-03-11
Pretty URL av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p] IP 148.72.246.38 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:24:47 Last Seen2023-03-11 20:24:47 Times Seen1 Hash 066ce0ef2554b205de8b89475063b38f cecf4959dc0c5e81fd8bcf61005520fe4be9e808 673c4d9651f0f8ebc88f49ebd42c8826238a1d8c438cc7658a9707ba12a75d3c Loading...

	js.gazo.space/tagjpa.php?noself=1&url=av.xvideos-dl.top/tags/8	15 B	2023-03-07	2023-03-13
Pretty URL js.gazo.space/tagjpa.php?noself=1&url=av.xvideos-dl.top/tags/8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:12 Last Seen2023-03-13 19:07:55 Times Seen1 Hash b48e1dfdcd851253aefbcc1dff266c22 48271858cf54993e59861c7185a12e274b02f89d ff3ac91740d1ab06d3e7d382087ef1ed6a8cc5a95aceddc36b17aee2b13002a6 Loading...

		Size	First Seen	Last Seen
	#1 Write - 07daba03a35c9cc8346ec9d5d1691014	40 B	2023-03-07	2023-03-11
Pretty Observations First Seen2023-03-07 12:07:12 Last Seen2023-03-11 23:03:26 Times Seen1 Hash 07daba03a35c9cc8346ec9d5d1691014 ec0fe04d87f2174804cab8753f987ff049a626ed 2cde89415b284b9fb9f28d4a1b4e8c8d55c03905a22a542daa389024cd0e2ae4 Loading...

	#2 Write - 8da66cae5fc09ad0ad54710cd4960dbd	88 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 12:02:01 Last Seen2024-04-25 20:13:12 Times Seen89 Hash 8da66cae5fc09ad0ad54710cd4960dbd 01ef404d9c252491d6f0cd6900cce145d4b76db1 90b1ab53462f9b18c6a0d06704f07055e834c86239bdc87a3708514e9a6b6762 Loading...

	#3 Write - 83a9de9769ac882ba8290a639306b5d7	229 B	2023-03-07	2023-03-11
Pretty Observations First Seen2023-03-07 12:07:12 Last Seen2023-03-11 23:03:26 Times Seen1 Hash 83a9de9769ac882ba8290a639306b5d7 718d136e388f09f7f16c524f592a53319ac62ec0 ae1907075efebe0d097cfeece2d7a4913c38c8fb6341cbe20123690e3e345ca8 Loading...

	#4 Write - 2badd01f80cd03eb7ffce90487ab3f71	43 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 12:07:12 Last Seen2024-04-25 20:13:12 Times Seen88 Hash 2badd01f80cd03eb7ffce90487ab3f71 1d0af7cc184466c7d86216085ea60242daeb1eb4 e8f6c4dca8b7093bad96494bef55525265ce366c13dc6f76d9358cca8ee182d4 Loading...

	#5 Write - 35666b7e40a2a9f7d591c5983dc8f2f2	641 B	2023-03-07	2023-03-11
Pretty Observations First Seen2023-03-07 12:56:49 Last Seen2023-03-11 21:39:28 Times Seen1 Hash 35666b7e40a2a9f7d591c5983dc8f2f2 9da4bd69b7b270a966eeec48fbf41207a7c13d3f 91b653e7c15e5095801517ab0f9e3c691519a6ab255616b5ae4e70d65007c4c2 Loading...

	#6 Write - 63d5b93466a2ba2605af5f762ebee665	377 B	2023-03-07	2023-03-11
Pretty Observations First Seen2023-03-07 12:56:49 Last Seen2023-03-11 21:39:28 Times Seen1 Hash 63d5b93466a2ba2605af5f762ebee665 c32bd8d54056860d90d706332adf8fd0aa292d77 ba5254484e4eafecc54fcf05e44f8b84cccde4fde7b9ebd7e431228094d3a192 Loading...

	#7 Write - 511deefea4464a46676b3db2738a2188	61 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:02:01 Last Seen2023-03-17 12:26:51 Times Seen1 Hash 511deefea4464a46676b3db2738a2188 d9fe8cf5645da49968cd1d4c20e83ce49b9676af 4fb17fa4d3e642322d8e1b49721446fea7f3310f08b123eae72524d499e56a2a Loading...

	#8 Write - b799ab8fbc639db2650bc71948f8be5f	2.3 kB	2023-03-07	2023-03-11
Pretty Observations First Seen2023-03-07 12:07:12 Last Seen2023-03-11 21:39:28 Times Seen1 Hash b799ab8fbc639db2650bc71948f8be5f eedcac355d4f835e0e9fefdd4d4b0edba10155e6 64a34148d019b50455819140876eae2280adcd45b469c03574e42c1bded250b0 Loading...

HTTP Transactions (293)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9263
Expires: Sat, 26 Nov 2022 05:22:21 GMT
Date: Sat, 26 Nov 2022 02:47:58 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4518
Cache-Control: max-age=118714
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:47:58 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:46:32 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 02:19:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1728
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11491
Expires: Sat, 26 Nov 2022 05:59:29 GMT
Date: Sat, 26 Nov 2022 02:47:58 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: HCy3cTp1gWH1RccvwVfd9fuJYyTteIKOYkqzMhljaswmEfq0BepWdXjT7pV5QcOMvo3qQg0C6ek=
x-amz-request-id: CYXHD748Y2JY4FNT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 02:44:04 GMT
age: 234
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 02:47:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]

148.72.246.38

200 OK

8.5 kB

URL HTTP/1.1
av.xvideos-dl.top/v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]
IP
148.72.246.38:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12874), with CRLF line terminators
Size
8.5 kB (8497 bytes)
Hash
5ec4c7846f9fe3c0fe29598c1e425143
67649c65d2a80f92d7416d4f51abef1fbc1ce06a
9a875b0aa2742a3015e26e5161be4a020ae3852d85e4cf0c0eefeb5545b01376

HTTP Headers

GET /v/s:/avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p] HTTP/1.1
Host: av.xvideos-dl.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 02:47:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Host,Accept-Encoding
pdo-line8: host-av.xvideos-dl.top127.0.0.1-myhost-av.xvideos-dl.top127.0.0.1/v/s://avninga.com/vodplay/263422/title/FC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20[43:31x720p]
phost: av.xvideos-dl.top
line1066: notjp--myhost-av.xvideos-dl.top-filteron-
pdo106: feedvid-, cachefileb-cacpdo2/2f/ca/94a330, lfm-1-20, lmd-20, lud-787196, xfvlen-1867112, fsize-648081, played-44705
pdophp-line408: -; cachetime- 55674.322087281; ctime- 20220124124947
line1514: method-0: ik-fc|||2-|||pp|||v-|||13|||99|||26|||4-|||フラ|||ッシ|||ュマ|||ンの|||fc|||ppv|||フラッシュマンのfc2-ppv-1399264-フラッシュマンの: vidlang-jp9976
line1528: method-0: ik-fc|||2-|||pp|||v-|||13|||99|||26|||4-|||フラ|||ッシ|||ュマ|||ンの|||fc|||フラッシュマンのfc2-ppv-1399264-フラッシュマンの: vidlang-jp
pdoline1599: sarray-599jp8080
pdoline1662: notjp-: fvkwcnt-9968
pdoline1666: notjp-: fvkwcnt-599
pdo-line1950: $i-66$load-0.8253125
Cache-Control: max-age=717269, public
genre: genre=
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: EXPIRED
Xkey-5950: av./v/s:/avninga.com/vodplay/263422-AB-av.xvideos-dl.top-av.xvideos-dl.top-cacpdo0---yes
X-Proxy-Cache-g-jp: HIT
Xkey-g-jp2: av./v/s:/avninga.com/vodplay/263422-AB-av.xvideos-dl.top--my_zone

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
601ca2b4030cae4df5d9617d20480725
f2aa4d62e215f07257ef9b375d69ebed7097d52a
9dbbb56320b215915ebb035a167daab3c1f1891fce39a8d4f7dbc79531b242ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6340
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:47:59 GMT
Last-Modified: Sat, 26 Nov 2022 01:02:19 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
601ca2b4030cae4df5d9617d20480725
f2aa4d62e215f07257ef9b375d69ebed7097d52a
9dbbb56320b215915ebb035a167daab3c1f1891fce39a8d4f7dbc79531b242ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6340
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:47:59 GMT
Last-Modified: Sat, 26 Nov 2022 01:02:19 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
601ca2b4030cae4df5d9617d20480725
f2aa4d62e215f07257ef9b375d69ebed7097d52a
9dbbb56320b215915ebb035a167daab3c1f1891fce39a8d4f7dbc79531b242ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6340
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:47:59 GMT
Last-Modified: Sat, 26 Nov 2022 01:02:19 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 02:08:53 GMT
cache-control: public,max-age=3600
age: 2346
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5248
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:47:59 GMT
Last-Modified: Sat, 26 Nov 2022 01:20:32 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

img2.xiangbinjun.com/new/2020-12-08/FC2-PPV-1399264.jpg

54.230.111.89

200 OK

193 kB

URL HTTP/1.1
img2.xiangbinjun.com/new/2020-12-08/FC2-PPV-1399264.jpg
IP
54.230.111.89:0
ASN
#16509 AMAZON-02

File type
PNG image data, 276 x 378, 8-bit/color RGB, non-interlaced\012- data
Size
193 kB (193293 bytes)
Hash
e919594a4f7c26352f6dd1c4b1b71f91
174130fd4b5242590d445008d79750bc6cdf80d7
8a311ef9782dc39922cd60f30fcc044921c998532cdd5d57150dfc60d5338c5c

HTTP Headers

GET /new/2020-12-08/FC2-PPV-1399264.jpg HTTP/1.1
Host: img2.xiangbinjun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 193293
Connection: keep-alive
Server: X
Last-Modified: Tue, 05 Jan 2021 10:45:59 GMT
Accept-Ranges: bytes
Date: Fri, 25 Nov 2022 19:53:49 GMT
ETag: "5ff44367-2f30d"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: shexnheDk9CplZ8mJeRfNfjRhb4ii2WuqDdPhxXirzOk0Ednf9EboQ==
Age: 24863
Vary: Accept-Encoding, Origin

cacrip.nakadashi.pw/AV4.us.jpg

172.64.128.21

200 OK

8.7 kB

URL HTTP/1.1
cacrip.nakadashi.pw/AV4.us.jpg
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3\012- data
Size
8.7 kB (8741 bytes)
Hash
edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390

HTTP Headers

GET /AV4.us.jpg HTTP/1.1
Host: cacrip.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:47:59 GMT
Content-Type: image/jpeg
Content-Length: 8741
Connection: keep-alive
ETag: "2225-5499bcea176c0"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=360000
X-Proxy-Cache-5950: HIT
Xkey-5950: cacrip./AV4.us.jpg-A-cacrip.nakadashi.pw--cacpdo0---yes
CF-Cache-Status: HIT
Age: 34747
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwvL04k1eK9houWxjmFG6XVBdK2V9rWSfOSHPGt2v4%2FgrYeUToyOUQkSpP85NsKg5yKUPyV6HaAI0xT9m1U1OFlNM8aNBbroHbcpJ4uhd7DfbaOxZ6D%2Fa1arPoYjgsgaV5I1ZUrU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d7729e476f6-LHR
alt-svc: h2=":443"; ma=60

cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js

104.17.25.14

200 OK

4.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10613)
Size
4.0 kB (3953 bytes)
Hash
9653b380e66b38af571efdafa5763f0d
835aa2c117b6b3156a3b439ec302ffa268466c55
3181b9ecf39cca87ae50e71c715a2accc9787ac8655edf1d0fc5195bd688b38f

HTTP Headers

GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:47:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 26185957
expires: Thu, 16 Nov 2023 02:47:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJcVosuXumOdB4i3vsIQJ6PEEa0NI3VDW7nwFjN7zVr15uiIAnZn%2BMIGdSzByR1n9UaV4MkyiB946KfCoDEs5Faa%2BQrKtmG73fECqf3N0mQxe1jMI21SE2hwCVb%2BjWJ7iRRbATlo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ff4d776bc4b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

js.gazo.space/mycss/av4.css?3

104.21.235.170

200 OK

1.3 kB

URL HTTP/1.1
js.gazo.space/mycss/av4.css?3
IP
104.21.235.170:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.3 kB (1330 bytes)
Hash
91947d93b00450de35830a7838c75b9e
f3cbeac747d7aaef471fa96214247686a1e43369
50d14f8c12ee897ab7e0d5279f10b937a3d06911682c0a555922b769d407899a

HTTP Headers

GET /mycss/av4.css?3 HTTP/1.1
Host: js.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:47:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
etag: W/"f05-5cc0d86532b3f"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=3600000
CF-Cache-Status: HIT
Age: 420656
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEdgiIE9QntRfVDiacN1KwF9R4Xc0Wfz6VYwg4gDAeZABpIdJ2itVeupMrtaQg4sBQLNpHsHff99a%2BBMh%2FoCOmzr7yZvyoCE4q4xLr71S5g3XuTHkw15s5HlF5f0oxCD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d776b9c75b5-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:47:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

comments.gazo.space/comments/embed.js?37

104.21.235.170

200 OK

6.7 kB

URL HTTP/1.1
comments.gazo.space/comments/embed.js?37
IP
104.21.235.170:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (14022)
Size
6.7 kB (6718 bytes)
Hash
352c889af2cf2163a866e7e381ae9252
dba161ee742e83c96891e1c3fa8e9a6ecd88ab55
aca3691a6709b371e3dedde66943ed3a1b9a8d2b67734123916d74c1a82e510c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /comments/embed.js?37 HTTP/1.1
Host: comments.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:47:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=360000
Cf-Bgj: minify
Cf-Polished: origSize=20813
ETag: W/"514d-5e998fd344edc"
X-Proxy-Cache-Rip: HIT
XkeyRip: jcomments./comments/embed.js?37-A-comments.gazo.space--my_zone-yes
CF-Cache-Status: HIT
Age: 63147
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrwOWzINYLuCHLhIUvZ17epMfhfuNSZvMJkq25CUovZdGFanK09%2B8dQUiZmMa3oJom0o0IxedPuLHzOf1mzACXgXvi2Bp15HddddLB3UWWhhB2XojFgZ%2F6Xxdo7GCjSPcX3C%2By%2B6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d778bd788b5-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

17 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
17 kB (17053 bytes)
Hash
662e80c6124a946b9e26d4146f20e243
43c212a319d2d651c662e35ad033cda9276a475c
4c8ac42c878e39e5fbbeed8504eab95dc810164719705a6d7087fa2e479c7881

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:47:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

100.20.30.105

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
100.20.30.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6nXS0Hk6+jlt73X/qzi8bA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: O3xcTgrqD95UY8O7k9Uj2hoeoWw=

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.170

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 15:30:11 GMT
expires: Fri, 24 Nov 2023 15:30:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 127068
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

151.101.85.229

200 OK

67 kB

URL HTTP/2
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Size
67 kB (66654 bytes)
Hash
abdd26bf39ab05e9898e3cf1ddbd3fd9
93521bf8e710e9ec024f0e9e24441ccd81c4a6f1
06c56ad9020dc6ef1a5d0141d5c172c0029d18f2dafe0b79a84bb0c4db2aa52d

HTTP Headers

GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.249.0
x-jsd-version-type: version
etag: W/"28441-HHcPD8UUl0943tDpENjh6gMs5yQ"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 02:47:59 GMT
age: 30176
x-served-by: cache-fra-eddf8230043-FRA, cache-bma1643-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 66654
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
d8905896a49e054df57de2ab09ac1002
9fe0a6696933d6b20cef7f6f7c6e891ceea08ce3
518860034cbb0facbeb5e77c86481290d027fdf51eb792e982fd2d1c40afa2d0

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:47:59 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "5153EC09AFDDE85EF26A324D0D7619EB970B8614"
Expires: Sat, 26 Nov 2022 13:00:00 GMT
Last-Modified: Sat, 26 Nov 2022 01:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2709
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d77e96ab50b-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:47:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3a88d4276fb8f28401fe60075759ecc4
e1b4b435cb04254346702d4ac6e668e792fd0af9
46a1baa67d23be2ae003bb4acb33f7ed8ddf753297d596e6dcb6f6b7f52b99d3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2020
Cache-Control: max-age=132040
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:00 GMT
Etag: "6380d744-117"
Expires: Sun, 27 Nov 2022 15:28:40 GMT
Last-Modified: Fri, 25 Nov 2022 14:55:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js

104.21.13.216

200 OK

1.8 kB

URL HTTP/1.1
cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
IP
104.21.13.216:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4505)
Size
1.8 kB (1817 bytes)
Hash
62df3c3b9c50eb48c9bdf36e310babf2
1f69b85084ccd0348dcd55fba839be4f271a591d
883898451b3b4a6a893b54c87b71fe23df90be071936330b23eb2cd6c4f49274

HTTP Headers

GET /videojs-hotkeys/latest/videojs.hotkeys.min.js HTTP/1.1
Host: cdn.sc.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.xvideos-dl.top/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:48:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 02:39:12 GMT
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 2783
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqy9cnaJdepDemcjmHt%2FfHx9SlkTIYk0QBbaRY488XtrtQreo%2BHloGCy4%2Bm3w4rH%2FCbc0DfJvqmG1HRqubOEzoO4Mi694Y8VAHnJNsM6VbhtO7%2FHiJ8fNWKsQUc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d787dbc1c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

jsjs.gazo.space/index.php?js=very

104.21.235.170

200 OK

60 kB

URL HTTP/2
jsjs.gazo.space/index.php?js=very
IP
104.21.235.170:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
60 kB (59498 bytes)
Hash
e142981ada576f30fd6a01aff363d090
a2bedb32cd905e4202444c15bdeb8823a0e3a838
4c502d5e6dc947249297ab90800d915b0eadfe2e33873c4d89f5f22eee52c597

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index.php?js=very HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:47:59 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsjsgazospacmh--NO-rm2400cb003761024ac46555d/index.php?js=very
55nloadrate: 0.4878125
cache-control: max-age=360000, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUgGLD26nPUa4Yya4euhnREXgu9s1VLcDvls4WBLZrfpfRgJcjJsMQEx%2Fy8UbYlt0YLQzqAVlfVzBqQWtVnxoNn1LIVR2ajSF80%2BvUXHKDPadu2fG6q8K4Dq7%2Bs8aKlE6F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d73cc94768c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
49396c110d8214d73acee095f4ff25c8
0bfb168e496d90905120c7013c9d5559751f15a0
a686df00f7539e861597cabda1b01f2abeb26999e3a110141cabc7a5049b7a68

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1384
Cache-Control: max-age=110899
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:00 GMT
Etag: "6380872b-117"
Expires: Sun, 27 Nov 2022 09:36:19 GMT
Last-Modified: Fri, 25 Nov 2022 09:13:15 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

vjs.zencdn.net/7.8.2/video-js.css

151.101.86.217

200 OK

11 kB

URL HTTP/2
vjs.zencdn.net/7.8.2/video-js.css
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (5844)
Size
11 kB (10723 bytes)
Hash
8e0b9e4f5782827464baaa97ab90792a
25330bf40d7ad79648413156e6680a5c0de064b1
f26b66fc7b0a3f85500fe249594bfec05008ab32b33cd885a67fb588b6eb9ac5

HTTP Headers

GET /7.8.2/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 26 May 2020 21:39:05 GMT
etag: "9d2c20f32d2509c50bdcb9239fb9b62e"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Sat, 26 Nov 2022 02:48:00 GMT
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 4317
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10723
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
49396c110d8214d73acee095f4ff25c8
0bfb168e496d90905120c7013c9d5559751f15a0
a686df00f7539e861597cabda1b01f2abeb26999e3a110141cabc7a5049b7a68

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1384
Cache-Control: max-age=110899
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:00 GMT
Etag: "6380872b-117"
Expires: Sun, 27 Nov 2022 09:36:19 GMT
Last-Modified: Fri, 25 Nov 2022 09:13:15 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

vjs.zencdn.net/7.8.2/video.js

151.101.86.217

200 OK

420 kB

URL HTTP/2
vjs.zencdn.net/7.8.2/video.js
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (320)
Size
420 kB (419634 bytes)
Hash
7dbd36f0fcc384a6409db98b80a76dcc
ec256a308360d2b696d874373430c495fdd5b313
33fe4721a551fd6335c11c42d75e828acf4d15dd49de3d93d761d260b5403d47

HTTP Headers

GET /7.8.2/video.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 26 May 2020 21:39:10 GMT
etag: "52c53a33bb2cd149f293eb14fb22505d"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Sat, 26 Nov 2022 02:48:00 GMT
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 419634
X-Firefox-Spdy: h2

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
a444944d53135dc8574cc5469f67a009
6417e75c3d48b52620956820b486f786a823fe8f
b9a953be1d9959058aede6d716c4bf626789c96b9a808d6f70fc12a495505e94

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:48:00 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 29 Nov 2022 22:53:56 GMT
ETag: "6417e75c3d48b52620956820b486f786a823fe8f"
Last-Modified: Fri, 25 Nov 2022 22:53:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3096
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d7a2a62b50b-OSL

mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.xvideos-dl.top%2Fv%2Fs%3A%2Favninga.com%2Fvodplay%2F263422%2Ftitle%2FFC2-PPV-1399264-%25E3%2583%2595%25E3%2583%25A9%25E3%2583%2583%25E3%2582%25B7%25E3%2583%25A5%25E3%2583%259E%25E3%2583%25B3%25E3%2581%25AE%2520%5B43%3A31x720p%5D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1526%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A449977785585%3Ahid%3A901734404%3Az%3A0%3Ai%3A20221126024759%3Aet%3A1669430879%3Ac%3A1%3Arn%3A410517987%3Arqn%3A1%3Au%3A1669430879612549646%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A%2C%2C256%2C5%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Ans%3A1669430877749%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669430879%3At%3AFC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29

87.250.251.119

200 OK

400 B

URL HTTP/2
mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.xvideos-dl.top%2Fv%2Fs%3A%2Favninga.com%2Fvodplay%2F263422%2Ftitle%2FFC2-PPV-1399264-%25E3%2583%2595%25E3%2583%25A9%25E3%2583%2583%25E3%2582%25B7%25E3%2583%25A5%25E3%2583%259E%25E3%2583%25B3%25E3%2581%25AE%2520%5B43%3A31x720p%5D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1526%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A449977785585%3Ahid%3A901734404%3Az%3A0%3Ai%3A20221126024759%3Aet%3A1669430879%3Ac%3A1%3Arn%3A410517987%3Arqn%3A1%3Au%3A1669430879612549646%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A%2C%2C256%2C5%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Ans%3A1669430877749%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669430879%3At%3AFC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size
400 B (400 bytes)
Hash
3bae38716174c6a86ba079f68b12321d
df9ff5ae942156dae12f5b3500a8fbc9d349ccb7
957582ec295b5256fa02ed05fb08072f288c473e1b351014a7b7b60589562e23

HTTP Headers

GET /watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.xvideos-dl.top%2Fv%2Fs%3A%2Favninga.com%2Fvodplay%2F263422%2Ftitle%2FFC2-PPV-1399264-%25E3%2583%2595%25E3%2583%25A9%25E3%2583%2583%25E3%2582%25B7%25E3%2583%25A5%25E3%2583%259E%25E3%2583%25B3%25E3%2581%25AE%2520%5B43%3A31x720p%5D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1526%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A449977785585%3Ahid%3A901734404%3Az%3A0%3Ai%3A20221126024759%3Aet%3A1669430879%3Ac%3A1%3Arn%3A410517987%3Arqn%3A1%3Au%3A1669430879612549646%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A%2C%2C256%2C5%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Ans%3A1669430877749%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669430879%3At%3AFC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 400
date: Sat, 26 Nov 2022 02:48:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://av.xvideos-dl.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 26-Nov-2022 02:48:00 GMT
last-modified: Sat, 26-Nov-2022 02:48:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
80db31d5e6506d659542b0d8fd2ec867
9e73c2f0c5adcd867cd7b832b5c5f00887fe02d7
3712d585dfc6fafe7d99f6462db9ac05a2a7115bb0ad5ffd148f8d45062085c7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143229
Date: Sat, 26 Nov 2022 02:48:00 GMT
Etag: "6380fd40-1d7"
Expires: Sun, 27 Nov 2022 18:35:09 GMT
Last-Modified: Fri, 25 Nov 2022 17:37:04 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vgRXs3m7zAecU_Yu394wU55tgvM-Im5lClAfWYawp_62tiilnHjYeA==
Age: 3486

videos3.naibago.com/20201208/FC2-PPV-1399264/index.m3u8

143.204.55.66

206 Partial Content

98 B

URL HTTP/2
videos3.naibago.com/20201208/FC2-PPV-1399264/index.m3u8
IP
143.204.55.66:0
ASN
#16509 AMAZON-02

File type
M3U playlist, ASCII text
Size
98 B (98 bytes)
Hash
953c01742f678dbd3dcbdd8648092b1e
324b55b137c43bce85509362dc4b50f3bdb2a9df
3d1d804fdea6fb571c085cb6bf0196febe7e7edcc1e5ff9494af6d497abd95fb

HTTP Headers

GET /20201208/FC2-PPV-1399264/index.m3u8 HTTP/1.1
Host: videos3.naibago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
content-type: audio/x-mpegurl
content-length: 98
last-modified: Sun, 13 Dec 2020 09:02:15 GMT
x-amz-meta-sha256: 3d1d804fdea6fb571c085cb6bf0196febe7e7edcc1e5ff9494af6d497abd95fb
x-amz-meta-s3b-last-modified: 20201205T223838Z
x-amz-version-id: 0V83_xA2v5ZDn2B9kBAS4hhvEjjMvgg1
accept-ranges: bytes
server: AmazonS3
date: Fri, 25 Nov 2022 09:16:57 GMT
etag: "953c01742f678dbd3dcbdd8648092b1e"
content-range: bytes 0-97/98
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mL4SSa4s3sDokmMojDOJtv6XdP4XJ_eMMdCiI_GaJZ_n5VOfmaixgw==
age: 63065
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
80db31d5e6506d659542b0d8fd2ec867
9e73c2f0c5adcd867cd7b832b5c5f00887fe02d7
3712d585dfc6fafe7d99f6462db9ac05a2a7115bb0ad5ffd148f8d45062085c7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 26 Nov 2022 02:48:01 GMT
Etag: "6380fd40-1d7"
Server: ECS (dcb/7F3C)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bbh3Jpp1tck3hkhY4tC77wLeYdVmlqbJiPHkS-hGsMpO6CzZ2g0IzA==

videos3.naibago.com/20201208/FC2-PPV-1399264/index.m3u8

143.204.55.66

206 Partial Content

98 B

URL HTTP/2
videos3.naibago.com/20201208/FC2-PPV-1399264/index.m3u8
IP
143.204.55.66:0
ASN
#16509 AMAZON-02

File type
M3U playlist, ASCII text
Size
98 B (98 bytes)
Hash
953c01742f678dbd3dcbdd8648092b1e
324b55b137c43bce85509362dc4b50f3bdb2a9df
3d1d804fdea6fb571c085cb6bf0196febe7e7edcc1e5ff9494af6d497abd95fb

HTTP Headers

GET /20201208/FC2-PPV-1399264/index.m3u8 HTTP/1.1
Host: videos3.naibago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
content-type: audio/x-mpegurl
content-length: 98
last-modified: Sun, 13 Dec 2020 09:02:15 GMT
x-amz-meta-sha256: 3d1d804fdea6fb571c085cb6bf0196febe7e7edcc1e5ff9494af6d497abd95fb
x-amz-meta-s3b-last-modified: 20201205T223838Z
x-amz-version-id: 0V83_xA2v5ZDn2B9kBAS4hhvEjjMvgg1
accept-ranges: bytes
server: AmazonS3
date: Fri, 25 Nov 2022 09:16:57 GMT
etag: "953c01742f678dbd3dcbdd8648092b1e"
content-range: bytes 0-97/98
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vHdrlG1o9k1IhAjSgukBIWUm5tAUXWsB4tfPGD0z0_xofzvqAUEvrg==
age: 63065
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15441
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 02:48:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15441
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 02:48:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15441
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 02:48:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15441
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 02:48:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15441
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 02:48:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 79757
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3502 bytes)
Hash
a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 06:35:07 GMT
age: 72774
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88ca6be9-2485-4243-a3fe-1e61449736dd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6431 bytes)
Hash
801dd70f0c591086062e2a9054f78efc
6a2f4d4bfec41d16fa84b0a9b0b13f7dcff2be3d
ba28f27ea906aaa6db1fbdca53ecbd4366b99d2696fb888e47b731e21c0f82da

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88ca6be9-2485-4243-a3fe-1e61449736dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6431
x-amzn-requestid: 0daa58b7-3fd8-463f-85f5-6f84fdb17661
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOBEpEIAMF87A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381358c-3f8b9c18598ba2532518668d;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FyVMZKsBMppWLcVlLTcWdr_HSifdSnU2IuE3dLHqFD9EgSEZSue5AA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:52:00 GMT
age: 17761
etag: "6a2f4d4bfec41d16fa84b0a9b0b13f7dcff2be3d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4366 bytes)
Hash
abd79421a3c44a8df11ad2cc50083309
8665e5f3026f2c2b9505eb139c478f4d359851c3
3a66b00498fa1322730705b1c4502614b5a520ac3f884f494d65e27a5bb62c3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4366
x-amzn-requestid: ce25f5ab-0c92-431e-ae4e-618829594a74
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVNZFjHoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813588-6a3a8dff70e717011e3a0606;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CkXSlYXZ0DFVjVSVin4Km3_9nETFtQ8Qf6f2V5kjuwoCejVH3Qk0Qg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:47:48 GMT
age: 18013
etag: "8665e5f3026f2c2b9505eb139c478f4d359851c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6789 bytes)
Hash
926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 18115
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8913 bytes)
Hash
5088223f5973e3cd56f03f50a1e84b79
0b6c9b51d10762a4747286ab5b1c2354fa39c622
8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8913
x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWXEpeIAMFnzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: whO__FB0B2ywDP_p63eQ044RXbT207sX1i87I6nPAFUB85nSYc0Cuw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 18115
etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

av.xvideos-dl.top//cacrip.nakadashi.pw/AV4.us.jpg

148.72.246.38

200 OK

2.4 kB

URL HTTP/1.1
av.xvideos-dl.top//cacrip.nakadashi.pw/AV4.us.jpg
IP
148.72.246.38:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1346), with CRLF, LF line terminators
Size
2.4 kB (2425 bytes)
Hash
1cea94c8791bbf257e74dd7283912bac
abd9c00acb50741d403402cd0b15838d9f529495
5b64b5daf36d536f94f35e78c62d399869ec671ab0d73f870532998deac18759

HTTP Headers

GET //cacrip.nakadashi.pw/AV4.us.jpg HTTP/1.1
Host: av.xvideos-dl.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 02:48:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Host,Accept-Encoding
pdo-line8: host-av.xvideos-dl.top127.0.0.1-myhost-av.xvideos-dl.top127.0.0.1//cacrip.nakadashi.pw/AV4.us.jpg
phost: av.xvideos-dl.top
line1066: notjp--myhost-av.xvideos-dl.top-filteron-
line2430: notjp-//cacrip.nakadashi.pw/AV4.us.jpg-myhost-av.xvideos-dl.top-filteron-
Cache-Control: max-age=3876, public
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: EXPIRED
Xkey-5950: av.//cacrip.nakadashi.pw/AV4.us.jpg-A-av.xvideos-dl.top-av.xvideos-dl.top-cacpdo0---yes
X-Proxy-Cache-g-jp: HIT
Xkey-g-jp2: av.//cacrip.nakadashi.pw/AV4.us.jpg-A-av.xvideos-dl.top--my_zone

page.myfile-host.info/myda.php

150.95.129.59

200 OK

0 B

URL HTTP/1.1
page.myfile-host.info/myda.php
IP
150.95.129.59:0
ASN
#7506 GMO Internet,Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:48:00 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8

page.myfile-host.info/myda.php

150.95.129.59

200 OK

0 B

URL HTTP/1.1
page.myfile-host.info/myda.php
IP
150.95.129.59:0
ASN
#7506 GMO Internet,Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:48:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8

e1.o.lencr.org/

23.36.76.226

200 OK

509 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
509 B (509 bytes)
Hash
b17e4a468123c6c5076ec59ebc9d40b3
149ae2c5599cb4693e5d455b1f150454cac24ef3
2a8703dbc341fdcbc8b25c6640edeef675f4281f2d7bb1fe86a52f616fe480c2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "41AE408A70CC094A26B2233C05658E5EAE407A0035717CF1921D14C9A2EA47B7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18385
Expires: Sat, 26 Nov 2022 07:54:27 GMT
Date: Sat, 26 Nov 2022 02:48:02 GMT
Connection: keep-alive

www.w3schools.com/w3css/4/w3.css

192.229.133.221

200 OK

5.3 kB

URL HTTP/2
www.w3schools.com/w3css/4/w3.css
IP
192.229.133.221:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 (with BOM) text
Size
5.3 kB (5250 bytes)
Hash
cfa5fd76f66a5f917b87ddd80b75b3fa
c0d7265855205d77acc0f1154172070a8680ab19
38ae41c45eedd4f190a8ddbda2a2dc69e2a4d75a6ff8cb0bb35d4a521724ee98

HTTP Headers

GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 11894
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Sat, 26 Nov 2022 02:48:02 GMT
etag: "07b2bc2cf0d91:0"
last-modified: Fri, 25 Nov 2022 13:13:50 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5250
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
33d253354d175f701e31a6997c12f51f
af7db90b26c123446a353b11a63a3b2faf5c6385
228ff396ca66e691abaf83f25f900782df316eb23381cd5710168d0ff13fd03d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 9
Cache-Control: max-age=102659
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:02 GMT
Etag: "63806c5c-117"
Expires: Sun, 27 Nov 2022 07:19:01 GMT
Last-Modified: Fri, 25 Nov 2022 07:18:52 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
d99ca805b507eb4d2942d5c71ee7a283
7597e42faedb7f8baf720200abb5c61303111886
f962b4d5a7e15e0927622ef47c13cb480513234356a7e633b00f647e84bae7dd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4896
Cache-Control: max-age=134938
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:02 GMT
Etag: "6380d75c-116"
Expires: Sun, 27 Nov 2022 16:17:00 GMT
Last-Modified: Fri, 25 Nov 2022 14:55:24 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a1edea9e9d6877f3f780b8637561ea62
2d096da577afc4a18597c2bd8f580df0abc019fa
617355d711917db6813dd8a7922acb6922af5b6c78e0438f59d2e5978eea9a41

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2811
Cache-Control: max-age=156949
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:02 GMT
Etag: "6381357c-117"
Expires: Sun, 27 Nov 2022 22:23:51 GMT
Last-Modified: Fri, 25 Nov 2022 21:37:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

static.thisav.com/images/videothumbs/349500-1.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349500-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349500-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:02 GMT
Location: https://static.thisav.com/images/videothumbs/349500-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDOzq2onMVV9DbqXvKVCfqRxPTMO15QnqZd%2Ft6mnGO%2FGBPf1rIO0nqWtamF2WHifN%2Fg93CzUcNjOPhQjAnDOZwcG399Cas0iwA2h%2BrcZM0o0itAB035y2WVxDP%2BcEH4AudIp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d89598ab4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349500-3.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349500-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349500-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:02 GMT
Location: https://static.thisav.com/images/videothumbs/349500-3.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3MD7qtpcr7Xv38PKaBn2%2Bt1MjIbKGFD6lDpU5jINu6PX1EyccCTE%2Fvivtjkg1%2Bfq7TVqknsWcJ1n0FtQO4EgRXS%2B11a%2BFguNDp85VNQpMoghtkuzeHNh2skMTy62N69aUO6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8999b4b4eb-OSL
alt-svc: h2=":443"; ma=60

www.thisav.com/favicon.ico

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
www.thisav.com/favicon.ico
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:02 GMT
Location: https://www.thisav.com/favicon.ico
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKe6I5XPmMt0%2FpkWKYTjuy1l8Jst23YdPzzHtl%2Fj%2FHdGZKyRz6%2FyIzyuevvHp6MnohzMbDPzx6jIgaT88Hr%2BiRm7780TsLDsKQKOUtHSu8Xaf5DIpD9aUJutm%2Bwi3oTb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d899c60b4fd-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/495172-1.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/495172-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/495172-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:02 GMT
Location: https://static.thisav.com/images/videothumbs/495172-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZz6ibQ%2BRsZVoxijIpKPNgELIy%2FtXfDvdvXJUBjqtHZ3Ehn8lXrNtRuPitw0VwMPjxD4afUt%2Fwwl1lLl0im4oE4NI8R99m%2FOscbyieCLWJnhmZpqOnx2sVFbAND1jzljVVpo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d89a9bbb4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349500-5.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349500-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349500-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:02 GMT
Location: https://static.thisav.com/images/videothumbs/349500-5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PBCEjKN7j9izO72npk0gMl9Z7bK5433fXSyCUs7F%2FjYOinKG%2BqSxwNCfxYHtpLaubLiJaEjsZLYgLW2EliNTzo9BmWQPPxWFVZiiK7Vw0AUJY2KA%2F4G12x6FOHB389XYsj6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d89ae7cb4f4-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349502-5.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349502-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349502-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:02 GMT
Location: https://static.thisav.com/images/videothumbs/349502-5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjBSCxP8p2uE%2F4g2elUybmeOrl4HPDwbARrRwBcTKFIxD0GKduvOnn7MWtsBTXCtPedmJCnThvi2MrccYhhLc2On0gM9pV94geQAnM4nswLGoTTETh0dtaotqd5apBzpPONf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d89a89ab51e-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5b895de4327e48d391e164925b6a867
7a3b6850f1cc8cfdc4f864450e4a63a8bd7ef1de
07317d7f1a9c0f2b9892ef0133323d573e0d18a49aa3fc52e49ac9d8410ec9b3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "07317D7F1A9C0F2B9892EF0133323D573E0D18A49AA3FC52E49AC9D8410EC9B3"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10943
Expires: Sat, 26 Nov 2022 05:50:25 GMT
Date: Sat, 26 Nov 2022 02:48:02 GMT
Connection: keep-alive

static.thisav.com/images/videothumbs/349500-7.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349500-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349500-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:02 GMT
Location: https://static.thisav.com/images/videothumbs/349500-7.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryFRZXAduGufH1PaF8ggOB1193zSI8P3WKEajDshtb%2BeQoTPXIcdvb3XMQp5EC6nnALGeprq8mAPpPLJkPubY5Pt%2FTHQvCLxPb%2BC4%2BVS%2FyBUZDQ%2FOBX%2FydmzCE5TOeU4aZNr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d89b95db500-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
33d253354d175f701e31a6997c12f51f
af7db90b26c123446a353b11a63a3b2faf5c6385
228ff396ca66e691abaf83f25f900782df316eb23381cd5710168d0ff13fd03d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 9
Cache-Control: max-age=102659
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:02 GMT
Etag: "63806c5c-117"
Expires: Sun, 27 Nov 2022 07:19:01 GMT
Last-Modified: Fri, 25 Nov 2022 07:18:52 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

static.thisav.com/images/videothumbs/349508-5.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349508-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349508-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:02 GMT
Location: https://static.thisav.com/images/videothumbs/349508-5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23fyMHO3nayMU0u%2BdKc5D5T1oX6Wfz2vqI3Y4hPvzU4Pi2eq9MAkqdxuI2EeFKoMfhVtOM2zl1nxSFfuHhaKu4P7SnJh8zLlXxz%2Bb%2B0%2FpN2RVUIT0GMvM6jYO%2FclyaZQ6LyT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8a09d9b4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349503-1.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349503-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349503-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:02 GMT
Location: https://static.thisav.com/images/videothumbs/349503-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFlKw0VdqJu2VWYZfAnfxw%2BXViEALx1E0f9dwCSv245Y1Jp2KTub34NOA1dC2B%2Bae3Le1GG7G1dVBYMUnFHX4k3sf98ykVxlRq3GEz%2BceDH7agaFtUTbWur27Ett9eIBJU5e"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8a19dcb4eb-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f84b402bc3113de96c974a1ae5dfa0b2
1bf050d8adac2414183905d8d46317b7f082da25
aa3d37ebeede55c44506d0377f07a92ca23ee6300e751a5cca64c621159442c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA3D37EBEEDE55C44506D0377F07A92CA23EE6300E751A5CCA64C621159442C3"
Last-Modified: Fri, 25 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14618
Expires: Sat, 26 Nov 2022 06:51:40 GMT
Date: Sat, 26 Nov 2022 02:48:02 GMT
Connection: keep-alive

kissjav.com/favicon.ico

82.118.242.43

200 OK

1.2 kB

URL HTTP/1.1
kissjav.com/favicon.ico
IP
82.118.242.43:0
ASN
#201133 Verdina Ltd.

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
0ff7e3a24a7ed8cd60bc0fcd92fcf935
4d61cd969455c158b7ca1854d8eeca53c7aa1152
d7a0993e561a9a25c1ecb544260bc1e1b5302267f90524e63c98393f7c69be06

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: kissjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 02:48:02 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Thu, 03 Jan 2019 09:28:04 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5c2dd5a4-47e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

static.thisav.com/images/videothumbs/349500-9.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349500-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349500-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:02 GMT
Location: https://static.thisav.com/images/videothumbs/349500-9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eueAY7wKFyTEYi8TsQ4KnU3iln8P48BhiahKpPcEaFnfRZCHQzKbWaK80rIDhgDHBC2u7Fi6iwUL09cJr9QyCA4Psza1Ej7r37hXdATu0nBxHbaQLLUdIZSNx2eDVUXYavL1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8a8ed4b4f4-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/451922-1.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/451922-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/451922-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:02 GMT
Location: https://static.thisav.com/images/videothumbs/451922-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPStHvNfkr0tVL9VUI%2FTSb8NO5ck8506RPOibcPdwa4gxPugR8OUVfzQDarL4EcqRp4aZaHWfYDQxocuNl7S3YTBDcFfx5%2Bu1GGQ1jAWk3okQPbFTUNxk5bEY9jCAG60bXe1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8aa934b51e-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/451922-5.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/451922-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/451922-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/451922-5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFKiWSoX2hpwux2t7rhj%2BxrJ51Zuv8rpA%2F12jOS6MY9%2B911DB9fu0xYKfeBixIuDe8o2VSvJLa6odZME2tXOokbDegbJdNBtrZUCPFuueSOxXYWRWCMmQavqg2E00KNeqCHs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8ada2cb4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/451922-3.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/451922-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/451922-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/451922-3.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dH0RWwduZOlhURvjeqe%2F%2F6nADSHgj7r3qXF0FsWhigcjBdT8NN0RbMqS4Di%2BYHOZh4wRfOscCAygQZIH3Y70b9ut8fvMI9PnrHPB4SawpNKQr%2BZBxWVl4iw5yExpwZ1%2FEqvR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8ad9d0b500-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/451922-7.jpg

104.27.205.87

301 Moved Permanently

2.1 kB

URL HTTP/1.1
static.thisav.com/images/videothumbs/451922-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.1 kB (2087 bytes)
Hash
f6cbc75ce7caaae3184da34211011954
195027b6e3d0d75226c344fd2bb8efb7ca396c46
2bf274ad8bed57cf9b260c6a5a3a1a7f42d14b020d90ada4c441a7d3cbeaff3b

HTTP Headers

GET /images/videothumbs/451922-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/451922-7.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbNDGtSL6eSsXv%2FYSNgwUrMt5PBOlBWMBB5%2BaYFhFQYlpTrd646atmYcL0nBee0u0bQ5T8C3t1%2FV98l5OKzaPp7xxVRm9R8kJfcX7%2BhaYZPUT8u3dUPRpw26eFdHE4uHvqgt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8aea33b4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/451922-9.jpg

104.27.205.87

301 Moved Permanently

6.6 kB

URL HTTP/1.1
static.thisav.com/images/videothumbs/451922-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.6 kB (6604 bytes)
Hash
f760580d265faca13db5c541dcd5c36d
235d5a37a5650e9ab7cea28185538bb0131fe62c
080c107b143b66faedf9b2ff9eb4a12afa9369f4fa2f12cf2bdf578054735753

HTTP Headers

GET /images/videothumbs/451922-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/451922-9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fSLhtNIS18lQlWMKhan9YVMlAOuyX2ObH%2BoMsWwoZ8%2F%2Bf7aAr%2BKC9bBAbnqwojcpep1DsjGC6ljFAmVe2goI%2BPltZQqnUh5767C4rUutktOUCmhF%2F%2FVfvx%2Fygr0YLlBejvP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8b1f23b4f4-OSL
alt-svc: h2=":443"; ma=60

pornve.com/favicon.ico

51.222.43.181

200 OK

198 B

URL HTTP/1.1
pornve.com/favicon.ico
IP
51.222.43.181:0
ASN
#16276 OVH SAS

File type
MS Windows icon resource - 1 icon, 16x16, 2 colors\012- data
Size
198 B (198 bytes)
Hash
c6acedaff906029fc5455d9ec52c7f42
92cbd806ca421aa2c9ff5e1ff76bbc20913a2f81
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pornve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 02:48:03 GMT
Content-Type: image/x-icon
Content-Length: 198
Last-Modified: Fri, 10 Apr 2015 08:38:52 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "55278c1c-c6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
1dd66fb4a896cb3184a06ccd81795626
3c685efb86e81f9ad535e71071a69a12e70ae2fa
41ae408a70cc094a26b2233c05658e5eae407a0035717cf1921d14c9a2ea47b7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "41AE408A70CC094A26B2233C05658E5EAE407A0035717CF1921D14C9A2EA47B7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18384
Expires: Sat, 26 Nov 2022 07:54:27 GMT
Date: Sat, 26 Nov 2022 02:48:03 GMT
Connection: keep-alive

static.thisav.com/images/videothumbs/495172-3.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/495172-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/495172-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/495172-3.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oleRBOJljKclxpFTTQ6qRBDS7rWFC3T9oQny97SuuvTCIuROnUUWu00Ez%2BJawjKMxt%2BK8IZ0FUpIeriCMtQ9CAKztqjcqeN2u5cPHNZ8XjdNfZT3fmtTeZ%2B%2FdsbUimbFlk3%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8b3993b51e-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/495172-5.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/495172-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/495172-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/495172-5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nb2cPIGbnbnoz8FS12eFDkwT9xXA3FdKrFgZTsXbVyyettt4omHAw9wLFcChwlcp5cD0zK2X2u0ac5omLlaewmdS6GgWzZYeKdz4x1AVsdFQNcy2aFXx8UQM3ZD%2BVyPrPuEF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8b6a94b4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/495172-7.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/495172-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/495172-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/495172-7.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5e1KnRAR3bFRP47OwJdoBnINEdbwh%2FUXN9dksmOf7nH%2BQByKrKXvegHcnLLVl74GHle3hACEf2pVR0Ky68VlyI6lH7HRGrJMdTRgR3cDzI%2BpiTbYyuC%2BFAF0Db1XzYdkjMw1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8b7a0ab500-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/495172-9.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/495172-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/495172-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/495172-9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VTcdiHP62k908Eq0%2Fqe9oa6AikuIM%2F9eRwGhipp%2FelAa5OZLdgnv10JiLUxOuY0y9QVkeOpIH3IUqSKIaWClREfloEjv0rRbugzcECNkjdCqqblM23kIsN32NHZ9bBufSZL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8b8f4eb4f4-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349502-1.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349502-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349502-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349502-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAneY94%2BGtR0yH%2F9B4b25t1R%2B6HgmRO%2BTPmZY77R8Iw1X%2BAEjhcvm3nx5V%2FNKbfTWmvq23iEy0Na3PGX%2FQku4a6newrZHwOXYpIVHkGR%2B6k9oIlyVat6RCBwYZ3kzqJhWv64"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8b7a99b4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349502-3.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349502-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349502-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349502-3.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgyZov7XcRWdH3NT%2Bgt0rPl9n%2BPeTrdQHuM9Fla8pUnzvGnsPKzhHG%2BHEaOuEjOM27PQnQW190fIhM35cxC3ORloC2L%2BQojvXL5JMJhe1lFvZoKSLNR6B8jkSJe5VtrR%2BlLD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8b99c7b51e-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349502-7.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349502-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349502-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349502-7.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVnLDK4ROZhlKq29H85jDfLu4GsfvDEdKb9X5MkEincUmkaKMCk0kUMNuhtLiiSnfiAjNMqDQq1xPmj6SYZ8zhCuwojrgnGoAy6qGm%2FAkvLyD5Z9XfjkvwWETWWWeNrGMpZk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8bbaadb4eb-OSL
alt-svc: h2=":443"; ma=60

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
489db019696739cc3be32ffd1960b980
2184d30bded7cb8a0207e196b2efd9e5321815b4
f39dcaa321daceb0c3816db92cbf3efb9f51cb57eae38e78de50eedb86bde473

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F39DCAA321DACEB0C3816DB92CBF3EFB9F51CB57EAE38E78DE50EEDB86BDE473"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3486
Expires: Sat, 26 Nov 2022 03:46:09 GMT
Date: Sat, 26 Nov 2022 02:48:03 GMT
Connection: keep-alive

static.thisav.com/images/videothumbs/349502-9.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349502-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349502-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349502-9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqeXwcz0BL4lvh%2FsBcP9QJYHzyuVhd4cJJxx2TcTHtUglnE%2B5zu2ITCO%2BwZNASjhXfU7X3XkbimCXPFjzLrIjDLSoG2x5YtM2klThubTKM88As686CPk6xZlhJwZkUiBdXYH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8bfa38b500-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/531090-1.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/531090-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/531090-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/531090-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0tIOpkifJw0V3nlaAmh3UGM5hGx5d%2FI0PnVqhjRcMKmrFS3HLHvKBhfkYB%2FGnWX4m8aqU867v48cMCFXZxVeVbpBHBZDj2cYQlPzibco%2FphqCpq41RuI4MYETJ3srLKE76%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8bff84b4f4-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/531090-5.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/531090-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/531090-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/531090-5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbuRG0EG6TQMojzafUmm5vCt9uDQ4YJRdlZEdlfZ0QI%2FftIRbpOfwqro412c2erV%2BEa77uoskYYTqflt1HlWoo%2FC4dceHlq69RT7KpgWrpMxVd7A0ySY%2BqGeYFluJsMZRRVA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8c1aeab4eb-OSL
alt-svc: h2=":443"; ma=60

www.tktube.com/favicon.ico

172.64.170.25

200 OK

808 B

URL HTTP/2
www.tktube.com/favicon.ico
IP
172.64.170.25:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
808 B (808 bytes)
Hash
6850a5bd27f5ca120e913c5013443e83
a543726a62b4d04d73ec3b8670a5c62a7f01548e
0d91b7f3dbc11f2ad70ea754162884c3bb4166e1fcc55729fa3027245001f448

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:02 GMT
content-type: image/x-icon
last-modified: Sun, 04 Aug 2019 13:33:08 GMT
etag: W/"5d46de94-47e"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6125
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gayojtT%2B6jEaMaNlIR97QxQB9nptOsXvVwe2d2909%2BkFsFqY67YBe7GgL8BzsryLKOD0KZpyZaqgcAJMKANpdoD9FXelqjqRQjFSPUh3R4Pfsg4FRWgzbbM9RBO%2BsheITQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d8918f37729-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/531090-7.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/531090-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/531090-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/531090-7.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvSrnYw8qeKYN5uO0eOxmM7%2Bz19zkuFbfYXlL8BS4s9avBNqM%2BCu%2BTshIcepqp%2FnX8VlJDvXoCareu%2FUYcSFU%2Bi1zDu8p74ovUN0VYFpe%2F0R8OWXCCLLm5euNZamL0pzmDZn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8c4af4b4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/531090-9.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/531090-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/531090-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/531090-9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8XZ7cI%2BdzWRl7qogniCWVhKE0qxU%2FG%2F%2Bqru9QHhwYlrnT8fNimq84u3Mu8s8DYW1JFyUmBq5Rq2XXnLj%2BMY720XNAyUw3WuFZkiqTYdE%2F9uvnGBXrShhVmy8exnljchoTHa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8c5a63b500-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/533560-1.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/533560-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/533560-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/533560-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FRQgKU69iBWV3GdamIYCfnLLzLHS%2Fd%2BIn9LSuhmpvoJ%2BWVDTskEOzBgdpUAeGfi%2BBv57fP79VmRXlCldWOR5I6W2I5xvE%2BiQhPtBdaCg%2F%2B7vEioXYFr7hDQ2rE99ykeSgcE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8c5fa0b4f4-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/533560-3.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/533560-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/533560-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/533560-3.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oz%2Foais6ZVdBQHNlMplxKouG3nUC20GjJmVzorMEBhDsJy3rmaBdRdTdy9iZSfG7waZy5khoOQ%2B9hDyvQ1I2%2B44fTm8b3S287D5ZSihJtRKtRne4hZmsXbBehdC3MIrYk1O"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8c8b16b4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/533560-5.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/533560-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/533560-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/533560-5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YNNkbAMDsNkP3UBbpv%2FM0fwtA7lqNQ6XIknCsQ8wcPVex3jvXmQOJvdIhgmzRv6uj6P8OzQcMA1gx1Mr6GcsNYaWzniOiiEC41lxzwrkc8jq9oekca80MBe2jOHK4gAp9hz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8caa67b51e-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/533560-7.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/533560-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/533560-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/533560-7.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciwodgV8jF%2FtLXQQx3779EIzMx4dtpyKuwBk13sEMrlCLH07W%2BGe6mdf7PGHGIPc8kQnwSAH7egMduoNXBhOJhUwI0GGqCtImOAm3bLMiAOo5KQj8yyWcYeY%2BH53HvB%2BzUmY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8cbb2fb4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/533560-9.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/533560-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/533560-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/533560-9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaGj%2FhHAnW7%2FSrryOCyWnFK587W4glQlnolMC9TBjQ7X7KcEhUce0GBfuhhmepMFIBuofx%2BTg1a4DRdbF%2FtNi8D5rjzZ%2FHH6nbVaTZ%2FhtSn1IwDIV3rzY28M4J9J177EERHK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8cca95b500-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
55b4ecff2a4452812b61591d2432a7b2
0cfb70d53f6b25d6ef50fbfcab04ba0795331bc7
8ca571951fe8e951d0ec37e237926d8af862bc25cb58b869a539c08249c63d24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6119
Cache-Control: max-age=163477
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:03 GMT
Etag: "63814211-116"
Expires: Mon, 28 Nov 2022 00:12:40 GMT
Last-Modified: Fri, 25 Nov 2022 22:30:41 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

static.thisav.com/images/videothumbs/349503-1.jpg

104.27.205.87

200 OK

2.5 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349503-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.5 kB (2500 bytes)
Hash
11e466bf4ea5fd8e1505792eaec4eab2
edf3e7cf30acc96457024e53c0070f516ca4b5db
27d04a41f9b2511da72b6ec0ee91f0b32b950bc7f7bbbcbd3d5ad35138152de6

HTTP Headers

GET /images/videothumbs/349503-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2500
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13133
content-disposition: inline; filename="349503-1.webp"
etag: "5abaf263-334d"
expires: Tue, 20 Dec 2022 18:30:28 GMT
last-modified: Wed, 28 Mar 2018 01:39:47 GMT
vary: Accept
cf-cache-status: HIT
age: 461724
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjKtrXH%2B8r4ZS8Cx7l3kny%2BQymkYcbjJDIz0j9VgeJ9Hgnh21h%2F6kWceCw8HLa19%2FMMgvETZMr%2FUI6bG197mKtzxoWM5PvmjqePjr7dPeyEI4PbdmhpX89dbmP0FgIsTqBdY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d0899b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349502-5.jpg

104.27.205.87

200 OK

3.2 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349502-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.2 kB (3230 bytes)
Hash
68eae2da8919ad49f14ec9694d94cb10
4a9ddb6e2bd2806c983f16961ecb246c14792398
25cc5d02faf5dd6dfa8ff8f0d606c9cdae612b3866c5df7be38afb5cf41212f1

HTTP Headers

GET /images/videothumbs/349502-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3230
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14861
content-disposition: inline; filename="349502-5.webp"
etag: "5abae3dd-3a0d"
expires: Thu, 22 Dec 2022 19:40:36 GMT
last-modified: Wed, 28 Mar 2018 00:37:49 GMT
vary: Accept
cf-cache-status: HIT
age: 284716
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCUQ0wUlvVvl6w8EUDLzR38KLTYZX8Gt18wPDY6SGjHVzYnoChdNOgX3vpcw%2FI3hsoLg9QPYjK8XiYh172h820W8g%2B9xKLPHhimv0lXxqEPUa5K0D0uZGyGOkFCEYlnpivLI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d0896b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/451922-1.jpg

104.27.205.87

200 OK

4.7 kB

URL HTTP/2
static.thisav.com/images/videothumbs/451922-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.7 kB (4748 bytes)
Hash
c6432983c5d64076348db9e968533a7b
0afd1e6dfcef3592191b106baac0bd96d2fd6894
428f7b09368fc6089537ee508e5cae172a3c8a826ff38e3a74a767f19603891d

HTTP Headers

GET /images/videothumbs/451922-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4748
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=18966
content-disposition: inline; filename="451922-1.webp"
etag: "5db256fc-4a16"
expires: Sun, 18 Dec 2022 08:37:20 GMT
last-modified: Fri, 25 Oct 2019 01:59:24 GMT
vary: Accept
cf-cache-status: HIT
age: 670113
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dy10SAzHF2HWNkCbrMN1dL7M7HNn09N2G87SlDkd4nvo5z4Nx17NTb0rkYVJd6JG1lsWCdd3E8Jg2vft%2BeZaFJCmE7LkE4UAioEcN10VtOBYgIL%2FPOsps4CfzcvFsK6gymgP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d089bb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349500-7.jpg

104.27.205.87

200 OK

3.1 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349500-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.1 kB (3060 bytes)
Hash
c7ab987e85289674471f21007d41dab3
d87481220e37bde8ce9e72a363aaf061bd6a78c7
c84ebbad6aad9f196c5da87b876a6b24f49db2a7433a886105a952c49629ea42

HTTP Headers

GET /images/videothumbs/349500-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3060
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13988
content-disposition: inline; filename="349500-7.webp"
etag: "5aba9ba1-36a4"
expires: Sun, 25 Dec 2022 09:10:53 GMT
last-modified: Tue, 27 Mar 2018 19:29:37 GMT
vary: Accept
cf-cache-status: HIT
age: 63298
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzUSrteAFyQUGueLDito7NrGYK5e1hUie6qFNkbmGNos363jkaxzwEaT%2BG1A2N%2Fmgtp9SMG1yVaBjHfeegIYYfd0Wb8lEmXEZMz5FSlNyPJ8N824ML9vldl%2FSRziLi3OYewK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d089cb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349500-1.jpg

104.27.205.87

200 OK

3.9 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349500-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.9 kB (3862 bytes)
Hash
24b4e4683baaf84f236bf65826a62e46
af4267a25b83ba3aa4e38773f819b34b06dbf142
4f37bd7a3a517d3ffcb845459725aef2dd672571b5dfdf9e3cdc2784871c0e98

HTTP Headers

GET /images/videothumbs/349500-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3862
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=16462
content-disposition: inline; filename="349500-1.webp"
etag: "5aba9ada-404e"
expires: Sun, 25 Dec 2022 09:10:53 GMT
last-modified: Tue, 27 Mar 2018 19:26:18 GMT
vary: Accept
cf-cache-status: HIT
age: 63298
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mg3bOctTCIgh3djtJq0M9kAlLBjXlkN7PoEAgIfivQmaAomohoFI0mSkVgxnfCy1t4hsYfIpPrGwKs%2BDKCuRo30neNPsayqQjVnojqPd6LcJJJW6HNOpuVbP78OghPiZmHyM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d0898b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349500-5.jpg

104.27.205.87

200 OK

3.7 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349500-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.7 kB (3666 bytes)
Hash
ed1b819d0436b9737154a8fbce8db158
8dc85a643d90c75335dc728523f72f62cb54d164
3353f846d31fe98a723c9325be805bc5e40b178b011493729f588e16576b498f

HTTP Headers

GET /images/videothumbs/349500-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3666
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=15991
content-disposition: inline; filename="349500-5.webp"
etag: "5aba9b40-3e77"
expires: Sun, 25 Dec 2022 09:10:53 GMT
last-modified: Tue, 27 Mar 2018 19:28:00 GMT
vary: Accept
cf-cache-status: HIT
age: 63298
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSwhM4zjKNStqK6CwWBBLqPMGh9zO6dOd%2FVE%2FU8gV5SG2PrUHibgeQRnjyIrgmwhWRIoAXlm8dRYpR0ofB2PqGL2oFnrJeHWB7hgTC%2BB7UnOxHYR1RLAxLt8VPoS9jCVoXtV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d0895b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/451922-3.jpg

104.27.205.87

200 OK

4.9 kB

URL HTTP/2
static.thisav.com/images/videothumbs/451922-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.9 kB (4932 bytes)
Hash
7e51813c784c5efe9a8e79707dd1a5d0
618dddc43ec161c1ad8f126b47c039a7ddff2c00
3c4ca5e3d0ed13034e6f0e8ad71fbec0dd535809c298d4484b52b059d7382eb1

HTTP Headers

GET /images/videothumbs/451922-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4932
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=19620
content-disposition: inline; filename="451922-3.webp"
etag: "5db258d4-4ca4"
expires: Mon, 26 Dec 2022 02:37:18 GMT
last-modified: Fri, 25 Oct 2019 02:07:16 GMT
vary: Accept
cf-cache-status: HIT
age: 513
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSIlOkYP6g2YyJE0rLygxs4zZB1iXeWHfjtd5zo4Gr8WasYRN6kH1GKos6HRB5AWs1NDOy%2FcsOuCbGraGlmG2puERjZj55EpWoCN9RaeFXYa0vUNIOU4R7TYBIfH0sHLe6T%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08a0b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.ptt.sex/favicon.ico

104.21.63.169

200 OK

3.9 kB

URL HTTP/2
www.ptt.sex/favicon.ico
IP
104.21.63.169:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
3.9 kB (3856 bytes)
Hash
c70309a7db9829e8068f7316b430ebe2
96cf97c2280a5db7f15491dd0093a7f49482b6cd
845d06bf254227a3df637a9392f9073866acd7cfff507925a084ccc0afcae434

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.ptt.sex
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:02 GMT
content-type: image/x-icon
last-modified: Tue, 18 May 2021 02:37:17 GMT
etag: W/"60a3285d-3c2e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSLTX8vi3vp9jwfyojCLQmiRGA1uuHMOv4vZrf1lfjyXFt%2BMhgP6JKkEcBwBexeTfHMLy%2BV6xVhvb6ooHVTqs1u8%2BebR8frzW3FF49nLiJrzhUuxYRAhywivF8u1xA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d889b9e1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349502-9.jpg

104.27.205.87

200 OK

2.9 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349502-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.9 kB (2904 bytes)
Hash
18e45a36a9be816369fae089ac82e8ea
0738c5c44c2870f088dc30c2261eb7b6cbccdad1
f352a4979678997bc8fff8f225f9e5429edc9f1a165b428d5c2161d1a2887bd9

HTTP Headers

GET /images/videothumbs/349502-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2904
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14798
content-disposition: inline; filename="349502-9.webp"
etag: "5abae596-39ce"
expires: Fri, 23 Dec 2022 20:53:30 GMT
last-modified: Wed, 28 Mar 2018 00:45:10 GMT
vary: Accept
cf-cache-status: HIT
age: 193941
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DL3Gfy6FoR4iyQgut7lWljIQWoxWWFLJiDNd%2FCkFa%2Bg%2FN%2FU7Xc068Mwf2M3%2FTjbcMpmXKDbK7AZNFRLOlA8ikRVEN1mPjR3OOkFOLF8sRSqX2p%2FkY25xW7n8LoL3ZNua2pRR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08acb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/531090-5.jpg

104.27.205.87

200 OK

3.9 kB

URL HTTP/2
static.thisav.com/images/videothumbs/531090-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.9 kB (3926 bytes)
Hash
56776ddd2f507157f2749f25dccad6a5
42ca38cece376ee5564f33fba46f72b7c81102b8
5e60ff63bb5a0e305869385863bed86a227a18d103271f4c19b7a12986a01f12

HTTP Headers

GET /images/videothumbs/531090-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3926
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=16411
content-disposition: inline; filename="531090-5.webp"
etag: "5f928bdc-401b"
expires: Thu, 22 Dec 2022 00:35:45 GMT
last-modified: Fri, 23 Oct 2020 07:53:00 GMT
vary: Accept
cf-cache-status: HIT
age: 353407
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWEx7iT4SXBJiUinWvpUOvyPIVoCjSR7JN7pAm%2FVHmNf58b%2Biah7bEKK39EUDvm3nRQE3P0mDuBkectJcd5wtx6hsCxY6hcCsFv1SEL6WQQacimdgcLhKpZHQ4B70WXiobdz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08aeb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349500-3.jpg

104.27.205.87

200 OK

4.2 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349500-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.2 kB (4168 bytes)
Hash
b48cda478185a041a26f3e3858c5f915
ed1d597cdfeab26aa2942b0e35f8fb07ded31e07
8b1e398999125f1b95eb74aafd9c244c579dd3c465702b7c4721cba59dde4236

HTTP Headers

GET /images/videothumbs/349500-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4168
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=17024
content-disposition: inline; filename="349500-3.webp"
etag: "5aba9afe-4280"
expires: Sun, 25 Dec 2022 09:10:53 GMT
last-modified: Tue, 27 Mar 2018 19:26:54 GMT
vary: Accept
cf-cache-status: HIT
age: 63298
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqvgvSnhl5SC0Jk9Oe4UxqYsQBgKrTOVwft940k1l8YbvIccCJG2AFEVvg7A8DkrmR89R3%2BSjBXOIgZks7VKL6dQ7ZpY7P5chyNfP9F76SjOURie0Kx%2BxdTqFkax0TIaLkKt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d0894b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/452978-3.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/452978-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/452978-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/452978-3.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iE0QurfKhmAl87cNfbXyZ9gyQxF2nYdRwhqUMxT99haWqLc5WMwCiu5Nu4EtfJUuAe8vbXSoecYGUXB1JUWSDLzinJ0650jB%2BkQR3Xok9W6ArRXH6g0bB6OslKZliC1Hhhxv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8d3b66b4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349502-7.jpg

104.27.205.87

200 OK

4.1 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349502-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.1 kB (4076 bytes)
Hash
c089f76599990095f6844f8ec5e64f9e
310f8202ee38a6e242f925d9079d782a6f8ec1dc
ab57cd520651a43f151e01a4b4566ddb3dd1a3eafdb0f560090cfb28bf707a27

HTTP Headers

GET /images/videothumbs/349502-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4076
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=16754
content-disposition: inline; filename="349502-7.webp"
etag: "5abae4a2-4172"
expires: Fri, 23 Dec 2022 20:53:30 GMT
last-modified: Wed, 28 Mar 2018 00:41:06 GMT
vary: Accept
cf-cache-status: HIT
age: 193941
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=II7%2FG263MDhzKcOy7eojSyZD8UJQLpoNWeVjFrZowWvMdCl%2Ba0c3V7cVlwDququJrlmsQYxlS2Mk1D6dWVV%2Fh4TAGgy4uBnoOLkeh3%2FK1sOCQPzNHYaNyuPw7guf%2BQ%2F%2FWqDI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08aab4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/531090-9.jpg

104.27.205.87

200 OK

3.4 kB

URL HTTP/2
static.thisav.com/images/videothumbs/531090-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.4 kB (3392 bytes)
Hash
2e637b740896523a024fa09e8baec279
60aa934643949a99bc94b77c1d790adfd922fc7e
34c05cc9f8b7b56f89aaf27e42e5d2672f47ba6dc2539c7d46d40f24007ac6ba

HTTP Headers

GET /images/videothumbs/531090-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3392
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=15467
content-disposition: inline; filename="531090-9.webp"
etag: "5f928c6b-3c6b"
expires: Thu, 22 Dec 2022 00:35:45 GMT
last-modified: Fri, 23 Oct 2020 07:55:23 GMT
vary: Accept
cf-cache-status: HIT
age: 353407
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvoLxuW628FzzlqcmdkNHzSBiwI7g%2FKo5JD%2BidTMSe7o2KnNe42QiBJotT4wAHHGtGdJAkjt7VcCg8D4wo8HiHXkFglJClRxbG2HQEpOH8jQQgkFivg%2BqdLr5%2Bnvfd1LYjfb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08b1b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/531090-3.jpg

104.27.205.87

200 OK

3.8 kB

URL HTTP/2
static.thisav.com/images/videothumbs/531090-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.8 kB (3762 bytes)
Hash
b07a408c07850feb9d04d208f02fe525
3ca6c282f3bdd9ca104c22b648729bd08e1ebe43
aef46edb7712fb1d1cbf51eb0f611e747cb89b212a31bc621fe84b0fc895b15f

HTTP Headers

GET /images/videothumbs/531090-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3762
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=16235
content-disposition: inline; filename="531090-3.webp"
etag: "5f928bb2-3f6b"
expires: Sun, 25 Dec 2022 16:58:45 GMT
last-modified: Fri, 23 Oct 2020 07:52:18 GMT
vary: Accept
cf-cache-status: HIT
age: 35226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80s7I05Snx1mqVdQsONU3hHdVFL6fsnp2K9NWVUOIEfbAk16wN00KoaScSy6%2FjpdTrkcUSU4rQfouYeaIcHqKXLZCisYHIRgT6oSwj6d4DvcVdSXPvngKXlgI2ufg5N44VZI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08afb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349500-9.jpg

104.27.205.87

200 OK

4.2 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349500-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.2 kB (4162 bytes)
Hash
76185457b0332e15525a84f7cf326824
5c082fda3440d103897e057e471378c0604326ce
097a25200e91fb5e6b48e3eb7017838ec91d2fa30b06c706131eeb023bcdfaaf

HTTP Headers

GET /images/videothumbs/349500-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4162
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=17025
content-disposition: inline; filename="349500-9.webp"
etag: "5aba9c20-4281"
expires: Fri, 23 Dec 2022 23:26:10 GMT
last-modified: Tue, 27 Mar 2018 19:31:44 GMT
vary: Accept
cf-cache-status: HIT
age: 184781
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awBBPmSgQ9HUr8MWLoj4rvwXMFeyVevaH1al3Ew%2BanlG8enJjC%2B2qpcnAg58VQLYGR2Q8jul%2FGj4u5ddujK23y47tU6ysXrnwyXVZVUJ3oWVcZywqFcXdKgfNnbAUHaiW3Wo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d089db4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/531090-7.jpg

104.27.205.87

200 OK

4.2 kB

URL HTTP/2
static.thisav.com/images/videothumbs/531090-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.2 kB (4166 bytes)
Hash
3b7b2777f6c8432d5d48cfb9c5aea36d
f691bcce27e1b234f041ff16720888c6d7df46e8
e7a62f0dcbd5fa8ae5ae427c4d85d8fe19abbf008c8b6d75770ce0a82c2d7e4e

HTTP Headers

GET /images/videothumbs/531090-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4166
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=17194
content-disposition: inline; filename="531090-7.webp"
etag: "5f928c1a-432a"
expires: Thu, 22 Dec 2022 00:35:45 GMT
last-modified: Fri, 23 Oct 2020 07:54:02 GMT
vary: Accept
cf-cache-status: HIT
age: 353407
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZM6XtylULMlH23WZGNW9bgjSJf%2BE33S6pFD7SoMvvkSw6MQxXZoROgrbFMknzVYSfLsqkqO184j1fUoWZeaCuQ2TmCUpWP8af1WXPwUV0x%2BY6ETDkkDJG6rN%2BKjIKdt5If51"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08b0b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/533560-5.jpg

104.27.205.87

200 OK

4.1 kB

URL HTTP/2
static.thisav.com/images/videothumbs/533560-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.1 kB (4136 bytes)
Hash
316bfcac61192ea97467a53438ccb529
2a0c5630eabe0d1cefda11978c68b27ddf8c9b0f
544708db6798c8f2ca841ba9d89b1bdb788a40c8adfa405a02a26660d3b86a5d

HTTP Headers

GET /images/videothumbs/533560-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4136
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=17304
content-disposition: inline; filename="533560-5.webp"
etag: "5faba4cb-4398"
expires: Thu, 22 Dec 2022 00:35:44 GMT
last-modified: Wed, 11 Nov 2020 08:46:03 GMT
vary: Accept
cf-cache-status: HIT
age: 353408
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvgGY3f0LV3bGyIOATgqL4AhoBEvp0Oub7TQV%2BuXqUd0k6NDFvkkOUsTre8GtjNRS1eqv6E9NoZ0H%2FdngJlKd4A63%2BTcTNsf%2B2ix9UeAYWmesAX2iZgC0oWDhJDFsYx2u7de"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08b5b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/533560-1.jpg

104.27.205.87

200 OK

4.1 kB

URL HTTP/2
static.thisav.com/images/videothumbs/533560-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.1 kB (4136 bytes)
Hash
fd6f04abcc73cf8d86d163ac58eb5fc3
198fe00241c6f6026a6488fbd62133ab7c53fdd2
74d460b218cd67ce492d8922400cadb251bbcfe802a87521baef8b66557bf4d2

HTTP Headers

GET /images/videothumbs/533560-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4136
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=17171
content-disposition: inline; filename="533560-1.webp"
etag: "5faba48b-4313"
expires: Sat, 24 Dec 2022 14:48:39 GMT
last-modified: Wed, 11 Nov 2020 08:44:59 GMT
vary: Accept
cf-cache-status: HIT
age: 129432
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9p9sl3tQM0%2FmNy1PwCMEyWd37d6EWIApWQKcIXwenPOV3KzZKqo5cw8rHDdjnSvZhuNHs8dqTFUq4Cx07tJxNTuPkoLxlPeF5%2FmDChZ5envTEhmqXouqEkX%2F9PD%2BmiPW7iI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08b2b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/451922-7.jpg

104.27.205.87

200 OK

3.7 kB

URL HTTP/2
static.thisav.com/images/videothumbs/451922-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.7 kB (3740 bytes)
Hash
7a1ba1c8089cd20d800438da48949363
ef9b2a59911fcb4bbbbb71e4026aaa65a2098ab2
f90cc251d30c6f66df14279cfd71a59e9ec60c7e0718aa4582ac573440b346d9

HTTP Headers

GET /images/videothumbs/451922-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3740
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=17167
content-disposition: inline; filename="451922-7.webp"
etag: "5db261a9-430f"
expires: Mon, 26 Dec 2022 02:37:19 GMT
last-modified: Fri, 25 Oct 2019 02:44:57 GMT
vary: Accept
cf-cache-status: HIT
age: 512
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPY4o45A%2BCtI45nwBzG7%2F0q6wPCBX%2F9X2l4x5o8FW27wiJ1hPLNKPCwU17hgSV1Je%2BUeHW45%2BacOEwVGZV5o4bqjprVCJ5KX4XiznTZinjYC7LC7g0ZBDIQvXNqHT79xLSbo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08a1b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/531090-1.jpg

104.27.205.87

200 OK

3.5 kB

URL HTTP/2
static.thisav.com/images/videothumbs/531090-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.5 kB (3466 bytes)
Hash
7f3120e50a311caac6b870aa85cd395b
deafe678f41f8b452a76b6b764b71a5c5394c944
8af14e93a61aad45463a5c815c815538e7394c68c409ca21e4e55610df1464e9

HTTP Headers

GET /images/videothumbs/531090-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3466
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=15591
content-disposition: inline; filename="531090-1.webp"
etag: "5f928b9a-3ce7"
expires: Fri, 23 Dec 2022 10:27:34 GMT
last-modified: Fri, 23 Oct 2020 07:51:54 GMT
vary: Accept
cf-cache-status: HIT
age: 231497
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCfCkwgmXOjdUN9zUAhD3Bpnp5nE%2Fd4fZpdhtYostGpXI53ZeqjWJq%2BpcarWedpUAXZdl8SU26FzOznJScjYN6IDrUru%2BDkOSoeCNtDgdwXYmv%2BvOPCseYQlh9EoDrViT04R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08adb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/451922-9.jpg

104.27.205.87

200 OK

5.5 kB

URL HTTP/2
static.thisav.com/images/videothumbs/451922-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x120, components 3\012- data
Size
5.5 kB (5524 bytes)
Hash
7a2867b982bebafc0792f6d8b2061288
ce90031640e4081d5080947b80c40f58a2b084e7
5c7274a60cfd107cc55a9b29076074442b1c3d529cf1cd54158ebf014ddab4fd

HTTP Headers

GET /images/videothumbs/451922-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/jpeg
content-length: 5524
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=20994, status=webp_bigger
etag: "5db26880-5202"
expires: Mon, 26 Dec 2022 02:37:19 GMT
last-modified: Fri, 25 Oct 2019 03:14:08 GMT
cf-cache-status: HIT
age: 512
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFcUGiRDm16bPnMdW%2FPz%2FniD6LFRpQAib%2FQQZ5z1yns4tWR8ABK9noLwiev6J1edJ8%2B3eaIdBn43QP%2BmzmoqRTMAQfoJqAzi5vEb25cwLeuPTK0s4snFPJxrMvuaeamG7KMR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d8d08a2b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/452978-5.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/452978-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/452978-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/452978-5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pf1EWHNvwLVans3dm5y6irCCPT2PQVWU9NhFu1bZa0P3vHFTM47NPoe%2By%2BkA%2FxGXh6T285Rj2kUQ9WaUaQXimbmdrboaQXvoo%2Fe7UQDUow2RUbJT5vo5a1rGT8FjYaixDrZK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8d4abbb51e-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/495172-7.jpg

104.27.205.87

200 OK

4.0 kB

URL HTTP/2
static.thisav.com/images/videothumbs/495172-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.0 kB (3964 bytes)
Hash
394a9a5f2f91180b86616f9e5a16b802
cce1e6334596c57624afe97f73c10a1d82ea27a0
cfef6297cd41ffeab2c12d15cac40c77302d3051693164ac16fb514840187c3e

HTTP Headers

GET /images/videothumbs/495172-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3964
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=16393
content-disposition: inline; filename="495172-7.webp"
etag: "5ea043c3-4009"
expires: Mon, 19 Dec 2022 15:15:42 GMT
last-modified: Wed, 22 Apr 2020 13:16:51 GMT
vary: Accept
cf-cache-status: HIT
age: 559811
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQkqy4HTDLOye%2Fy8ZfSsAShXXfB80PV%2Fu4rJLcxkZpYN%2BmMuf91%2F0ZjhEPvmJIRmciPxi1GHT6WhjfxmG64Dm1c8ofqtW0bIXft%2FSKyQbbejsNIRjLRGm2W06%2B3mK0PayLro"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08a6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349508-5.jpg

104.27.205.87

200 OK

2.9 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349508-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.9 kB (2890 bytes)
Hash
f78b1609322014d464cd932735ae4b38
d9c432f2f19362bbf592c4c779d200b9ad72a54e
e6300b47c6a33a6b8754c81b2c80b6ab25de9e0fdb4b41cd5f3ea87157be2fc8

HTTP Headers

GET /images/videothumbs/349508-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2890
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14244
content-disposition: inline; filename="349508-5.webp"
etag: "5abaf660-37a4"
expires: Fri, 23 Dec 2022 23:26:10 GMT
last-modified: Wed, 28 Mar 2018 01:56:48 GMT
vary: Accept
cf-cache-status: HIT
age: 184781
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IE%2BY48rAcQXp00pAlS5qaRie3Kwl7zbSSOVHGb%2ByMVQjrZNzM7vWgifgil5dQoUSDgEQ9oWnKK6pxakxq9Tebvbq9NWAk6munjzMVrT%2BiTHiyBHGFQap%2Bru47H5j5wNc09Dp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d0897b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/451922-5.jpg

104.27.205.87

200 OK

5.4 kB

URL HTTP/2
static.thisav.com/images/videothumbs/451922-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x120, components 3\012- data
Size
5.4 kB (5446 bytes)
Hash
8ae678013c01353ab77969de3bea8fde
cc44d3dedefa0e83bc7182df01a1cf8c34f5fa43
64c178f60139e43c9e220e4bc43ab1a123c9b9d205a14800334251b9da52f4b5

HTTP Headers

GET /images/videothumbs/451922-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/jpeg
content-length: 5446
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=20694, status=webp_bigger
etag: "5db25c2e-50d6"
expires: Mon, 26 Dec 2022 02:37:18 GMT
last-modified: Fri, 25 Oct 2019 02:21:34 GMT
cf-cache-status: HIT
age: 513
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFqH6QIBgLZwOe9quKGzNnDWad5Z14bGuctqPv7L2ygZwVixLKbS4TLPVBgY4sIEt4kxlPc25zg2z3deftIZzK1kIUyC%2BCxL6QZiyuZdLHSyXuK51yhCfWFhYnwYh%2BMQwDGb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d8d089fb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/495172-5.jpg

104.27.205.87

200 OK

4.8 kB

URL HTTP/2
static.thisav.com/images/videothumbs/495172-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.8 kB (4762 bytes)
Hash
91889ddc5891cca7396e4b60e6521e2a
e618a74920fc8dbb8af5ea5b105ca8c2978e5fd2
f37a758466828796f01938370b401e6cec406dce9ca6d11aed9df5299138ee7d

HTTP Headers

GET /images/videothumbs/495172-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4762
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=18553
content-disposition: inline; filename="495172-5.webp"
etag: "5ea0402b-4879"
expires: Mon, 19 Dec 2022 15:15:42 GMT
last-modified: Wed, 22 Apr 2020 13:01:31 GMT
vary: Accept
cf-cache-status: HIT
age: 559811
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49ATteiBgNwwNjSD%2FJjmtM%2Bt8hTfosDun9uN4pqjtcNcA7rRdaiFKmFbBuoqs9N1%2FM25YtWLINom61aw6B5DrMSWIiPLd9guwq0rLxwVUbgy1FEU91MXkt2fBL%2BpBnec9Z6T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08a5b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/533560-7.jpg

104.27.205.87

200 OK

4.2 kB

URL HTTP/2
static.thisav.com/images/videothumbs/533560-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.2 kB (4224 bytes)
Hash
4845094d6d40eb84049f758f9f449b2d
636a01c68a00d00800245f58f7b37268c9679478
cd267c351d8d8704d11345f24bc69b2056615ee5a2093c2203e7bdb68953b873

HTTP Headers

GET /images/videothumbs/533560-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4224
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=17529
content-disposition: inline; filename="533560-7.webp"
etag: "5faba506-4479"
expires: Thu, 22 Dec 2022 00:35:44 GMT
last-modified: Wed, 11 Nov 2020 08:47:02 GMT
vary: Accept
cf-cache-status: HIT
age: 353408
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0OSEBoqpj30l1Hyze6EN7d2hm0aX4GRBuZZrhiaiGau99PgvsHk9i0uNrKUrQFsnBx6h37c1QNWYtEGyyfK7mkxr8hI8BybDBMB2R1NGLZaJGWAgM6xi4VB51nQp4RR13us"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08b6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/495172-9.jpg

104.27.205.87

200 OK

3.0 kB

URL HTTP/2
static.thisav.com/images/videothumbs/495172-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.0 kB (2982 bytes)
Hash
3f235e51dc24b3482b938bdb7dc80a93
5b67a2079472b5771c076140d591af53efaff99f
9ebaf3c677102bdd6b4e6cf68056800157748d24b204f48c0fb9b36d469e1ace

HTTP Headers

GET /images/videothumbs/495172-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2982
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=15040
content-disposition: inline; filename="495172-9.webp"
etag: "5ea04735-3ac0"
expires: Sat, 24 Dec 2022 04:33:45 GMT
last-modified: Wed, 22 Apr 2020 13:31:33 GMT
vary: Accept
cf-cache-status: HIT
age: 166326
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGTTQWwuXiB5KaDE0oCFKiYb4Zir3fNawD%2F0BwV4lse9MY8c3mhVU0%2B7YtziKSSbwv8U1KEXBhBgrj7qebsXUHZvT6DW8eNOxHI3G6UOAgtvwfQaCPdAIOm8PWpclzLUbyu9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08a7b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349502-1.jpg

104.27.205.87

200 OK

3.7 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349502-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x120, components 3\012- data
Size
3.7 kB (3697 bytes)
Hash
6beaaa23adc64dd7c662bcb51add09ca
8b1c11f234b356f43fefe46e1e82a0abd1cf1a92
402175a9901a516f27839142046da6a03c28cdbc4af363ea72133f683213f2f2

HTTP Headers

GET /images/videothumbs/349502-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/jpeg
content-length: 3697
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=15600, status=webp_bigger
etag: "5abae302-3cf0"
expires: Fri, 23 Dec 2022 00:50:45 GMT
last-modified: Wed, 28 Mar 2018 00:34:10 GMT
cf-cache-status: HIT
age: 266107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6layH8lf6Vc0o0ju7Hs823sb4ncgLuK%2BgnmutfZsGVAw%2BhwOEl2IeMKKGOSdCHa3Ak3YhTSFe2WQNQGS42li2fGJo3cZBtdFCfA0JCiCXDdgqvoI9J0JHVS4KsbmnAlFrsW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d8d08a8b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/495172-3.jpg

104.27.205.87

200 OK

3.0 kB

URL HTTP/2
static.thisav.com/images/videothumbs/495172-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.0 kB (2962 bytes)
Hash
9ed5284229ec767ea7a132954426cbcf
6fd8ff93ddade216bacc728a1747d2b5dcb3eac5
6fda399aac3c5b25e66c9cd7602bc8970835d515142ab5f61e28224418512c27

HTTP Headers

GET /images/videothumbs/495172-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2962
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14536
content-disposition: inline; filename="495172-3.webp"
etag: "5ea03cf3-38c8"
expires: Mon, 19 Dec 2022 15:15:41 GMT
last-modified: Wed, 22 Apr 2020 12:47:47 GMT
vary: Accept
cf-cache-status: HIT
age: 559811
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2B8NBnjYHvV6gzdN2uEz0Gzyo7RbN0xLGYxYeTQazN90U0ygaN2gqKcFDB6AYQj9waSByStV2kCXqlscBPw6Z9EH%2F83TxLOntFMV7DqnEyxp%2BGUxHWQoyGrg9jzVquFbWgqi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08a4b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349502-3.jpg

104.27.205.87

200 OK

3.5 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349502-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.5 kB (3502 bytes)
Hash
646a5de9dc9f787ae2ad01590fe3ae13
2937f3e7098ab7260e3aae82798412b34b4edddf
f6c0a4d059a20e8d6c6b20febaf6591da33d5d938a0730a0e5b15071c1e598af

HTTP Headers

GET /images/videothumbs/349502-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3502
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=15732
content-disposition: inline; filename="349502-3.webp"
etag: "5abae34b-3d74"
expires: Thu, 22 Dec 2022 19:40:36 GMT
last-modified: Wed, 28 Mar 2018 00:35:23 GMT
vary: Accept
cf-cache-status: HIT
age: 284716
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okgRhlLzqCTHC12fSd85k8yaSuy93Bh1n7seRvmxuzUrGa2LkuBvm8nyE%2Bv0siQe28BrfPaIE33VxmltNFLz1dy6kFIUXU9lg%2FWXiqvADReAR1TznWyv29yhvNSndRtFu9hQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08a9b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/533560-3.jpg

104.27.205.87

200 OK

4.2 kB

URL HTTP/2
static.thisav.com/images/videothumbs/533560-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.2 kB (4182 bytes)
Hash
cfe2636be2f21f319fae95ddb9854979
a9a71cc7eb820985299e6fc5846eadafafd8c793
4cfd847256c7d360cd4a5bdc8bc7153cd01760509c734b1ae54f79ee20ef2afb

HTTP Headers

GET /images/videothumbs/533560-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4182
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=17278
content-disposition: inline; filename="533560-3.webp"
etag: "5faba4a2-437e"
expires: Thu, 22 Dec 2022 00:35:44 GMT
last-modified: Wed, 11 Nov 2020 08:45:22 GMT
vary: Accept
cf-cache-status: HIT
age: 353408
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FxyXNlVkDyIYteZKh3oUnuIK0%2F8wRtxbBf114IoPD%2FhW6XMswhR6EO1v9zxqNxT2CodEJqWBg2laF02cqWYZsaGiJjsb3cUs%2Ba%2Bg1XzHnMdVpFV9wVjAlOGE0CyTuuHrMmu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08b4b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/533560-9.jpg

104.27.205.87

200 OK

4.3 kB

URL HTTP/2
static.thisav.com/images/videothumbs/533560-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.3 kB (4316 bytes)
Hash
e459486a99b8a312528390e9f5aead8d
cae50e624a471840c36917b7bb618f8a4c479646
a892e8917d3e3acdb2e1bb589e410ae8f63bb2e20ac0e9ac9a8aa780c345456d

HTTP Headers

GET /images/videothumbs/533560-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4316
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=17674
content-disposition: inline; filename="533560-9.webp"
etag: "5faba553-450a"
expires: Fri, 23 Dec 2022 10:27:34 GMT
last-modified: Wed, 11 Nov 2020 08:48:19 GMT
vary: Accept
cf-cache-status: HIT
age: 231498
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hJPuUIor5Ye0mQOubfk47e9N74x7xq7XjkJUj%2BgwJ8Ge7ygjCTmJGDLsYNVlokU6Uh4vmUjIG01NxIvmbVP9owMKfSzbwvNAW7icL8XuQLMzSVhUy4W1iIqNXJM7CGU4o6V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d08b7b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

jp.xero.porn/favicon.ico

172.67.218.79

200 OK

3.5 kB

URL HTTP/2
jp.xero.porn/favicon.ico
IP
172.67.218.79:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
3.5 kB (3513 bytes)
Hash
67d53b1459e4c18f084a658629b33d6f
8fd983fb0bf9e9c4129715cd6311168f97f9514a
78f870d146a79ccbb2b5dd7e25da75d0d3e3b04dff51fead737f5636d6e72ad7

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jp.xero.porn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:02 GMT
content-type: image/x-icon
last-modified: Mon, 18 Jan 2021 19:43:24 GMT
etag: W/"6005e4dc-3aee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 49077207
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YISIG7elEgFf54RdB%2F9OmxXc3TJneGpxAQTHUpEII9tS5Zw8dvnfcq8OmPstGQVVLGezcXC4tF6rE%2FwM49Vaqrw4kYhhBNAUmjnMlQUhuYY8S9lmJX1D9WDWniIQsvE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d88fbc60b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/452978-9.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/452978-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/452978-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/452978-9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A5krq70eZAuydbT6yin3cV7GR3fzddKP64WYUx8GJ%2Fg%2B%2Fcr8JgPu5Mn%2B52BgmNYDN6%2B9kCS2V1AcIRQGxK%2FhL5Wcxz6bLmCz5JRtFQ9iMHL5UzndqSXWR696RoXo28LvtKb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8d5aebb500-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349508-1.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349508-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349508-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349508-1.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hs8uHQGItpx%2BvHSna7kik1AGeCZlolk9sEo5Q2fz7A4LcqPmC8mHmJkhVNzB6Fx53JsOQRFhWMVcn3A8q7F8jBhI2GvOwl9oqz%2FdgaaHxmV%2BeYdVp167hPvzPbTOpwu6C2PE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8d7832b4f4-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349508-3.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349508-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349508-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349508-3.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiXE3dAX%2F6o1D%2BaiXXaPfHXaBJsThMNzgbD3%2BHgQX6JI1S6NOc3Gvvpy04gwvpMRmyoqX9Gufd3MWAWUlZHF55VVcNSVgnyFYxFUX%2FszgMcrtJZDsRW9GQRprzX5qNH4TbMn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8d8b88b4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/452978-1.jpg

104.27.205.87

200 OK

2.4 kB

URL HTTP/2
static.thisav.com/images/videothumbs/452978-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.4 kB (2444 bytes)
Hash
d66d2a0f7ee24c8d84c592bf66fbd944
aa0d5a2a59a399682013b916f0f6741e6dea3bbe
50649909aa7f9fe3717720e3dfb76e13e272183d5d668fda00b43b6ae0953806

HTTP Headers

GET /images/videothumbs/452978-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2444
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13409
content-disposition: inline; filename="452978-1.webp"
etag: "5db8d57c-3461"
expires: Fri, 23 Dec 2022 23:28:45 GMT
last-modified: Wed, 30 Oct 2019 00:12:44 GMT
vary: Accept
cf-cache-status: HIT
age: 184626
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIawwlkq6WBubnx04IdDPoWoxIllQ4m7eBPWxGfEbm4OgbUK1dnYUn48Ps37dYjMlCUEfdYlNZsS%2FRM7cRO%2Ftfrm135Q7A4UzB2FTj3oEC2g1DbC1g7uscoggI%2BW8cRDr0f5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d88eab4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/452978-3.jpg

104.27.205.87

200 OK

2.5 kB

URL HTTP/2
static.thisav.com/images/videothumbs/452978-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.5 kB (2546 bytes)
Hash
4411654ef0f3f628960623785076f6a4
0bb968a1708eca892f3caf3818a80998b9c3622b
d8b94bc7de5574ad1a530260078af7bb3ee377070851e8844082835598e53ee3

HTTP Headers

GET /images/videothumbs/452978-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2546
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14073
content-disposition: inline; filename="452978-3.webp"
etag: "5db8d603-36f9"
expires: Sat, 24 Dec 2022 18:31:00 GMT
last-modified: Wed, 30 Oct 2019 00:14:59 GMT
vary: Accept
cf-cache-status: HIT
age: 116092
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k51lMbgi7PrsuSa3%2F4uZGCS5oe6ftEAFhp%2BlwkIcCjeJGjaStxv17VKsb6W70DIbYV2kUB%2B5qey9HoKjlj7eezWXLL01iCsFaqtRXhmbUP%2F%2FYCN8DO8jDeGGPXAQiThyY1xP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d88ebb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/452978-5.jpg

104.27.205.87

200 OK

2.6 kB

URL HTTP/2
static.thisav.com/images/videothumbs/452978-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.6 kB (2574 bytes)
Hash
f448e85cee28207408ca4535ad56220a
96173164ff2b448de3bef1412f98d9f67e6a8c34
88591facdfd0e160dd28d8c6b36e6bacbafc2ae298a4c63411f9f49572a77d85

HTTP Headers

GET /images/videothumbs/452978-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2574
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14268
content-disposition: inline; filename="452978-5.webp"
etag: "5db8d6ef-37bc"
expires: Fri, 23 Dec 2022 23:28:45 GMT
last-modified: Wed, 30 Oct 2019 00:18:55 GMT
vary: Accept
cf-cache-status: HIT
age: 184626
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJy56C%2F48UdNE6qR9uuV2XmK2QuZ0hl8MO5v9hjGx3EBspWsyBckJY6FTEnLJHqTA2Aquvj0hHjDLIv7%2BTbKC%2FiwFec67L9Mt3N0953A17Vjk37ezSwBqr4BAgq5r9oMVSYN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8d88eeb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349508-7.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349508-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349508-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349508-7.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61%2FvYGkGnbKG2u7P3IvhLj34amqKegNuDji96M10qInb6HBFz3WdfH32ohCkILZ%2FgPXaSI4usRpshz3GZe6bYutkPT29qiZZC3T05QaIsGd7IWai7p05QkyvMHrnI%2B2%2FaNTd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8daafbb51e-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349508-1.jpg

104.27.205.87

200 OK

4.3 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349508-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.3 kB (4326 bytes)
Hash
d19f9ebec5ebeb1a116e96057fc35928
a58e4c984bb2490c30edc28240b5a2d0d82b67db
91ab94196ab0b7c92f83457b590e04fd68f63b99b7561e5dcf6fce966bf9ffd7

HTTP Headers

GET /images/videothumbs/349508-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 4326
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=17278
content-disposition: inline; filename="349508-1.webp"
etag: "5abaf4f7-437e"
expires: Fri, 23 Dec 2022 19:09:33 GMT
last-modified: Wed, 28 Mar 2018 01:50:47 GMT
vary: Accept
cf-cache-status: HIT
age: 200178
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mluVdkWSqC6YcR25Hpa%2BLYHjOv6xBPvjnHrmCtf4aAXu5FEeAwL1EwilO2FuFbGs82%2F829zxRsuPyBwW%2BBl8n1SioIx%2BCKL64iPC6GWLqkGVTTaQRz79MoDcoPb52%2F5okrqq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8da8f7b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/452978-9.jpg

104.27.205.87

200 OK

2.8 kB

URL HTTP/2
static.thisav.com/images/videothumbs/452978-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.8 kB (2782 bytes)
Hash
23d3c1601766956d8385132c876a1c4a
74d829f78a962ba2f6dd04ba9b505dff55950010
c173dcec840c4b0fd9a37e78cdcb87d1b3bafbe05dd682b2fee70a6504893aa7

HTTP Headers

GET /images/videothumbs/452978-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2782
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14722
content-disposition: inline; filename="452978-9.webp"
etag: "5db8d9e1-3982"
expires: Sat, 24 Dec 2022 18:31:00 GMT
last-modified: Wed, 30 Oct 2019 00:31:29 GMT
vary: Accept
cf-cache-status: HIT
age: 116092
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lj8n2tj46hFkRtZrHIlP2T66tfuuv0T2nDazf9oixy8Ik32XLZguntvZ3BiRSSUnl%2FohL4UsB16viiob1UCoXiJPhiQ6%2Bhz7F0QeCpvn95vVguwiS2IgS5Dc2edwvolws1y%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8da8f6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/452978-7.jpg

104.27.205.87

200 OK

2.6 kB

URL HTTP/2
static.thisav.com/images/videothumbs/452978-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.6 kB (2600 bytes)
Hash
6108ba106a111f586896f0fe38b61828
61232e56e35699eb0b44a8ef6ad6de9af1469b80
5706212fd5df462c357580ae6cce435a588ed078756411b8cc8298afccbcbe74

HTTP Headers

GET /images/videothumbs/452978-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2600
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14201
content-disposition: inline; filename="452978-7.webp"
etag: "5db8d83e-3779"
expires: Fri, 23 Dec 2022 23:28:45 GMT
last-modified: Wed, 30 Oct 2019 00:24:30 GMT
vary: Accept
cf-cache-status: HIT
age: 184626
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3%2FtQAwu7Nvx0MNTdLt%2BUx4new7caCi7iO7rBT4t4uq6NGmbh5ELTI4GME%2BuhGIXXbuwOYqWHu2HJLl8TNpdDnKpKEKttn21vl64dyW9BycCBTqzngMz7da9rgyNGz4usMZx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8da8f5b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349508-3.jpg

104.27.205.87

200 OK

3.3 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349508-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.3 kB (3328 bytes)
Hash
f690ea6b520aa81f3164519cd5873da2
832b4fda229b8e3e29767dbf887ca62f3845b3bf
a7e30d8245a73c62c5d813fb6e70d899c1fc741c8825c16936db2d737108470f

HTTP Headers

GET /images/videothumbs/349508-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3328
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14233
content-disposition: inline; filename="349508-3.webp"
etag: "5abaf57a-3799"
expires: Fri, 23 Dec 2022 23:26:10 GMT
last-modified: Wed, 28 Mar 2018 01:52:58 GMT
vary: Accept
cf-cache-status: HIT
age: 184781
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFpv5txQwPVTWOzfTTsJe%2BUlmoLrkbx9FOBlZsoJ2FfjhJUGuzMlOPuDqQxwflxPB7IoqgD%2B3CZ2%2FllRLf8Vy5yRzyF5Ea0spev5VFX8kWwMkUzyuqLd02Gsi%2FvIVyFj2Kxr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8da8f8b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349508-9.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349508-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349508-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349508-9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGE7wezbM0n3Erp94ZDNsPLxR51PY1eSznNXyGRNsGi91706VSpU1UwgKKBa2LV0XHfeMqR1gqRvQuOYIxPZZHx70AVmkxbFg7CkGQRuZVRyDzbXvSqjq4hk3pwPkoTIbZfs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8dbb98b4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349503-3.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349503-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349503-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349503-3.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXzIo7iml46zqNdv9p7RrCsErJLwWWye3Pbj3fbL1bcxHNnk50EAVgkdF9W7A50d0mUBVrJAYwwr4wrKugEYRfgU12joRkXQAtM9zVUBHtTCnHAsnEA85YOZ%2F9CNi618I%2BH5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8dcb12b500-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349508-7.jpg

104.27.205.87

200 OK

2.5 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349508-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.5 kB (2514 bytes)
Hash
993707ef95a6bab7ff7139996f908327
95233c1bc8ffa07359edec6324e10e525b04c08a
462c8b1732edb3b3cf8c369d7e865924a971a6cb247f754a9d5deac717098774

HTTP Headers

GET /images/videothumbs/349508-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2514
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13154
content-disposition: inline; filename="349508-7.webp"
etag: "5abaf79b-3362"
expires: Sat, 24 Dec 2022 18:31:00 GMT
last-modified: Wed, 28 Mar 2018 02:02:03 GMT
vary: Accept
cf-cache-status: HIT
age: 116091
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lesj0hAPFeoTm%2Bg%2BUc0yOpOipGurFW2kM1rSEK0nx1Q3ofGrzewx5IB5f0j6pwcjylCNJ10YXUHHWdF3%2BshGqvxxfeyBWk3XVTFBbxEURWALejDASR%2FUthcTlvgL0f8UcNq0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8db900b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349503-5.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349503-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349503-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349503-5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A45tvj57aW42gooVhQw%2BwCFtnvElcOKa8avooJGJSgnhH0K0HHdmsAYrFs%2FVnQvzAqM%2B2fC1YBF2DuBbNn0k%2FFt%2BBhI18lEM6OC77kLO29f6IVzYnyERMVk7KxzNAaDKJ0Lb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8dd857b4f4-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349508-9.jpg

104.27.205.87

200 OK

2.7 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349508-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.7 kB (2722 bytes)
Hash
412b41fc09e591425646121d81f06492
cf003e5f041ca738da8a47ad7144ea00c4861555
4bf6bd305ee519cd60428ea6267c017ff43941920279fd7300bc2433a3688b65

HTTP Headers

GET /images/videothumbs/349508-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 2722
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13774
content-disposition: inline; filename="349508-9.webp"
etag: "5abaf92f-35ce"
expires: Fri, 23 Dec 2022 23:26:10 GMT
last-modified: Wed, 28 Mar 2018 02:08:47 GMT
vary: Accept
cf-cache-status: HIT
age: 184781
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVZSgpEOkN%2FaoHmj324iTdTxkx3rfXdxM311Hl%2FZbO9s66vIoikW7F9rEzvHQ3aMb3ViRNvXBdoniiOIOo6tYgBmFcg3VhSVU%2BW%2FpVDvOBla1lk3avrZvyO2uR8q8Z145HbD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8dd90bb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349503-7.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349503-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349503-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349503-7.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBxuIZDV588%2BttWbLjfmq0hsG%2BMbgmOOMy5YWt045BvEOb7tELPt5nnJe2nW5Ho7cEPMabTvsvJiPoeaHhTxGAMBMJSrCV16ReyvGp%2Fsm%2FREMxjzVdR88eEyNu0Ki1BnajVB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8debb1b4eb-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349503-3.jpg

104.27.205.87

200 OK

3.7 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349503-3.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.7 kB (3696 bytes)
Hash
d76b36fbc77a054e9929128377533b61
a47653817a2df267995c8faf2e452ef8f66bbc98
27715cdc0cb519d8818486d77309a89d341a3e293e5250d6823ab6e7bddd3378

HTTP Headers

GET /images/videothumbs/349503-3.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3696
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=15820
content-disposition: inline; filename="349503-3.webp"
etag: "5abaf2d6-3dcc"
expires: Sun, 25 Dec 2022 09:10:54 GMT
last-modified: Wed, 28 Mar 2018 01:41:42 GMT
vary: Accept
cf-cache-status: HIT
age: 63297
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUpMezfxj9fIlz%2F12GgYfLB6IvKePlczsxZJVO3p25%2FVrKbA8gZXvhesCrcHQNlSob1JKgjAEki%2B5fOGOI3opXsgteGD%2Bih7oTMGIYd9hDIbKzBCB1m8sdjVowsYoEyt24ps"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8de90eb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349503-5.jpg

104.27.205.87

200 OK

3.4 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349503-5.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.4 kB (3402 bytes)
Hash
bcbfb85da0848df9d8533986162109e5
959b2759d189a3e46d8104ef2da4ae50fce6d294
9d627e3d79789ffbb35f0b64c0fa6919e13fc7843787ba5694f505f5b3c38d0d

HTTP Headers

GET /images/videothumbs/349503-5.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3402
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=14527
content-disposition: inline; filename="349503-5.webp"
etag: "5abaf3aa-38bf"
expires: Thu, 22 Dec 2022 00:35:44 GMT
last-modified: Wed, 28 Mar 2018 01:45:14 GMT
vary: Accept
cf-cache-status: HIT
age: 353408
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yz9atHa12GK%2BEMyqH9oEfk%2BaMu1dBDa8AKBDtMOoxrz%2FFc73s5Z2NDecKoH0tCWWgWyE5lTvZIo%2Byx91ndqO1%2Bf9HMmP%2FhrQ6WonREMx0lQWxcVBMsYwPP5uAlAbaugyiTGx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8de912b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349503-9.jpg

104.27.205.87

301 Moved Permanently

0 B

URL HTTP/1.1
static.thisav.com/images/videothumbs/349503-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/349503-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:48:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 03:48:03 GMT
Location: https://static.thisav.com/images/videothumbs/349503-9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ES5JudKYeDO9%2FwH7keCIfSIeCxxkLvTvgovBk%2B%2F2eJJxPQIKAp3HhZjfiWww1ZdjL7fYJKceIR7GyT6LofzWkyEWy9TFMWnN7nWey9OYCmVGtA3r%2FlFHF8cILDFzTSZvF8R4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ff4d8e0b2bb51e-OSL
alt-svc: h2=":443"; ma=60

static.thisav.com/images/videothumbs/349503-7.jpg

104.27.205.87

200 OK

3.7 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349503-7.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.7 kB (3672 bytes)
Hash
7e61382cf4e6e06f50f2bfe34f7e9d6d
385863472ee3e9bc7d9e3650f51cc5f3091a4d80
1056bd19aba4ed4e8143fc1601dbbc7ae8718ecf49138479cd0ae55a99947042

HTTP Headers

GET /images/videothumbs/349503-7.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3672
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=16371
content-disposition: inline; filename="349503-7.webp"
etag: "5abaf4ee-3ff3"
expires: Sun, 25 Dec 2022 09:10:54 GMT
last-modified: Wed, 28 Mar 2018 01:50:38 GMT
vary: Accept
cf-cache-status: HIT
age: 63297
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Sl0SUBgfokX0wiYCsSZNfcq7kKncL8JGGuYbcxQULhU4bMNuxa3WS8eMrfbCUoIpaavohzMIFz1SelexB2Wb4aC%2B0YTF09BvtEh9xxH%2BSeXMHQel2m4VyrXkqA0OumDvbw6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8e091ab4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.thisav.com/images/videothumbs/349503-9.jpg

104.27.205.87

200 OK

3.2 kB

URL HTTP/2
static.thisav.com/images/videothumbs/349503-9.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.2 kB (3164 bytes)
Hash
4c46e5e9653a808f8c8a37f7621b17f9
234ebad86399a26010583435b01df70a4a93ee87
8ae4570a5374983771281105f586198a08f42c0efff26225be95706bbec3894b

HTTP Headers

GET /images/videothumbs/349503-9.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/webp
content-length: 3164
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=15394
content-disposition: inline; filename="349503-9.webp"
etag: "5abaf68a-3c22"
expires: Sun, 25 Dec 2022 09:10:54 GMT
last-modified: Wed, 28 Mar 2018 01:57:30 GMT
vary: Accept
cf-cache-status: HIT
age: 63297
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCYgO0919ulMP3TadW4EHh8PMX8c1kA%2FcirnFR2vmsklbsLEwB8BZti8Tb4H4eiHA9qDNnKMpfmWHZ2ePRYFoMdW2lvGxFrFHM49lGDBMTwhE41qeNmrQPI4LqDtkDFO1hWd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8e1922b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a6156ce3422802c5e367a4fa913a1de7
bc55b980c6feda45c38b00b1b08bedc585031e79
c7e0740a38112b6f34387191032d743a9626ea0fad25376b012fef97af14c924

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7E0740A38112B6F34387191032D743A9626EA0FAD25376B012FEF97AF14C924"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7461
Expires: Sat, 26 Nov 2022 04:52:24 GMT
Date: Sat, 26 Nov 2022 02:48:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
180909835f4e90ca0d1e206c3d219950
82d8303d370f9ee83e8bc62ab83fe0e5a368b4b2
33a9d5becc8dce4e9ac9229c75868ced7f42e984636d75342182dcbc597927a0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33A9D5BECC8DCE4E9AC9229C75868CED7F42E984636D75342182DCBC597927A0"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1222
Expires: Sat, 26 Nov 2022 03:08:25 GMT
Date: Sat, 26 Nov 2022 02:48:03 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
a7299757ae7ee301633eb26a19acb708
476423fe1e3bdb252ab9dc06a21d7647315516b4
ac654d407cc137c17b3f41292ef72139677bff4b87e65201e69d95d44b0a47ac

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:48:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 09:35:51 GMT
Expires: Thu, 01 Dec 2022 09:35:50 GMT
Etag: "476423fe1e3bdb252ab9dc06a21d7647315516b4"
Cache-Control: max-age=455866,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ff4d8e5f890b65-OSL

static.thisav.com/images/videothumbs/495172-1.jpg

104.27.205.87

200 OK

4.7 kB

URL HTTP/2
static.thisav.com/images/videothumbs/495172-1.jpg
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x120, components 3\012- data
Size
4.7 kB (4742 bytes)
Hash
8d3b2ec6997cc8d6df8c72374f4d8e2e
f4230a649eab409e4650075fcbd42dc75f0bc529
0f19424f7853bbf346be4f866a4f9247d2b831649be830641c38759a9282c6cf

HTTP Headers

GET /images/videothumbs/495172-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/jpeg
content-length: 4742
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=18948, status=webp_bigger
etag: "5ea03b2d-4a04"
expires: Mon, 19 Dec 2022 05:44:35 GMT
last-modified: Wed, 22 Apr 2020 12:40:13 GMT
cf-cache-status: HIT
age: 594078
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xewMvN%2FlmKbLrGtq7t5I2CqKwx0GwqJ1unhd%2BLDrZZfH01yN70%2BVSlOZYVVdhpU6TR%2BB8ig9okYhn%2Bp%2BihanKrcqO2QFOMc%2BCzfwhd0Wdv7LJEc51x6hyoYFbT7rmDHbCXG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d8eb97db4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
842ca016b0522596bb699fbbc70c1a3d
3bf0412a77f472e8cf8018c645e02e5cca1c6256
e85a66f3b551b1b261c4e764181f0e8ace9dfa9415c51bc4f308924e4eeb11e1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2209
Cache-Control: max-age=96566
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:03 GMT
Etag: "63804bf8-117"
Expires: Sun, 27 Nov 2022 05:37:29 GMT
Last-Modified: Fri, 25 Nov 2022 05:00:40 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 279

hpjav.com/favicon.ico

179.43.144.210

404 Not Found

694 B

URL HTTP/1.1
hpjav.com/favicon.ico
IP
179.43.144.210:0
ASN
#51852 Private Layer INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
694 B (694 bytes)
Hash
3308b391ee4ee11ccfad692ffb54ac1c
685334cf16e44fbf28c827318ddeef17e9a93b23
8f23f31d168ec673e54d05bf213bbab4a16fb2487d59c50e4e1ef93998dd68ac

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hpjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 26 Nov 2022 02:48:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"60f8dd32-563"
Content-Encoding: gzip

www.javbangers.com/favicon.ico

185.94.237.100

200 OK

850 B

URL HTTP/2
www.javbangers.com/favicon.ico
IP
185.94.237.100:0
ASN
#42567 Mojohost B.v.

File type
PNG image data, 49 x 49, 8-bit/color RGBA, non-interlaced\012- data
Size
850 B (850 bytes)
Hash
e6bf88bee6f01ccb4f616dc0b7e59028
bcba814e166ff6402d84d08e14917bcde0e77571
f5661cab3bafa42509e8f2e02c4800d1fbb9b323c489cdc710ab3ee1137a1256

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.javbangers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/x-icon
content-length: 850
last-modified: Mon, 16 Dec 2019 16:11:37 GMT
etag: "5df7acb9-352"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

javtube.net/favicon.ico

82.118.242.43

404 Not Found

696 B

URL HTTP/1.1
javtube.net/favicon.ico
IP
82.118.242.43:0
ASN
#201133 Verdina Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
696 B (696 bytes)
Hash
6d964a5afa6750e84a31baed875fb098
3b3a5bfbf42f5c453b0290f899ddf6dbead2e147
932df513bb0bc1159cec417249f3d6d4e9f94d79f85c918a6b9684573c651467

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: javtube.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 26 Nov 2022 02:48:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"5cb52f98-569"
Content-Encoding: gzip

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
5d66fc1c47bc8504a53ea6b75c0ef74b
a89ced7a9d470f3c91461135ffcdff3a41ba8cf4
23cf83061e26b0d5d63405dc5c0a4fe6f7e2073878a3e3cd57b052b7e3d429e6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "23CF83061E26B0D5D63405DC5C0A4FE6F7E2073878A3E3CD57B052B7E3D429E6"
Last-Modified: Thu, 24 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11587
Expires: Sat, 26 Nov 2022 06:01:10 GMT
Date: Sat, 26 Nov 2022 02:48:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e3af2cd1da4f6178d8734f043fa6876d
34a4a1fefbc8c64c98b5995c245a284f68112f67
b751b21ab4c10fb70b4dfc4813a6598d99b5578b1c263cddf6dd4679d75f671a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B751B21AB4C10FB70B4DFC4813A6598D99B5578B1C263CDDF6DD4679D75F671A"
Last-Modified: Fri, 25 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11309
Expires: Sat, 26 Nov 2022 05:56:32 GMT
Date: Sat, 26 Nov 2022 02:48:03 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
fbabe4d2d8a964d216e68b55b5232b4d
55211da97caf1007431b0765429253fafaee50cc
acd5046a814d5780fd699cbaa4c2ea923af8b433ce30519e9986a866c665beef

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 9
Cache-Control: max-age=162063
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:03 GMT
Etag: "63815469-117"
Expires: Sun, 27 Nov 2022 23:49:06 GMT
Last-Modified: Fri, 25 Nov 2022 23:48:57 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 279

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
489db019696739cc3be32ffd1960b980
2184d30bded7cb8a0207e196b2efd9e5321815b4
f39dcaa321daceb0c3816db92cbf3efb9f51cb57eae38e78de50eedb86bde473

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F39DCAA321DACEB0C3816DB92CBF3EFB9F51CB57EAE38E78DE50EEDB86BDE473"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3486
Expires: Sat, 26 Nov 2022 03:46:09 GMT
Date: Sat, 26 Nov 2022 02:48:03 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
55b4ecff2a4452812b61591d2432a7b2
0cfb70d53f6b25d6ef50fbfcab04ba0795331bc7
8ca571951fe8e951d0ec37e237926d8af862bc25cb58b869a539c08249c63d24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6119
Cache-Control: max-age=163477
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:03 GMT
Etag: "63814211-116"
Expires: Mon, 28 Nov 2022 00:12:40 GMT
Last-Modified: Fri, 25 Nov 2022 22:30:41 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
55b4ecff2a4452812b61591d2432a7b2
0cfb70d53f6b25d6ef50fbfcab04ba0795331bc7
8ca571951fe8e951d0ec37e237926d8af862bc25cb58b869a539c08249c63d24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2444
Cache-Control: max-age=159802
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:03 GMT
Etag: "63814211-116"
Expires: Sun, 27 Nov 2022 23:11:25 GMT
Last-Modified: Fri, 25 Nov 2022 22:30:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
842ca016b0522596bb699fbbc70c1a3d
3bf0412a77f472e8cf8018c645e02e5cca1c6256
e85a66f3b551b1b261c4e764181f0e8ace9dfa9415c51bc4f308924e4eeb11e1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2209
Cache-Control: max-age=96566
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:03 GMT
Etag: "63804bf8-117"
Expires: Sun, 27 Nov 2022 05:37:29 GMT
Last-Modified: Fri, 25 Nov 2022 05:00:40 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
fbabe4d2d8a964d216e68b55b5232b4d
55211da97caf1007431b0765429253fafaee50cc
acd5046a814d5780fd699cbaa4c2ea923af8b433ce30519e9986a866c665beef

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 9
Cache-Control: max-age=162063
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:03 GMT
Etag: "63815469-117"
Expires: Sun, 27 Nov 2022 23:49:06 GMT
Last-Modified: Fri, 25 Nov 2022 23:48:57 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1ec02351accffd477b8ccfaf186603a1
da9d44c1d7708019c88b7dd6c719367676b60f1b
cb98c85b5c36e6bdb3949ae9452436d2e7810bf36736ef5e126e10ddc81b47d2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:03 GMT
Etag: "63803b0f-116"
Server: ECS (amb/6B92)
Content-Length: 278

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
689083b42fb5e2d56f0eb004fb3dd4f2
193af24e894f7b6e4058c3baf4a5dc63b5c12a2b
88fe5343e298dba6afbacd3d5d66cdebdf5f809b0152bb0426b407c9d46fa33f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:48:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 23:18:39 GMT
Expires: Fri, 02 Dec 2022 23:18:38 GMT
Etag: "193af24e894f7b6e4058c3baf4a5dc63b5c12a2b"
Cache-Control: max-age=591634,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ff4d8ecfa80b65-OSL

ggjav.com/favicon.ico

167.99.26.195

404 Not Found

85 B

URL HTTP/1.1
ggjav.com/favicon.ico
IP
167.99.26.195:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
f5a562d10c088cde3064f115f3b482b2
2aa6924c2a9bcd5f2f3d1c855ebc0a53043d1ee5
c1dafff57c62a2e907d41ab99969b2d060deda1dd3699fb327cca416134c7286

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ggjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
date: Sat, 26 Nov 2022 02:48:03 GMT
server: Apache
vary: Accept-Language,Cookie
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html
transfer-encoding: chunked

en.ero-video.net/favicon.ico

69.36.160.167

200 OK

2.9 kB

URL HTTP/2
en.ero-video.net/favicon.ico
IP
69.36.160.167:0
ASN
#13213 UK-2 Limited

File type
MS Windows icon resource - 3 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel\012- data
Size
2.9 kB (2862 bytes)
Hash
0dbb4ae10c1c2f715fb52390bb75e85b
a5133ad565cc207841ce96aac45d86bb844f6a38
1270be04045e7a4f040ad1ae8433669997c23cd54b482bc386e27256eef4923f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: en.ero-video.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/x-icon
content-length: 2862
last-modified: Tue, 31 May 2022 12:14:58 GMT
etag: "629606c2-b2e"
set-cookie: x_gtm_uid=RSSgp2OBfmMPIyMKtlvnAg==; expires=Sun, 27-Nov-22 02:48:03 GMT; domain=ero-video.net; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2

www.porntrex.com/favicon.ico

109.201.134.96

200 OK

1.2 kB

URL HTTP/2
www.porntrex.com/favicon.ico
IP
109.201.134.96:0
ASN
#43350 NForce Entertainment B.V.

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
611e08cd140432a5a5e8ce6999811ef2
6658646e3726741cd4b34c5db984fec579dc19f5
4e5543929d238e7f8dd61c924461d535936f25d783848bf2b09f8fc1fdc8b953

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.porntrex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Thu, 19 Apr 2018 07:53:12 GMT
etag: "5ad84ae8-47e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff420d7d34d0bacca3e4e864782c8a50
80dc835f741c6709b349d8287accb7f583df91c0
15a8e4da43e1362bcf300f637a706e4d5b65a92fb50b4faeb30543a04da71a6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15A8E4DA43E1362BCF300F637A706E4D5B65A92FB50B4FAEB30543A04DA71A6B"
Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7208
Expires: Sat, 26 Nov 2022 04:48:11 GMT
Date: Sat, 26 Nov 2022 02:48:03 GMT
Connection: keep-alive

js.wpadmngr.com/npc/sdk/wp-banners.js

45.133.44.24

200 OK

0 B

URL HTTP/2
js.wpadmngr.com/npc/sdk/wp-banners.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Sat, 26 Nov 2022 02:53:03 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.sextvx.com/favicon.ico

172.67.137.76

200 OK

1.0 kB

URL HTTP/2
www.sextvx.com/favicon.ico
IP
172.67.137.76:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel\012- data
Size
1.0 kB (1045 bytes)
Hash
a070d4a326b95787d059d3db5a4cccc2
cec4f7e746aa348226acb9163ec3caeb4c6d4fed
15f67c97f595961d6efc2c9da28e8aaa7cff7ebdebc11eb6de391080785415db

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.sextvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/x-icon
last-modified: Thu, 01 Jan 2015 05:27:22 GMT
vary: Accept-Encoding
etag: W/"54a4daba-57e"
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4796
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhDc%2FjisfljVcB8HSaJz1%2F03mdOBbFVc890c%2BlJnCKLHigxdYRTjL6OMT%2B5NJ2XVtw7qv6GVQ2Baj%2BOLMwsXmK3YLNX6oWRSMaKpG19Y0E9H1qaI6ohi5%2FkSXuPNbAd95A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d8fdbedb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43b0d80811dd388beffde85f0f79af45
9e6d3dec82344e002e569aa014ed9eb3f2462dad
9ef3bfea217a1b272665e57894a3392e43107629bdafef6f9b7ac62eb2f58265

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EF3BFEA217A1B272665E57894A3392E43107629BDAFEF6F9B7AC62EB2F58265"
Last-Modified: Thu, 24 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10665
Expires: Sat, 26 Nov 2022 05:45:49 GMT
Date: Sat, 26 Nov 2022 02:48:04 GMT
Connection: keep-alive

openloadpro.com/favicon.ico

172.67.220.157

200 OK

2.3 kB

URL HTTP/2
openloadpro.com/favicon.ico
IP
172.67.220.157:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.3 kB (2269 bytes)
Hash
3de7ecefaa4338a38c00ce51b5f43a0a
c2795adeb4793c5d03a78cdf10c93b0fa4a80585
6eacd18d1a5ea18dbd20ebef445fa431d795758ababb61c5a97284285c0290fe

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: openloadpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: text/html; charset=UTF-8
link: <https://openloadpro.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=72533
x-litespeed-tag: b1d_HTTP.200,b1d_default,b1d_URL.b54ff2eddcb0060bcd786ce388d8d4d7,b1d_
x-litespeed-cache: miss
cache-control: max-age=14400
cf-cache-status: HIT
age: 4316
last-modified: Sat, 26 Nov 2022 01:36:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWY2%2Bl3nLfM5s6h1uCvpq9q4e89ZvFb5Qfxd3ZOTOlLTYr8uSv1mKb0YcJtJ4XkRkLgFH2z4XFoptDFNFrj67VZY%2FtBzu2dju2jk1ZYz1FkyaKwCn7EyDdwJvAoJni7SjmM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d8efc81b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=23782

157.90.84.242

204 No Content

0 B

URL HTTP/1.1
fp.metricswpsh.com/fp?tag_id=23782
IP
157.90.84.242:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 02:48:04 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://av.xvideos-dl.top
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

fp.metricswpsh.com/fp?tag_id=23782

157.90.84.242

200 OK

27 B

URL HTTP/1.1
fp.metricswpsh.com/fp?tag_id=23782
IP
157.90.84.242:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text
Size
27 B (27 bytes)
Hash
183e6bf6f5c39525b4c471c26331c4e4
fc2a0d615a704c8b198b65ce47716b2e168f956e
1127af318c7d62b581d8bb11d56417fef7072f10e3df42bdfb75ba72f94dbe0a

HTTP Headers

POST /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22292
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 02:48:04 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 27
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://av.xvideos-dl.top
Set-Cookie: id=5773006155050903188; Expires=Sun, 26 Nov 2023 02:48:04 GMT; Secure; SameSite=None
Vary: Origin

e3d5e80fdb.8659c84895.com/10a97da5a56bf3f19b5c5a93f873ab36.js

45.133.44.24

200 OK

27 kB

URL HTTP/2
e3d5e80fdb.8659c84895.com/10a97da5a56bf3f19b5c5a93f873ab36.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
27 kB (27298 bytes)
Hash
6aecba97a2b349a3ff1259bd38d8f885
4cf178c6e120bb9a68ae4f0cc23567fa1b9dc753
892f14922da4626e73785797e6e30f93274f3f88f8b740a3ac1a20fa6457d571

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /10a97da5a56bf3f19b5c5a93f873ab36.js HTTP/1.1
Host: e3d5e80fdb.8659c84895.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:04 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 13 Oct 2022 09:19:10 GMT
etag: W/"6347d80e-16007"
content-encoding: gzip
expires: Sat, 26 Nov 2022 02:53:04 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

1041598d1a.da1a0e7bb3.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjM1MzI5MDgwMjQyNDgzODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjIzNzgyLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNDMsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IkZDMi1QUFYtMTM5OTI2NC0lRTMlODMlOTUlRTMlODMlQTklRTMlODMlODMlRTMlODIlQjclRTMlODMlQTUlRTMlODMlOUUlRTMlODMlQjMlRTMlODElQUUlMkNQYXBhZUhpamFSZWFsKERhZGFuZERhdWd0aGVyUmVhbCVFMyU4MyU5NSVFMyU4MyVBOSVFMyU4MyU4MyVFMyU4MiVCNyVFMyU4MyVBNSVFMyU4MyU5RSVFMyU4MyVCM2ZjMkZDMi1QUFYtMTUyMzYxNy0lRTUlQTUlODclRTglQjklOUYlRTclOUElODQlRTclQTIlQkElRTclOEUlODclRTMlODElQTclRTUlODclQkElRTYlOUMlODMlRTMlODElQTMlRTMlODElOUYlRTMlODAlODElRTglQjYlODUlRTUlOEYlQUYlRTYlODQlOUIlRTMlODElODQlRTMlODAlODElRTUlOEYlQUYlRTYlODQlOUIlRTklODElOEUlRTMlODElOEUlRTMlODIlOEIlRTUlQTglOTglRTMlODElQTglRTMlODElQUUlRTYlOEYlQjQlRTQlQkElQTQlRTMlODAlOTAlRTclOTUlQUElRTUlQTQlOTYlRTclQjclQTglRTMlODAlOTFlbGxpZWFuZGRpbmFwb3JuJUU1JThEJTgzJUU4JTkxJTg5JUU2JThGJUI0JUU0JUJBJUE0JUU1JUIwJThGNSVFMyU4MiU4NiVFMyU4MSU4NDExJUU2JUFEJUIzJUUzJTgzJTk1JUUzJTgzJUE5JUUzJTgzJTgzJUUzJTgyJUI3JUUzJTgzJUE1JUUzJTgzJTlFJUUzJTgzJUIzJUUzJTgxJUFFJUU1JTgwJThCJUU0JUJBJUJBJUU2JTkyJUFFJUU1JUJEJUIxMzglN0MlN0MlMkNQYXBhZUhpamFSZWFsKERhZGFuZERhdWd0aGVyUmVhbCVFMyU4MyU5NSVFMyU4MyVBOSVFMyU4MyU4MyVFMyU4MiVCNyVFMyU4MyVBNSVFMyU4MyU5RSVFMyU4MyVCM2ZjMkZDMi1QUFYtMTUyMzYxNy0lRTUlQTUlODclRTglQjklOUYlRTclOUElODQlRTclQTIlQkElRTclOEUlODclRTMlODElQTclRTUlODclQkElRTYlOUMlODMlRTMlODElQTMlRTMlODElOUYlRTMlODAlODElRTglQjYlODUlRTUlOEYlQUYlRTYlODQlOUIlRTMlODElODQlRTMlODAlODElRTUlOEYlQUYlRTYlODQlOUIlRTklODElOEUlRTMlODElOEUlRTMlODIlOEIlRTUlQTglOTglRTMlODElQTglRTMlODElQUUlRTYlOEYlQjQlRTQlQkElQTQlRTMlODAlOTAlRTclOTUlQUElRTUlQTQlOTYlRTclQjclQTglRTMlODAlOTFlbGxpZWFuZGRpbmFwb3JuJUU1JThEJTgzJUU4JTkxJTg5JUU2JThGJUI0JUU0JUJBJUE0JUU1JUIwJThGNSVFMyU4MiU4NiVFMyU4MSU4NDExJUU2JUFEJUIzJUUzJTgzJTk1JUUzJTgzJUE5JUUzJTgzJTgzJUUzJTgyJUI3JUUzJTgzJUE1JUUzJTgzJTlFJUUzJTgzJUIzJUUzJTgxJUFFJUU1JTgwJThCJUU0JUJBJUJBJUU2JTkyJUFFJUU1JUJEJUIxMzglN0MlN0MlN0MlRTQlQkElQkElRTUlQTYlQkIlRTYlOTclQTAlRTclQTAlODElMkNGQzItUFBWLTEzOTkyNjQtJUUzJTgzJTk1JUUzJTgzJUE5JUUzJTgzJTgzJUUzJTgyJUI3JUUzJTgzJUE1JUUzJTgzJTlFJUUzJTgzJUIzJUUzJTgxJUFFJTJDJUU1JThCJTk1JUU3JTk0JUJCJUUzJTgwJTkwJUUzJTgxJThBJUU2JUIwJTk3JUUzJTgxJUFCJUU1JTg1JUE1JUUzJTgyJThBJUU1JUE4JTk4NyVFMyU4MCU5MSUyMCJ9

45.133.44.25

200 OK

0 B

URL HTTP/2
1041598d1a.da1a0e7bb3.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjM1MzI5MDgwMjQyNDgzODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjIzNzgyLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNDMsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IkZDMi1QUFYtMTM5OTI2NC0lRTMlODMlOTUlRTMlODMlQTklRTMlODMlODMlRTMlODIlQjclRTMlODMlQTUlRTMlODMlOUUlRTMlODMlQjMlRTMlODElQUUlMkNQYXBhZUhpamFSZWFsKERhZGFuZERhdWd0aGVyUmVhbCVFMyU4MyU5NSVFMyU4MyVBOSVFMyU4MyU4MyVFMyU4MiVCNyVFMyU4MyVBNSVFMyU4MyU5RSVFMyU4MyVCM2ZjMkZDMi1QUFYtMTUyMzYxNy0lRTUlQTUlODclRTglQjklOUYlRTclOUElODQlRTclQTIlQkElRTclOEUlODclRTMlODElQTclRTUlODclQkElRTYlOUMlODMlRTMlODElQTMlRTMlODElOUYlRTMlODAlODElRTglQjYlODUlRTUlOEYlQUYlRTYlODQlOUIlRTMlODElODQlRTMlODAlODElRTUlOEYlQUYlRTYlODQlOUIlRTklODElOEUlRTMlODElOEUlRTMlODIlOEIlRTUlQTglOTglRTMlODElQTglRTMlODElQUUlRTYlOEYlQjQlRTQlQkElQTQlRTMlODAlOTAlRTclOTUlQUElRTUlQTQlOTYlRTclQjclQTglRTMlODAlOTFlbGxpZWFuZGRpbmFwb3JuJUU1JThEJTgzJUU4JTkxJTg5JUU2JThGJUI0JUU0JUJBJUE0JUU1JUIwJThGNSVFMyU4MiU4NiVFMyU4MSU4NDExJUU2JUFEJUIzJUUzJTgzJTk1JUUzJTgzJUE5JUUzJTgzJTgzJUUzJTgyJUI3JUUzJTgzJUE1JUUzJTgzJTlFJUUzJTgzJUIzJUUzJTgxJUFFJUU1JTgwJThCJUU0JUJBJUJBJUU2JTkyJUFFJUU1JUJEJUIxMzglN0MlN0MlMkNQYXBhZUhpamFSZWFsKERhZGFuZERhdWd0aGVyUmVhbCVFMyU4MyU5NSVFMyU4MyVBOSVFMyU4MyU4MyVFMyU4MiVCNyVFMyU4MyVBNSVFMyU4MyU5RSVFMyU4MyVCM2ZjMkZDMi1QUFYtMTUyMzYxNy0lRTUlQTUlODclRTglQjklOUYlRTclOUElODQlRTclQTIlQkElRTclOEUlODclRTMlODElQTclRTUlODclQkElRTYlOUMlODMlRTMlODElQTMlRTMlODElOUYlRTMlODAlODElRTglQjYlODUlRTUlOEYlQUYlRTYlODQlOUIlRTMlODElODQlRTMlODAlODElRTUlOEYlQUYlRTYlODQlOUIlRTklODElOEUlRTMlODElOEUlRTMlODIlOEIlRTUlQTglOTglRTMlODElQTglRTMlODElQUUlRTYlOEYlQjQlRTQlQkElQTQlRTMlODAlOTAlRTclOTUlQUElRTUlQTQlOTYlRTclQjclQTglRTMlODAlOTFlbGxpZWFuZGRpbmFwb3JuJUU1JThEJTgzJUU4JTkxJTg5JUU2JThGJUI0JUU0JUJBJUE0JUU1JUIwJThGNSVFMyU4MiU4NiVFMyU4MSU4NDExJUU2JUFEJUIzJUUzJTgzJTk1JUUzJTgzJUE5JUUzJTgzJTgzJUUzJTgyJUI3JUUzJTgzJUE1JUUzJTgzJTlFJUUzJTgzJUIzJUUzJTgxJUFFJUU1JTgwJThCJUU0JUJBJUJBJUU2JTkyJUFFJUU1JUJEJUIxMzglN0MlN0MlN0MlRTQlQkElQkElRTUlQTYlQkIlRTYlOTclQTAlRTclQTAlODElMkNGQzItUFBWLTEzOTkyNjQtJUUzJTgzJTk1JUUzJTgzJUE5JUUzJTgzJTgzJUUzJTgyJUI3JUUzJTgzJUE1JUUzJTgzJTlFJUUzJTgzJUIzJUUzJTgxJUFFJTJDJUU1JThCJTk1JUU3JTk0JUJCJUUzJTgwJTkwJUUzJTgxJThBJUU2JUIwJTk3JUUzJTgxJUFCJUU1JTg1JUE1JUUzJTgyJThBJUU1JUE4JTk4NyVFMyU4MCU5MSUyMCJ9
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjM1MzI5MDgwMjQyNDgzODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjIzNzgyLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNDMsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IkZDMi1QUFYtMTM5OTI2NC0lRTMlODMlOTUlRTMlODMlQTklRTMlODMlODMlRTMlODIlQjclRTMlODMlQTUlRTMlODMlOUUlRTMlODMlQjMlRTMlODElQUUlMkNQYXBhZUhpamFSZWFsKERhZGFuZERhdWd0aGVyUmVhbCVFMyU4MyU5NSVFMyU4MyVBOSVFMyU4MyU4MyVFMyU4MiVCNyVFMyU4MyVBNSVFMyU4MyU5RSVFMyU4MyVCM2ZjMkZDMi1QUFYtMTUyMzYxNy0lRTUlQTUlODclRTglQjklOUYlRTclOUElODQlRTclQTIlQkElRTclOEUlODclRTMlODElQTclRTUlODclQkElRTYlOUMlODMlRTMlODElQTMlRTMlODElOUYlRTMlODAlODElRTglQjYlODUlRTUlOEYlQUYlRTYlODQlOUIlRTMlODElODQlRTMlODAlODElRTUlOEYlQUYlRTYlODQlOUIlRTklODElOEUlRTMlODElOEUlRTMlODIlOEIlRTUlQTglOTglRTMlODElQTglRTMlODElQUUlRTYlOEYlQjQlRTQlQkElQTQlRTMlODAlOTAlRTclOTUlQUElRTUlQTQlOTYlRTclQjclQTglRTMlODAlOTFlbGxpZWFuZGRpbmFwb3JuJUU1JThEJTgzJUU4JTkxJTg5JUU2JThGJUI0JUU0JUJBJUE0JUU1JUIwJThGNSVFMyU4MiU4NiVFMyU4MSU4NDExJUU2JUFEJUIzJUUzJTgzJTk1JUUzJTgzJUE5JUUzJTgzJTgzJUUzJTgyJUI3JUUzJTgzJUE1JUUzJTgzJTlFJUUzJTgzJUIzJUUzJTgxJUFFJUU1JTgwJThCJUU0JUJBJUJBJUU2JTkyJUFFJUU1JUJEJUIxMzglN0MlN0MlMkNQYXBhZUhpamFSZWFsKERhZGFuZERhdWd0aGVyUmVhbCVFMyU4MyU5NSVFMyU4MyVBOSVFMyU4MyU4MyVFMyU4MiVCNyVFMyU4MyVBNSVFMyU4MyU5RSVFMyU4MyVCM2ZjMkZDMi1QUFYtMTUyMzYxNy0lRTUlQTUlODclRTglQjklOUYlRTclOUElODQlRTclQTIlQkElRTclOEUlODclRTMlODElQTclRTUlODclQkElRTYlOUMlODMlRTMlODElQTMlRTMlODElOUYlRTMlODAlODElRTglQjYlODUlRTUlOEYlQUYlRTYlODQlOUIlRTMlODElODQlRTMlODAlODElRTUlOEYlQUYlRTYlODQlOUIlRTklODElOEUlRTMlODElOEUlRTMlODIlOEIlRTUlQTglOTglRTMlODElQTglRTMlODElQUUlRTYlOEYlQjQlRTQlQkElQTQlRTMlODAlOTAlRTclOTUlQUElRTUlQTQlOTYlRTclQjclQTglRTMlODAlOTFlbGxpZWFuZGRpbmFwb3JuJUU1JThEJTgzJUU4JTkxJTg5JUU2JThGJUI0JUU0JUJBJUE0JUU1JUIwJThGNSVFMyU4MiU4NiVFMyU4MSU4NDExJUU2JUFEJUIzJUUzJTgzJTk1JUUzJTgzJUE5JUUzJTgzJTgzJUUzJTgyJUI3JUUzJTgzJUE1JUUzJTgzJTlFJUUzJTgzJUIzJUUzJTgxJUFFJUU1JTgwJThCJUU0JUJBJUJBJUU2JTkyJUFFJUU1JUJEJUIxMzglN0MlN0MlN0MlRTQlQkElQkElRTUlQTYlQkIlRTYlOTclQTAlRTclQTAlODElMkNGQzItUFBWLTEzOTkyNjQtJUUzJTgzJTk1JUUzJTgzJUE5JUUzJTgzJTgzJUUzJTgyJUI3JUUzJTgzJUE1JUUzJTgzJTlFJUUzJTgzJUIzJUUzJTgxJUFFJTJDJUU1JThCJTk1JUU3JTk0JUJCJUUzJTgwJTkwJUUzJTgxJThBJUU2JUIwJTk3JUUzJTgxJUFCJUU1JTg1JUE1JUUzJTgyJThBJUU1JUE4JTk4NyVFMyU4MCU5MSUyMCJ9 HTTP/1.1
Host: 1041598d1a.da1a0e7bb3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:04 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
98ea967650cd81755b272e43ee9e2a56
d186462c5c52272cb0a6d3b698e6a717a9914e45
ddeeb6fb942cc85e0b150223d635d5996d12fde30bdbe505537886c8e0f543cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDEEB6FB942CC85E0B150223D635D5996D12FDE30BDBE505537886C8E0F543CD"
Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11504
Expires: Sat, 26 Nov 2022 05:59:48 GMT
Date: Sat, 26 Nov 2022 02:48:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
98ea967650cd81755b272e43ee9e2a56
d186462c5c52272cb0a6d3b698e6a717a9914e45
ddeeb6fb942cc85e0b150223d635d5996d12fde30bdbe505537886c8e0f543cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDEEB6FB942CC85E0B150223D635D5996D12FDE30BDBE505537886C8E0F543CD"
Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11504
Expires: Sat, 26 Nov 2022 05:59:48 GMT
Date: Sat, 26 Nov 2022 02:48:04 GMT
Connection: keep-alive

nereserv.com/in/dip?site=native-push&wl=1&event_id=1e9256b1-ad76-4bad-ad3b-cc7b3da8db6e&subid=809032184&sid=1119740490&spot_id=17050&created_at=2022-11-26&timezone=0&ver=8.5.1&is_native=1

157.90.84.246

200 OK

0 B

URL HTTP/2
nereserv.com/in/dip?site=native-push&wl=1&event_id=1e9256b1-ad76-4bad-ad3b-cc7b3da8db6e&subid=809032184&sid=1119740490&spot_id=17050&created_at=2022-11-26&timezone=0&ver=8.5.1&is_native=1
IP
157.90.84.246:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=1e9256b1-ad76-4bad-ad3b-cc7b3da8db6e&subid=809032184&sid=1119740490&spot_id=17050&created_at=2022-11-26&timezone=0&ver=8.5.1&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 26 Nov 2022 02:48:04 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

e3d5e80fdb.8659c84895.com/81a904aea6b7338289ed7316c86e3727.js

45.133.44.24

200 OK

73 kB

URL HTTP/2
e3d5e80fdb.8659c84895.com/81a904aea6b7338289ed7316c86e3727.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
73 kB (72955 bytes)
Hash
c2b300e5f3345aa192e663c4f7265de1
c7c64fb0817e9cbf7f151094687b2fde7a548dc5
619fc2b4d96c1da2b3c04d5ebe03cfd7da53b264f5bf2d76298cc5cd872ff7dd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /81a904aea6b7338289ed7316c86e3727.js HTTP/1.1
Host: e3d5e80fdb.8659c84895.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:04 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 22 Nov 2022 16:27:58 GMT
etag: W/"637cf88e-48777"
content-encoding: gzip
expires: Sat, 26 Nov 2022 02:53:04 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

87.250.251.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Sat, 26 Nov 2022 02:48:04 GMT
access-control-allow-origin: *
etag: "637f41b2-2b"
expires: Sat, 26 Nov 2022 03:48:04 GMT
accept-ranges: bytes
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

7mmtv.tv/favicon.ico

172.67.202.161

200 OK

946 B

URL HTTP/2
7mmtv.tv/favicon.ico
IP
172.67.202.161:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16\012- data
Size
946 B (946 bytes)
Hash
0d9e80c73c746dc02c828d4534c0c660
7d655e7013b19d3039ff7ee5e0a23e503f141c7f
ddd125a18881789e76e23a0f74c50c39f7a211516d5c3b50b3b0300a30a3c632

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 7mmtv.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/x-icon
last-modified: Mon, 29 Apr 2019 05:40:38 GMT
etag: W/"5cc68e56-57e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2281
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gD6%2BN4HxV03mFcM2OXbqJtxd5Ntwemnm9bPD5XkpRzU0imUTyThdHAlia2MWAIor2AeHNGhOJ3EXBQa%2BnLxG8s0DNTetch8un47O90C7y0ugaqVVLZzPpod%2FkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d8bde3fb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

twitter.com/favicon.ico

104.244.42.193

200 OK

1.2 kB

URL HTTP/2
twitter.com/favicon.ico
IP
104.244.42.193:0
ASN
#13414 TWITTER

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
630d203cdeba06df4c0e289c8c8094f6
eee14e8a36b0512c12ba26c0516b4553618dea36
bbce71345828a27c5572637dbe88a3dd1e065266066600c8a841985588bf2902

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 UTC
perf: 7626143928
server: tsa_o
set-cookie: guest_id=v1%3A166943088508548219; Max-Age=34214400; Expires=Wed, 27 Dec 2023 02:48:05 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0
content-length: 1150
x-transaction-id: 23702459e060c58a
strict-transport-security: max-age=631138519
x-response-time: 102
x-connection-hash: 0ed87c0c574c2900e91c94c41b3e47d063626444bb0ae9ad8782054f81274ef6
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c6e9a1d8fa24d02a25936da53f41cf29
4e5e72447a91e6547f594ffeeea7f37499bdb285
c0269a28b26bab781b9be948016a79ee3f75aefb39bf20be0811536d3e86d9f9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1374
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:05 GMT
Last-Modified: Sat, 26 Nov 2022 02:25:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c6e9a1d8fa24d02a25936da53f41cf29
4e5e72447a91e6547f594ffeeea7f37499bdb285
c0269a28b26bab781b9be948016a79ee3f75aefb39bf20be0811536d3e86d9f9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1374
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:05 GMT
Last-Modified: Sat, 26 Nov 2022 02:25:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c6e9a1d8fa24d02a25936da53f41cf29
4e5e72447a91e6547f594ffeeea7f37499bdb285
c0269a28b26bab781b9be948016a79ee3f75aefb39bf20be0811536d3e86d9f9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1374
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:05 GMT
Last-Modified: Sat, 26 Nov 2022 02:25:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c6e9a1d8fa24d02a25936da53f41cf29
4e5e72447a91e6547f594ffeeea7f37499bdb285
c0269a28b26bab781b9be948016a79ee3f75aefb39bf20be0811536d3e86d9f9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1374
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:05 GMT
Last-Modified: Sat, 26 Nov 2022 02:25:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c6e9a1d8fa24d02a25936da53f41cf29
4e5e72447a91e6547f594ffeeea7f37499bdb285
c0269a28b26bab781b9be948016a79ee3f75aefb39bf20be0811536d3e86d9f9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1374
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:05 GMT
Last-Modified: Sat, 26 Nov 2022 02:25:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

rz.nakadashi.pw/v/s://kissjav.com/zh/118723/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3

172.64.128.21

200 OK

454 B

URL HTTP/2
rz.nakadashi.pw/v/s://kissjav.com/zh/118723/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
454 B (454 bytes)
Hash
a50dfd834f43fe2a85982fc9eaa66211
062bcc931fadfdb52c10b3dd9d31386cea026637
7334e89acb1c94f37d7b0dce02251a5fcc229012a1aa3c1dc631641f2a1380cc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://kissjav.com/zh/118723/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/zh/118723/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/37/1d/113a115, lfm-1-11949, lmd-11949, lud-1463624, xfvlen-2325577, fsize-509204, played-645
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/zh/118723/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/zh/118723/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 321060
last-modified: Tue, 22 Nov 2022 09:37:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVHko9Qp%2FJ3qo2WXJEjYa3zC7zmDijYrWuqoOzKu4ngYU7JizglY3hVkxH0jWV1g07EPVLsdKT%2BrFHWsJJvBFg8ZjGgpO5aEQaI%2BKOJNN1WLLGg0ndLbppGYLB436Km78Uo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99c981776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://www.tktube.com/videos/26644/fc2-ppv-1399264-a//title/myhash/3

172.64.128.21

200 OK

8.3 kB

URL HTTP/2
rz.nakadashi.pw/v/s://www.tktube.com/videos/26644/fc2-ppv-1399264-a//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
8.3 kB (8319 bytes)
Hash
8d6dda57bac0433fae102b02f166ce10
702f61deba47cb3a41e40c1a7f91d06544606498
da7e33519adedb2db552b998d2160238c38263190b40aea6708d9acf8e9f8564

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://www.tktube.com/videos/26644/fc2-ppv-1399264-a//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.tktube.com/videos/26644/fc2-ppv-1399264-a//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/cb/d5/52a250, lfm-1-20485, lmd-20485, lud-4606693, xfvlen-3081938, fsize-644022, played-19
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://www.tktube.com/videos/26644/fc2-ppv-1399264-a//title/myhash/3-A-rz.nakadashi.pw--ssdzone---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.tktube.com/videos/26644/fc2-ppv-1399264-a//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 321057
last-modified: Tue, 22 Nov 2022 09:37:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ac29qV3Ql2pd6thT%2FE3z3hUiYGA6M%2BNlSZxP1IBQUFJbvFJimGOlABgqaRD8cByVqs0HWnxtjfZwWhFjT6JZoQeWtQ4hbg5c32BMD0d%2FpWjXbQSopuDg6TLuNdmHUsTsEck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d9a29c6776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://ggjav.com/en/main/video?id=127759/title/myhash/3

172.64.128.21

200 OK

109 kB

URL HTTP/2
rz.nakadashi.pw/v/s://ggjav.com/en/main/video?id=127759/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
109 kB (108852 bytes)
Hash
d01785c61ad777d3996916a30529c0bd
e60fc73e0693d8d88c91a44f4de4da29df0fd2b2
504ce9f751a62c0b18d589c057078dfef2422b8eea9d6d09d0c33b239ffa4dd1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://ggjav.com/en/main/video?id=127759/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://ggjav.com/en/main/video?id=127759/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/7f/cd/b2c337, lfm-1-8505, lmd-8505, lud-454782, xfvlen-1915469, fsize-504668, played-56
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://ggjav.com/en/main/video?id=127759/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://ggjav.com/en/main/video?id=127759/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 14758
last-modified: Fri, 25 Nov 2022 22:42:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtZom5dSRf%2FWU8wePuHNWY1Xq2ZjpTGk98Q5I%2F4nq0VXbBgi38HFRKwzz%2B9Cv6yfAiFAxmNG8FxMJocZ3BXveRs5PilI%2FAWEFGOPTdID8hgj9wVF8Qhey8reZpEYOUWNI%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99e992776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://kissjav.com/zh/101632/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1207449-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B131-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3

172.64.128.21

200 OK

140 kB

URL HTTP/2
rz.nakadashi.pw/v/s://kissjav.com/zh/101632/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1207449-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B131-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
140 kB (140429 bytes)
Hash
4717c6ba419224cfb77919e39fead23e
84cb960e93795c07a6b3d89654eab274522f23ef
be44901cf7d2bff410344e071534f5f5887bef5879bcce7ac7248d86f6e2ab20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://kissjav.com/zh/101632/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1207449-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B131-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/zh/101632/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1207449-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B131-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/26/ff/d393128, lfm-1-12714, lmd-12714, lud-518749, xfvlen-1466924, fsize-480616, played-239
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://kissjav.com/zh/101632/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1207449-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B131-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/zh/101632/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1207449-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B131-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 249938
last-modified: Wed, 23 Nov 2022 05:22:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRI%2Ba%2B5CRZksXjQt%2BuDCiTxaddfQjD7KIJTmEZeIkkp77noOd%2FakB3Z8xNKGgUVcm0z%2B12lV2Ij1finbBFKDV7hmokV8nJ8LpoYXFoCD6wPh7k66DwqXmd4Il09%2F55Q56dg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b969776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://javfan.one/uncensored/180520//title/myhash/3

172.64.128.21

200 OK

14 kB

URL HTTP/2
rz.nakadashi.pw/v/s://javfan.one/uncensored/180520//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
14 kB (13961 bytes)
Hash
c085b3602c746238280744ca1b8d1601
93ca42cce6bade1fd0d4d0c56171a5440a56c1a9
1cd46230e54262cb831eb5d5e8a3b7616925fc2323af1777de0090384dd36f41

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://javfan.one/uncensored/180520//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://javfan.one/uncensored/180520//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/3e/37/f3ca33, lfm-1-9805, lmd-9805, lud-749664, xfvlen-2112889, fsize-709899, played-39
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://javfan.one/uncensored/180520//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://javfan.one/uncensored/180520//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 2632
last-modified: Sat, 26 Nov 2022 02:04:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9R1No1XJmhEyW8CiVMiy5ZkQk5UiRmYkKuJuNqxOZkkcZRUfu3Wpd1AzOR6JDV4HFNruVw%2BLYx2OprLJumdPthsK5hrNMngBxoNoJuyboBs0M2YC49EerK4d9BWmTXDX30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b960776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://tktube.com/videos/34841/fc2-ppv-14445022//title/myhash/3

172.64.128.21

200 OK

185 kB

URL HTTP/2
rz.nakadashi.pw/v/s://tktube.com/videos/34841/fc2-ppv-14445022//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
185 kB (184671 bytes)
Hash
c9bf3572a7e1aeb12ece4371c5fd11a6
e1511b635c9ef4f026df8c0d9cc72c79522029b5
d85c3b0676f401cc6883254d99ac81ed109a179a23083f84dc636a4720474fb0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://tktube.com/videos/34841/fc2-ppv-14445022//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://tktube.com/videos/34841/fc2-ppv-14445022//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/44/e5/374745, lfm-1-33240, lmd-33240, lud-3606406, xfvlen-1957437, fsize-605735, played-60
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://tktube.com/videos/34841/fc2-ppv-14445022//title/myhash/3-A-rz.nakadashi.pw--ssdzone---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://tktube.com/videos/34841/fc2-ppv-14445022//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 359558
last-modified: Mon, 21 Nov 2022 22:55:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnCQ9PBAhp8FQQ9se2u4pkRJzDPH82IXXGmsDy1VIkKCtlCP%2B1WTkdtAP1%2BTCZmMpWaBIRhlaCCDBLsee0KGJ%2FQEcPPLu1Ti%2FDYEbfdnKGjMYa1xzEoY9ST4V6g349DlfM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b965776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://kissjav.com/100760/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3

172.64.128.21

200 OK

116 kB

URL HTTP/2
rz.nakadashi.pw/v/s://kissjav.com/100760/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
116 kB (116504 bytes)
Hash
74aaa3621d763ff72d6dab310c77d46c
5fe61cfa9d14b8673cb93036542a124790108fe8
3023332600e7c8e9b3349200ce27b07a560ae54a443d8052051b06bf8271aae9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://kissjav.com/100760/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/100760/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/06/6b/beb7125, lfm-1-157664, lmd-157664, lud-5207395, xfvlen-1681763, fsize-445356, played-69
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/100760/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/100760/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 117709
last-modified: Thu, 24 Nov 2022 18:06:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fv69U%2BKThjzi7VPkusKN%2BOPAZLAxyA0w24DhJHFsliNNLtcmNAaqFRm38Avpu6R2a517oXWxrutKeigaEoYxttq%2FHbp%2FxKrhB4oswyHo773anQDsJsqaob8fz3zPI9kTeO4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99a947776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://javfan.one/uncensored/254260//title/myhash/3

172.64.128.21

200 OK

373 B

URL HTTP/2
rz.nakadashi.pw/v/s://javfan.one/uncensored/254260//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
373 B (373 bytes)
Hash
eacd320e22b9f721778f5f795236e609
f8301b211827f7930e5c108554915faf72784a13
de1787fcb19e2b350038eed4bac6a275bc409869972f3b6789a113ecd6773aa8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://javfan.one/uncensored/254260//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://javfan.one/uncensored/254260//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/a1/13/d68e33, lfm-1-14627, lmd-14627, lud-3938574, xfvlen-1533727, fsize-421007, played-64
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://javfan.one/uncensored/254260//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://javfan.one/uncensored/254260//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 2632
last-modified: Sat, 26 Nov 2022 02:04:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98tR8fPYJtPsE%2BikLLyavXezX1Pnc3w0fMhEtyxwmzZ3KBYfpu2JX4kz%2Flww%2BS%2FZMrl00hS3zyU0CA4wX%2BQummYM3c82f0Ze3v58vuDXO%2B37h8uF%2Fl%2F7auAANRatQMdHVxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b978776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img2.xiangbinjun.com/new/2020-12-05/FC2-PPV-1370484.jpg

54.230.111.89

200 OK

16 kB

URL HTTP/1.1
img2.xiangbinjun.com/new/2020-12-05/FC2-PPV-1370484.jpg
IP
54.230.111.89:0
ASN
#16509 AMAZON-02

File type
JPEG image data, baseline, precision 8, 276x490, components 3\012- data
Size
16 kB (15886 bytes)
Hash
3d52b79cce44502b0bafa7772bfbc083
2744c0884e6f4bcaf3442fa0a3f6f9bef019df79
2e209902f872556fdfd067065c37227755f53c3b4b191a0dad677e76c4c90f35

HTTP Headers

GET /new/2020-12-05/FC2-PPV-1370484.jpg HTTP/1.1
Host: img2.xiangbinjun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 15886
Connection: keep-alive
Server: X
Last-Modified: Tue, 29 Dec 2020 07:40:46 GMT
Accept-Ranges: bytes
Date: Fri, 25 Nov 2022 08:24:47 GMT
ETag: "5feadd7e-3e0e"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Iwq8uutFdf3x9mWx7mMKVYI9SfE1KsFlhcIvF2CQhTypwCSegOlzrw==
Age: 66198
Vary: Accept-Encoding, Origin

rz.nakadashi.pw/v/s://pornve.com/z4tr3otgl5cl/FC2PPV_1249144_46.html/title/myhash/3

172.64.128.21

200 OK

221 kB

URL HTTP/2
rz.nakadashi.pw/v/s://pornve.com/z4tr3otgl5cl/FC2PPV_1249144_46.html/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
221 kB (221092 bytes)
Hash
5ebd24535b38dcb11b338b5255a10e43
361169620465e689578d5bec63b96418478a13b9
ac7248f0d809541083e012ee95cadb399c9077b3967ef352546365de8441ba6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://pornve.com/z4tr3otgl5cl/FC2PPV_1249144_46.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://pornve.com/z4tr3otgl5cl/FC2PPV_1249144_46.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/e2/29/ceb950, lfm-1-10166, lmd-10166, lud-2213974, xfvlen-2759124, fsize-653515, played-242
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://pornve.com/z4tr3otgl5cl/FC2PPV_1249144_46.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://pornve.com/z4tr3otgl5cl/FC2PPV_1249144_46.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 02:48:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WemLmLOlBv%2FC2bYovaabLCqXix0oImL94EoLHbOQrxeFv7W43e7nGQgxlVDpaHZ5%2FUeuSGtQ9l%2F3%2Fi6FRoM4Q5msyZR%2B7cdHpCvY1RBHt6MQL93qAyFNm1EqxbN42Ha2JM4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b97c776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://pornve.com/6sbwynkgu7gl/FC2PPV_1399264_A__7.html/title/myhash/3

172.64.128.21

200 OK

236 kB

URL HTTP/2
rz.nakadashi.pw/v/s://pornve.com/6sbwynkgu7gl/FC2PPV_1399264_A__7.html/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
236 kB (236327 bytes)
Hash
23b71022bf15991509b332e52992af4a
5f529f12bf68da5719d1ea3502080ba28ccf6291
8de9819ddd2b6f776e0cff556785ac7366e547e3416b51ad110ff690339fd3b2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://pornve.com/6sbwynkgu7gl/FC2PPV_1399264_A__7.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://pornve.com/6sbwynkgu7gl/FC2PPV_1399264_A__7.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/79/64/2be652, lfm-1-72283, lmd-72283, lud-3389284, xfvlen-1775968, fsize-378627, played-1824
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://pornve.com/6sbwynkgu7gl/FC2PPV_1399264_A__7.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://pornve.com/6sbwynkgu7gl/FC2PPV_1399264_A__7.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 451168
last-modified: Sun, 20 Nov 2022 21:28:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=War51ejR7xfA1oZEKsSycC7tMlk58X2yU0QYk9th8EikPkY%2F2TmaoHpzQ9x3WbvUiVCuzu8ZsqbsQvOUVSPok%2F%2F8QJnCRvwZbyLrkK3sY%2FuM3QD74U3QPhfa9F%2FhKWc4RuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99a944776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

file.tktube.com/contents/videos_screenshots/26000/26644/preview_720p.mp4.jpg

172.64.170.25

200 OK

94 kB

URL HTTP/2
file.tktube.com/contents/videos_screenshots/26000/26644/preview_720p.mp4.jpg
IP
172.64.170.25:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left], baseline, precision 8, 960x540, components 3\012- data
Size
94 kB (93497 bytes)
Hash
4b26d61d3b9ecbc0be1deb9ab1da6a74
8e4798d88187fc93c63c3ebdee5648f2164e2686
ae5303fc3efff69d55c3833ccc86c85310d5adeb3bb72f05716920728ecf269e

HTTP Headers

GET /contents/videos_screenshots/26000/26644/preview_720p.mp4.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: image/jpeg
content-length: 93497
last-modified: Fri, 19 Jun 2020 16:34:08 GMT
etag: "5eece900-16d39"
expires: Sat, 17 Dec 2022 01:36:15 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 766804
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2c0E6sYTUB8KC5t3VMv9v4Wn4dhsJloi3HBqchx9IHxXVPh%2FG%2BlNyeXizBTwL%2F%2FN1I4LJKm67MeYguGc7IzPh7oOj2u4vGQNWyz7D79OhK4pNDj8bJL58orErSk6rrIBDEs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d9b8e467729-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

file.tktube.com/contents/videos_screenshots/69000/69371/preview_720p.mp4.jpg

172.64.170.25

200 OK

91 kB

URL HTTP/2
file.tktube.com/contents/videos_screenshots/69000/69371/preview_720p.mp4.jpg
IP
172.64.170.25:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 952x533, components 3\012- data
Size
91 kB (91394 bytes)
Hash
2602c338845a817a8eae06b4b5ae5a0c
8878b1ba5c25808f47e4854cd1a05113e80bb707
dc111453ab616ceac3f9dcfc4b129045756bd1f3e267fc9270977d402917b13b

HTTP Headers

GET /contents/videos_screenshots/69000/69371/preview_720p.mp4.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: image/jpeg
content-length: 91394
last-modified: Mon, 28 Jun 2021 21:22:02 GMT
etag: "60da3d7a-16502"
expires: Sat, 24 Dec 2022 22:32:26 GMT
cache-control: max-age=31536000
x-cache-status: MISS
cf-cache-status: HIT
age: 101739
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PGH%2BoBvURdS3Ec433HL31YMMH1xNxA%2FhTumizjMri5AlPoeG8exkibbmpKmeDVYnTcMXERyVEAShLcX96D9h0DzHYCjSSCwkBZ4D64nNJdY6sPBk31LZazZBXRhZmQsI4Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d9bde897729-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://javtube.net/zh/145302/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1401329-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E3%81%A7%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%E2%91%A1-%E7%89%B9%E5%85%B8%E5%8B%95%E7%94%BB%E3%81%AB//title/myhash/3

172.64.128.21

200 OK

181 kB

URL HTTP/2
rz.nakadashi.pw/v/s://javtube.net/zh/145302/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1401329-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E3%81%A7%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%E2%91%A1-%E7%89%B9%E5%85%B8%E5%8B%95%E7%94%BB%E3%81%AB//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
181 kB (180780 bytes)
Hash
3b44dbd301a13895d1a3e4e14a703311
60c11c4b3b40d49c6cbae5b36bce75998ee4b71a
813bacb6cca8d60735186adad4e1df5482dfb8947eb7739bce82c4f67bd05ed9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://javtube.net/zh/145302/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1401329-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E3%81%A7%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%E2%91%A1-%E7%89%B9%E5%85%B8%E5%8B%95%E7%94%BB%E3%81%AB//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://javtube.net/zh/145302/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1401329-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E3%81%A7%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%E2%91%A1-%E7%89%B9%E5%85%B8%E5%8B%95%E7%94%BB%E3%81%AB//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/f5/68/95f6124, lfm-1-5, lmd-5, lud-755225, xfvlen-1849228, fsize-458789, played-10
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://javtube.net/zh/145302/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1401329-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E3%81%A7%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%E2%91%A1-%E7%89%B9%E5%85%B8%E5%8B%95%E7%94%BB%E3%81%AB//title/myhash/3-A-rz.nakadashi.pw--ssdzone---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://javtube.net/zh/145302/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1401329-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E3%81%A7%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%E2%91%A1-%E7%89%B9%E5%85%B8%E5%8B%95%E7%94%BB%E3%81%AB//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 2632
last-modified: Sat, 26 Nov 2022 02:04:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FcGyviZNzt0x5DT%2BFlx6GHYfsrMOEoyegmSLRS%2B6YX8jj5rfbrwIBVxkT1JRq7hep8FbbRFdANlGqe1oyGumgMqFq3Rl4snB8ASslKYlB5hyiL6SDtrQdu5xHYuAPyO1Jk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b967776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://kissjav.com/106780/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1249144-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B146-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3

172.64.128.21

200 OK

15 kB

URL HTTP/2
rz.nakadashi.pw/v/s://kissjav.com/106780/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1249144-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B146-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
15 kB (15301 bytes)
Hash
a2c22f97f7b596709264d5130a50a056
1140a2aa362541a76987226d920d11cd4f76a38b
0e735f65331c3ea9bfe17704b392acc1cf62ca2a07ba339baa104f7ecc798b2d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://kissjav.com/106780/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1249144-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B146-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/106780/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1249144-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B146-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/71/72/e46e116, lfm-3-1915, lmd-1915, lud-3987400, xfvlen-1983156, fsize-812798, played-34
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://kissjav.com/106780/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1249144-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B146-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/106780/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1249144-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B146-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 321057
last-modified: Tue, 22 Nov 2022 09:37:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itUd1h4vbCCvEDLGxjPx%2FAZhy%2BQDA1XmbFzM0ObPge3uX5bYbSAWNQU2fKsORbHMoaIPPatolt5Xo0Sq%2FejCoWLmG28Jp%2BWY9i9LhuI16EsOyOseBEYyK%2BTFEV1xMLDtXO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b95f776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

javtube.net/media/videos/tmb/000/145/302/1.jpg

82.118.242.43

200 OK

8.3 kB

URL HTTP/1.1
javtube.net/media/videos/tmb/000/145/302/1.jpg
IP
82.118.242.43:0
ASN
#201133 Verdina Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 256x144, components 3\012- data
Size
8.3 kB (8267 bytes)
Hash
7d5a9c8572097473a400efea5419619a
bbb57bf657cba4d20b4ca38e766077fec7e73907
1983dcea1f4f2c6e6b2d8289e1de15038504d945bc5a3b84126f68bdbc08311a

HTTP Headers

GET /media/videos/tmb/000/145/302/1.jpg HTTP/1.1
Host: javtube.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 02:48:05 GMT
Content-Type: image/jpeg
Content-Length: 8267
Last-Modified: Tue, 15 Feb 2022 08:00:09 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "620b5d89-204b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

rz.nakadashi.pw/v/s://hpjav.com/86333/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3

172.64.128.21

200 OK

72 kB

URL HTTP/2
rz.nakadashi.pw/v/s://hpjav.com/86333/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
72 kB (71846 bytes)
Hash
04627c3cabd7a3703745310b028623af
cfa50c02cf8ca730c09f1b1a350b5a7cb4957f41
d48a60a8089f922174f80a8eeca19f3af115c98a0bbe4e3c37ac7c68606b3ce9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://hpjav.com/86333/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://hpjav.com/86333/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/50/0d/9ab6113, lfm-1-226, lmd-226, lud-1484431, xfvlen-1596719, fsize-395380, played-8
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://hpjav.com/86333/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://hpjav.com/86333/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 2632
last-modified: Sat, 26 Nov 2022 02:04:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUweRwdhy3cLX9tmZQsFStKfXK%2Fwc%2FS9%2F2cl4OfBUCQOtK%2BtTWA%2Fp5penHpXFWlGNG3JVHxIUVPI%2Fmq0%2B9sPCgMy8HDxYKRMo9XJ9%2BzK9e8Yi%2BH4jw%2F8iMfyBYlpjEt3bic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b963776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://yavtube.com/movie/FC2-PPV-1379912/title/myhash/3

172.64.128.21

200 OK

212 kB

URL HTTP/2
rz.nakadashi.pw/v/s://yavtube.com/movie/FC2-PPV-1379912/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
212 kB (211969 bytes)
Hash
b099514d2ce0e2262558b35e71b18497
0c60e4dfe098fab7bed996af4df2c9288481fcdb
2f2de9b74ca83d171d11cd6e5e14ea753ddf9a5be54d16f287e74e4e23b4e98a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://yavtube.com/movie/FC2-PPV-1379912/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://yavtube.com/movie/FC2-PPV-1379912/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/ec/0c/0a4e37, lfm-1-1017, lmd-1018, lud-3557938, xfvlen-2180786, fsize-531059, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://yavtube.com/movie/FC2-PPV-1379912/title/myhash/3-A-rz.nakadashi.pw--ssdzone---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://yavtube.com/movie/FC2-PPV-1379912/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 129990
last-modified: Thu, 24 Nov 2022 14:41:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pO%2B64wiXZYuAe9I5h%2Bo%2BpDw%2FU67O2vKjpru6%2BjRLeJC0P1jkhhdUxe3OF1QmnHrsO6UPeAIEbiqXxABWZ6pe64iM25s9yhqJwdlPoyapilOmpjfwxQ6nRnqPnCxKv5DkxXs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b974776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cc8ffe7ceb.da1a0e7bb3.com/in/multy

168.119.25.22

200 OK

17 kB

URL HTTP/2
cc8ffe7ceb.da1a0e7bb3.com/in/multy
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (16635), with no line terminators
Size
17 kB (16638 bytes)
Hash
a928cd40f22087b5f26ce2702dbbf7c1
aba3f2cccde49e2c8cf2ae3661fff8fe7e742c03
8b19b806b4fb3ae931b0de239327cb7c8435eb441f145c282773cbe2b6bd8e8b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /in/multy HTTP/1.1
Host: cc8ffe7ceb.da1a0e7bb3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2214
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: application/json
content-length: 16638
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://kissjav.com/104171/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1222122-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B137-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3

172.64.128.21

200 OK

683 B

URL HTTP/2
rz.nakadashi.pw/v/s://kissjav.com/104171/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1222122-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B137-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
683 B (683 bytes)
Hash
8d6da2224f240b88068a46159241472e
bee208984ae662d213d7ec8232c7fbd1d264844d
d3c4260b33784f37b2740f7d7d1e8668b4f4dfa89854cc333905f35f1d44eee3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://kissjav.com/104171/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1222122-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B137-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/104171/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1222122-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B137-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/8b/c3/012b116, lfm-1-1820, lmd-1820, lud-1334315, xfvlen-1927825, fsize-452763, played-212
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/104171/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1222122-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B137-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/104171/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1222122-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B137-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 02:48:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mO9L%2BJOEMuV946hRs7XxEGnhAaTzNMPeox9vYEIA%2BGtt3ytQsqiTbmI93XuFHoqk1VTrZGgxzPsPAEpbQuh%2BVHVQ8nsEYbF7LWQS54ACwdCX9OXN5VkcPcJshn%2BIi1v%2FZC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b96c776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://www.porntrex.com/video/1131202/fc2ppv-1347321/title/myhash/3

172.64.128.21

200 OK

68 kB

URL HTTP/2
rz.nakadashi.pw/v/s://www.porntrex.com/video/1131202/fc2ppv-1347321/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
68 kB (68526 bytes)
Hash
c1550f72b25a3ce27e69ddca53269d1d
eaeb4477e49016a642dd18ed370325acec4f72da
b2d1cc43975cbd511188806d2d22e328aaedd83b56efbb6a7acb40620c3269be

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://www.porntrex.com/video/1131202/fc2ppv-1347321/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.porntrex.com/video/1131202/fc2ppv-1347321/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/0a/ac/199549, lfm-1-73096, lmd-73096, lud-717122, xfvlen-1947443, fsize-551528, played-7
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://www.porntrex.com/video/1131202/fc2ppv-1347321/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.porntrex.com/video/1131202/fc2ppv-1347321/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 5070
last-modified: Sat, 26 Nov 2022 01:23:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRGVIPjC5RUiqxRt3u0WrjhIezyB67zoe8OBKEPDeR0dxMewl%2Bty%2FOtRiLX1eRtlSqOAirCE1efZAaHU7RboNsLs69J41VVImLCY0SnehlhTZn4UmzDpauxLtvQZcivJlSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b975776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f92f58fe6dad5e26f8974806f239b142
2f4ff9f11807072753895e0da60b6d7dd72a9f6d
8471311cd597517546a15da067d8526b470ff028bbaa2d1fabfbe6ae45089dfb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8471311CD597517546A15DA067D8526B470FF028BBAA2D1FABFBE6AE45089DFB"
Last-Modified: Sat, 26 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20688
Expires: Sat, 26 Nov 2022 08:32:53 GMT
Date: Sat, 26 Nov 2022 02:48:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f92f58fe6dad5e26f8974806f239b142
2f4ff9f11807072753895e0da60b6d7dd72a9f6d
8471311cd597517546a15da067d8526b470ff028bbaa2d1fabfbe6ae45089dfb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8471311CD597517546A15DA067D8526B470FF028BBAA2D1FABFBE6AE45089DFB"
Last-Modified: Sat, 26 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20688
Expires: Sat, 26 Nov 2022 08:32:53 GMT
Date: Sat, 26 Nov 2022 02:48:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f92f58fe6dad5e26f8974806f239b142
2f4ff9f11807072753895e0da60b6d7dd72a9f6d
8471311cd597517546a15da067d8526b470ff028bbaa2d1fabfbe6ae45089dfb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8471311CD597517546A15DA067D8526B470FF028BBAA2D1FABFBE6AE45089DFB"
Last-Modified: Sat, 26 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20688
Expires: Sat, 26 Nov 2022 08:32:53 GMT
Date: Sat, 26 Nov 2022 02:48:05 GMT
Connection: keep-alive

24hjav.com/favicon.ico

104.21.34.13

404 Not Found

18 kB

URL HTTP/2
24hjav.com/favicon.ico
IP
104.21.34.13:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4767), with CRLF, CR, LF line terminators
Size
18 kB (18352 bytes)
Hash
2694a11bac3ddaffa1725d045ccda677
9762db2ba8e57dee8d82dceec90b8f6a87a1d5ab
b3002896be5282bc76ae718355376f0a6d864123b6a1d3461bf5163ee4036760

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 24hjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.18
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: BYPASS
set-cookie: PHPSESSID=47vikkv39sd2tdn02usf8li7pr; path=/
_uads=a%3A2%3A%7Bs%3A4%3A%26quot%3Bdate%26quot%3B%3Bi%3A1669517283%3Bs%3A5%3A%26quot%3Buaid_%26quot%3B%3Ba%3A0%3A%7B%7D%7D; expires=Tue, 23-Nov-2032 02:48:03 GMT; Max-Age=315360000; path=/
mode=night; expires=Tue, 23-Nov-2032 02:48:03 GMT; Max-Age=315360000; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mo2MeQCWPusw%2FRHUMPDD3DIBe43hiJJOIQ0MFhA5Segp%2FLUsisKE69gDCdOd9ZhbJX0iV51%2BezSQzsEzLBY%2B8tKJICXQZHDEGXmq8Ys00SrVOm2MXuT6BjYcMZKC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d88ccc7b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f92f58fe6dad5e26f8974806f239b142
2f4ff9f11807072753895e0da60b6d7dd72a9f6d
8471311cd597517546a15da067d8526b470ff028bbaa2d1fabfbe6ae45089dfb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8471311CD597517546A15DA067D8526B470FF028BBAA2D1FABFBE6AE45089DFB"
Last-Modified: Sat, 26 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20688
Expires: Sat, 26 Nov 2022 08:32:53 GMT
Date: Sat, 26 Nov 2022 02:48:05 GMT
Connection: keep-alive

cc8ffe7ceb.da1a0e7bb3.com/in/show/?mid=6186217800793857932&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1119740490&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.5.1&ver_c=&refdom=&hostname=auc-inpage-hz-0-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-11-26&is_native=4&auction_queue=0&burl=H6Q8Bk0atgJyC9AQX71OkBjGzPTc6JI8DttqsaHCEIKZA2uYXZWjtg&pop_winurl=&ip=91.90.42.154&testab=0&px_id=0&adblock=0&auction_host=dch_ip&mm=0&yc=0&render_type=hq&campaign_type=pop-default&uniq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&exp=0&resp_type=&iabcat=IAB25-3&min_cpm=0&placement_type_id=&skin_test=0&verify_hash=4cafc3be33a8205d442d72cf0a0b8fcc&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3D%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0&user_fp=0&v2_track=0&url=bh6wcJy4KlRerxrrkvhS3u0x469tJqcKPQzW5LuyKBrPdHNlLP9WjFKOfCrz6d2KBQpjndOSJ-H_FRGFK6KvUdcqfy6FfO0rF7fsLtktsIge1i3LzJaoIHcTY_DHZE6yCU23Qm5AYiOXTdwEKQS5oSO1ZydFjFOWK-4WGmVfr3zXu_1FCw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0&pr=&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=2af73546-85bd-425f-8452-720ecf557043

168.119.25.22

302 Found

0 B

URL HTTP/2
cc8ffe7ceb.da1a0e7bb3.com/in/show/?mid=6186217800793857932&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1119740490&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.5.1&ver_c=&refdom=&hostname=auc-inpage-hz-0-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-11-26&is_native=4&auction_queue=0&burl=H6Q8Bk0atgJyC9AQX71OkBjGzPTc6JI8DttqsaHCEIKZA2uYXZWjtg&pop_winurl=&ip=91.90.42.154&testab=0&px_id=0&adblock=0&auction_host=dch_ip&mm=0&yc=0&render_type=hq&campaign_type=pop-default&uniq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&exp=0&resp_type=&iabcat=IAB25-3&min_cpm=0&placement_type_id=&skin_test=0&verify_hash=4cafc3be33a8205d442d72cf0a0b8fcc&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3D%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0&user_fp=0&v2_track=0&url=bh6wcJy4KlRerxrrkvhS3u0x469tJqcKPQzW5LuyKBrPdHNlLP9WjFKOfCrz6d2KBQpjndOSJ-H_FRGFK6KvUdcqfy6FfO0rF7fsLtktsIge1i3LzJaoIHcTY_DHZE6yCU23Qm5AYiOXTdwEKQS5oSO1ZydFjFOWK-4WGmVfr3zXu_1FCw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0&pr=&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=2af73546-85bd-425f-8452-720ecf557043
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /in/show/?mid=6186217800793857932&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1119740490&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.5.1&ver_c=&refdom=&hostname=auc-inpage-hz-0-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-11-26&is_native=4&auction_queue=0&burl=H6Q8Bk0atgJyC9AQX71OkBjGzPTc6JI8DttqsaHCEIKZA2uYXZWjtg&pop_winurl=&ip=91.90.42.154&testab=0&px_id=0&adblock=0&auction_host=dch_ip&mm=0&yc=0&render_type=hq&campaign_type=pop-default&uniq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&exp=0&resp_type=&iabcat=IAB25-3&min_cpm=0&placement_type_id=&skin_test=0&verify_hash=4cafc3be33a8205d442d72cf0a0b8fcc&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3D%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0&user_fp=0&v2_track=0&url=bh6wcJy4KlRerxrrkvhS3u0x469tJqcKPQzW5LuyKBrPdHNlLP9WjFKOfCrz6d2KBQpjndOSJ-H_FRGFK6KvUdcqfy6FfO0rF7fsLtktsIge1i3LzJaoIHcTY_DHZE6yCU23Qm5AYiOXTdwEKQS5oSO1ZydFjFOWK-4WGmVfr3zXu_1FCw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0&pr=&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=2af73546-85bd-425f-8452-720ecf557043 HTTP/1.1
Host: cc8ffe7ceb.da1a0e7bb3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx/1.18.0
date: Sat, 26 Nov 2022 02:48:05 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://kissjav.com/124660/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3

172.64.128.21

200 OK

8.4 kB

URL HTTP/2
rz.nakadashi.pw/v/s://kissjav.com/124660/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
8.4 kB (8395 bytes)
Hash
9bb6cd2eda33494e79c932cbbbb3b74c
c569da4e48736780965635c73ebca79371f6a3a6
ae886acd1143abe25c6e66fa2be6568184a01ea971de76f6743bd45356b422cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://kissjav.com/124660/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/124660/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/7e/e3/b377104, lfm-7-27437, lmd-27437, lud-1252561, xfvlen-1525939, fsize-818446, played-1067
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://kissjav.com/124660/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/124660/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 321056
last-modified: Tue, 22 Nov 2022 09:37:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OEV4m0BnRQdxbrYBfp8ilK7CZHfWwDAV1qxQjQnj6%2BUHR%2BvLQI61qnsPUzqJ0CLVQS%2BSMndWC2XVJk7vIrT3hYUFVU9%2BT4vFUV%2FWCaQJakVZ5%2BovIyNfa9zDKqG%2BB9%2BJ5Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99a946776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://www.tktube.com/videos/19134/fc2-ppv-1099298-20-3//title/myhash/3

172.64.128.21

200 OK

9.9 kB

URL HTTP/2
rz.nakadashi.pw/v/s://www.tktube.com/videos/19134/fc2-ppv-1099298-20-3//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
9.9 kB (9935 bytes)
Hash
038137936d5d105a80df279b4c29ed68
8b79baa104b59bc782402b0ebc6111a60682b9b1
57bf644badea3cd37ba6705c286007111353831af1fce17343791bb55cc2eb6a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://www.tktube.com/videos/19134/fc2-ppv-1099298-20-3//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.tktube.com/videos/19134/fc2-ppv-1099298-20-3//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/61/60/7d2853, lfm-1-28324, lmd-28324, lud-3824512, xfvlen-1969431, fsize-461268, played-5
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://www.tktube.com/videos/19134/fc2-ppv-1099298-20-3//title/myhash/3-A-rz.nakadashi.pw--ssdzone---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.tktube.com/videos/19134/fc2-ppv-1099298-20-3//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 2632
last-modified: Sat, 26 Nov 2022 02:04:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Id3p6k6TyOybzQJKOORcy6CReWg161jvB%2FhM70zUTq4q5LQJNhWG515h2g8UsAMf5S9BZjPgoIaiLh9dEy5fW1VqZnvAl%2BeqQRQwLaiU4k34d6oAjpcWRIsFqm9%2BziPjUOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b973776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cc8ffe7ceb.da1a0e7bb3.com/in/show/?mid=6186217800793857932&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1119740490&cid=12647&price=0.016750000249594454&is_cpm=0&cpm=0&ecpm=0.01649733720437542&crid=5713643&crtid=1c81c2cc33a9d6c8cd6172aeefa0077e&tcid=0&out_id=0&ver=8.5.1&ver_c=&refdom=&hostname=auc-inpage-hz-0-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1669517284&created_at=2022-11-26&is_native=1&auction_queue=0&burl=dlXUr_krIVu7EMQDSitKt3yxb_UguQ7QsCNbZY9kbD8yyPZfEb3ELA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7317050&adblock=0&auction_host=dch_ip&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0006738994375954412&placement_type_id=&skin_test=0&verify_hash=1c166d80988eb07aecdabc83d54cff7c&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3D%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0.016750000249594454&user_fp=0&v2_track=0&url=JKmzH3DqlL8FbeieBJV40_2jm6-VwznUF-gFwgqUgHylajU3FxsVrGrB61Z1jFUJOT79uMWM47QofG5Oqfy1JMS487mG90vTUB0uVtf4E9eEtg8AN_nURuthl6Bisv-0wMEJjZ9kEAN3E_xzUz4N8JqKb5Y5E6HJpJBgAshQlXE6Su5LIZCPc19OhcCbwK-W05Ajf8QJGxwwdw3I-JkXuSQE4X2R9ieMeafssN4fRbtRAQOgaHKrkCy_itYv989s3dHvgEjwBiLV-HqXeZVhKKBDYdhdTM46VlNtw-4MUqhvlzjkD31zdDY5J2-iUiAThYGrZep1_ftrHrdsykSP7j7Y8ixBRGde5fZZbSu_YIczdYdt4DXtI7MZ19RbXV3EaYczPG4rGvVMKGGxul7z8laR4wYTtAa-s_GS8UICHhtDPLYNQlw-3rJx_o5V7UHX2mZydFz-faqs4KWqvWMlH2_e4Qk1ZBcIYgqb8lyfSgLv5cj5BgGlDI4KqNMZh2iwnxMhfDTScy3hnBuy3RUqKqRtjGwk6C2xTJV2B_B6xRojgNVQfWXS8kBF5UH1AJc8DDZySKp1cynzL0BFuEFIyCqTHDpdS88KJkN9SwHkVZMeElKq6O6S5qVfzTcxyivCeleEEw5kKmTr129oiPaN4zj1DPHW1y4m3rHclDLUbWQgXUUqy6cAAi7Ac1_oIKQjafu5ng8GIo_5Is4nPQ_jpwNbreo6UfT7xhKlcCOXR4yYNyd5_tEGRk1tn8kCb63wCmRs-1oaewKOV78utku6iALMldjyyvuGcMtx1rsbdPhe5zOn13TndqH2DzCaQpMCVDmUoh54ghZIx1LCTKS8MwaTD74uVLj0RddAijdMZ0zT-2ZKXgqFl2x1ZMUm3MQOxOstxDUIX5h31J0Dbzv2OVSTMcf3bniTe-kA7yP0r3zh7F39HiGqUC_YbNO0jl5uCt0MoGBvGkKcZ9s2vPF-RDD6xbqhoiDv2k80N0F7WkkkUwtr_UOH7CtXFyvsIAbJdaAYpJzZTrzNLdJDdhVnL4HD1kJtCnJzYxV4HcM6dDcBOuyOCbNEqjX0hC1GZ1HycDW1l9TQthA4HkW1wT9D3UBsZe1_69HdM-GUrinX8ZyTr5VZNDeN9o9BYHnts3hH8g&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F3643%2F643%2Frect_626aadf074621t1651158512r522.png.webp&skin_id=2&vertical_id=0&real_bid=0.011073425165006893&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=Adult&format=default-slide-b_r-body&cpa=9e27f869-92de-4b8d-ac93-fd2e60468cf5

168.119.25.22

302 Found

0 B

URL HTTP/2
cc8ffe7ceb.da1a0e7bb3.com/in/show/?mid=6186217800793857932&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1119740490&cid=12647&price=0.016750000249594454&is_cpm=0&cpm=0&ecpm=0.01649733720437542&crid=5713643&crtid=1c81c2cc33a9d6c8cd6172aeefa0077e&tcid=0&out_id=0&ver=8.5.1&ver_c=&refdom=&hostname=auc-inpage-hz-0-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1669517284&created_at=2022-11-26&is_native=1&auction_queue=0&burl=dlXUr_krIVu7EMQDSitKt3yxb_UguQ7QsCNbZY9kbD8yyPZfEb3ELA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7317050&adblock=0&auction_host=dch_ip&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0006738994375954412&placement_type_id=&skin_test=0&verify_hash=1c166d80988eb07aecdabc83d54cff7c&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3D%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0.016750000249594454&user_fp=0&v2_track=0&url=JKmzH3DqlL8FbeieBJV40_2jm6-VwznUF-gFwgqUgHylajU3FxsVrGrB61Z1jFUJOT79uMWM47QofG5Oqfy1JMS487mG90vTUB0uVtf4E9eEtg8AN_nURuthl6Bisv-0wMEJjZ9kEAN3E_xzUz4N8JqKb5Y5E6HJpJBgAshQlXE6Su5LIZCPc19OhcCbwK-W05Ajf8QJGxwwdw3I-JkXuSQE4X2R9ieMeafssN4fRbtRAQOgaHKrkCy_itYv989s3dHvgEjwBiLV-HqXeZVhKKBDYdhdTM46VlNtw-4MUqhvlzjkD31zdDY5J2-iUiAThYGrZep1_ftrHrdsykSP7j7Y8ixBRGde5fZZbSu_YIczdYdt4DXtI7MZ19RbXV3EaYczPG4rGvVMKGGxul7z8laR4wYTtAa-s_GS8UICHhtDPLYNQlw-3rJx_o5V7UHX2mZydFz-faqs4KWqvWMlH2_e4Qk1ZBcIYgqb8lyfSgLv5cj5BgGlDI4KqNMZh2iwnxMhfDTScy3hnBuy3RUqKqRtjGwk6C2xTJV2B_B6xRojgNVQfWXS8kBF5UH1AJc8DDZySKp1cynzL0BFuEFIyCqTHDpdS88KJkN9SwHkVZMeElKq6O6S5qVfzTcxyivCeleEEw5kKmTr129oiPaN4zj1DPHW1y4m3rHclDLUbWQgXUUqy6cAAi7Ac1_oIKQjafu5ng8GIo_5Is4nPQ_jpwNbreo6UfT7xhKlcCOXR4yYNyd5_tEGRk1tn8kCb63wCmRs-1oaewKOV78utku6iALMldjyyvuGcMtx1rsbdPhe5zOn13TndqH2DzCaQpMCVDmUoh54ghZIx1LCTKS8MwaTD74uVLj0RddAijdMZ0zT-2ZKXgqFl2x1ZMUm3MQOxOstxDUIX5h31J0Dbzv2OVSTMcf3bniTe-kA7yP0r3zh7F39HiGqUC_YbNO0jl5uCt0MoGBvGkKcZ9s2vPF-RDD6xbqhoiDv2k80N0F7WkkkUwtr_UOH7CtXFyvsIAbJdaAYpJzZTrzNLdJDdhVnL4HD1kJtCnJzYxV4HcM6dDcBOuyOCbNEqjX0hC1GZ1HycDW1l9TQthA4HkW1wT9D3UBsZe1_69HdM-GUrinX8ZyTr5VZNDeN9o9BYHnts3hH8g&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F3643%2F643%2Frect_626aadf074621t1651158512r522.png.webp&skin_id=2&vertical_id=0&real_bid=0.011073425165006893&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=Adult&format=default-slide-b_r-body&cpa=9e27f869-92de-4b8d-ac93-fd2e60468cf5
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /in/show/?mid=6186217800793857932&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1119740490&cid=12647&price=0.016750000249594454&is_cpm=0&cpm=0&ecpm=0.01649733720437542&crid=5713643&crtid=1c81c2cc33a9d6c8cd6172aeefa0077e&tcid=0&out_id=0&ver=8.5.1&ver_c=&refdom=&hostname=auc-inpage-hz-0-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1669517284&created_at=2022-11-26&is_native=1&auction_queue=0&burl=dlXUr_krIVu7EMQDSitKt3yxb_UguQ7QsCNbZY9kbD8yyPZfEb3ELA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7317050&adblock=0&auction_host=dch_ip&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0006738994375954412&placement_type_id=&skin_test=0&verify_hash=1c166d80988eb07aecdabc83d54cff7c&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3D%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0.016750000249594454&user_fp=0&v2_track=0&url=JKmzH3DqlL8FbeieBJV40_2jm6-VwznUF-gFwgqUgHylajU3FxsVrGrB61Z1jFUJOT79uMWM47QofG5Oqfy1JMS487mG90vTUB0uVtf4E9eEtg8AN_nURuthl6Bisv-0wMEJjZ9kEAN3E_xzUz4N8JqKb5Y5E6HJpJBgAshQlXE6Su5LIZCPc19OhcCbwK-W05Ajf8QJGxwwdw3I-JkXuSQE4X2R9ieMeafssN4fRbtRAQOgaHKrkCy_itYv989s3dHvgEjwBiLV-HqXeZVhKKBDYdhdTM46VlNtw-4MUqhvlzjkD31zdDY5J2-iUiAThYGrZep1_ftrHrdsykSP7j7Y8ixBRGde5fZZbSu_YIczdYdt4DXtI7MZ19RbXV3EaYczPG4rGvVMKGGxul7z8laR4wYTtAa-s_GS8UICHhtDPLYNQlw-3rJx_o5V7UHX2mZydFz-faqs4KWqvWMlH2_e4Qk1ZBcIYgqb8lyfSgLv5cj5BgGlDI4KqNMZh2iwnxMhfDTScy3hnBuy3RUqKqRtjGwk6C2xTJV2B_B6xRojgNVQfWXS8kBF5UH1AJc8DDZySKp1cynzL0BFuEFIyCqTHDpdS88KJkN9SwHkVZMeElKq6O6S5qVfzTcxyivCeleEEw5kKmTr129oiPaN4zj1DPHW1y4m3rHclDLUbWQgXUUqy6cAAi7Ac1_oIKQjafu5ng8GIo_5Is4nPQ_jpwNbreo6UfT7xhKlcCOXR4yYNyd5_tEGRk1tn8kCb63wCmRs-1oaewKOV78utku6iALMldjyyvuGcMtx1rsbdPhe5zOn13TndqH2DzCaQpMCVDmUoh54ghZIx1LCTKS8MwaTD74uVLj0RddAijdMZ0zT-2ZKXgqFl2x1ZMUm3MQOxOstxDUIX5h31J0Dbzv2OVSTMcf3bniTe-kA7yP0r3zh7F39HiGqUC_YbNO0jl5uCt0MoGBvGkKcZ9s2vPF-RDD6xbqhoiDv2k80N0F7WkkkUwtr_UOH7CtXFyvsIAbJdaAYpJzZTrzNLdJDdhVnL4HD1kJtCnJzYxV4HcM6dDcBOuyOCbNEqjX0hC1GZ1HycDW1l9TQthA4HkW1wT9D3UBsZe1_69HdM-GUrinX8ZyTr5VZNDeN9o9BYHnts3hH8g&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F3643%2F643%2Frect_626aadf074621t1651158512r522.png.webp&skin_id=2&vertical_id=0&real_bid=0.011073425165006893&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=Adult&format=default-slide-b_r-body&cpa=9e27f869-92de-4b8d-ac93-fd2e60468cf5 HTTP/1.1
Host: cc8ffe7ceb.da1a0e7bb3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx/1.18.0
date: Sat, 26 Nov 2022 02:48:05 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s.viiqvmfb.com/n/1064/pniesyteaf6vuatoo57vayklmzta64kqavqh44srmreg2kwusewtqxrkojktkqdcmbmvw3qhmf7hqv3ejngkrwc2jh7mjfeytgxypk5nhf4w2csgd7rwscaqgseltzwl5pz4bevfkeilblv52vxufvu3uo5vkagml2zeqob2xwjjoy2imzsveocjzgv47vtufg4x6lkshbewsmswx52oculz3rjtfwliwpwup63avx5hb2rzs5rpev5es26vfnkviwhzquphk5cjyqtltvkz75efkxnfounwmbd47blksbefnasxjtzwaonikvmoasg3576oosebkhfit6eqjkatgv55jjrakkyq3m5dqvbyqhwdxbdp5blfheslnjtqkc73mpkznnojhkfwwgs7j5fwd4hbzxfqowb3rjedfishyfdwirqaluugd3srg2ehn2llam4es2jskzh3wxuypi7iaosjweyfjl2j4xn3pvkvzbfwzocvi5zfom2bg5vqqkhzgfk66seik7ifou4ijjqyuvmdu7pfdocxtdkpm2gckwjmlrxwpllfmo2oniz4ms6hmpyhzmfoxxkw7gssj35wlhhkr6azbrwvgdxextupwhrvncb4luhaogt2d4eaaqdanifcuokiaalqylibgswfn74grgvfbt2omxyh2vi=?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://kissjav.com/99068/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1185022-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B122-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E4%BD%9C%E5%93%81//title/myhash/3

172.64.128.21

200 OK

6.7 kB

URL HTTP/2
rz.nakadashi.pw/v/s://kissjav.com/99068/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1185022-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B122-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E4%BD%9C%E5%93%81//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
6.7 kB (6705 bytes)
Hash
7e34851ca1ec392729191210ab0bd244
16f558a3ab9a75ccc616e9fbb2de5f8485f02adb
8bc7b7e9514a073d75356ff8ae741d80a9ec560565e4c2623fabb86ffca4c250

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://kissjav.com/99068/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1185022-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B122-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E4%BD%9C%E5%93%81//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/99068/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1185022-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B122-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E4%BD%9C%E5%93%81//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/36/56/3478143, lfm-4-42704, lmd-42704, lud-4433850, xfvlen-2319978, fsize-765836, played-416
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/99068/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1185022-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B122-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E4%BD%9C%E5%93%81//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/99068/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1185022-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B122-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E4%BD%9C%E5%93%81//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 129991
last-modified: Thu, 24 Nov 2022 14:41:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9W7oT3VvRRJfnJX1WpAIVvNClhbpCbceO1133CFN%2F9wxLNHXclOsZ9MgVCVnN6E1sCGiQXV2UH2ebN8honk7CUYX85oEB%2F8QXtBT8ClUryEcBPf3FvoNnzsbRiKjWOM7sN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99a942776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

m.thisav.com/favicon.ico

104.27.205.87

200 OK

10 kB

URL HTTP/2
m.thisav.com/favicon.ico
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10052 bytes)
Hash
cd22c17665f587a87a7403b7b9f09eb9
f0795f4dc33f90423e4058d1febde17789e787aa
91f9098a764bcb302e91b8929852c7d52f439a4b6e1ce6ab824815a0b88c2987

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: m.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/x-icon
last-modified: Tue, 08 May 2018 04:55:14 GMT
etag: W/"5af12db2-32a"
cf-cache-status: HIT
age: 3883
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LP5iheOqms41abVH5Y2HsoUNfTsIkh%2FAY78MnVp8VIEIWPk%2B2MR83SSkUZAXU3M6uopQPVj%2FITaQ8UD%2BRoKR9a5Ys4LgZojnwuVy7WRnIDOf8srnKy3Qy5Q8gGSGag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d8ec986b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kissjav.li/media/videos/tmb/000/106/780/1.jpg

82.118.242.43

200 OK

9.3 kB

URL HTTP/1.1
kissjav.li/media/videos/tmb/000/106/780/1.jpg
IP
82.118.242.43:0
ASN
#201133 Verdina Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 256x144, components 3\012- data
Size
9.3 kB (9284 bytes)
Hash
4c685d970512c43f95fbba3689c54065
3f9be3662c3604d282dde10a1e9d8fe8eba3f612
39269670ee15ab39ba83a0d9bc9d3a55c97d7d6220d5aba89e022260dd5dc099

HTTP Headers

GET /media/videos/tmb/000/106/780/1.jpg HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 02:48:05 GMT
Content-Type: image/jpeg
Content-Length: 9284
Last-Modified: Sat, 18 Jan 2020 21:45:02 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5e237c5e-2444"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

rz.nakadashi.pw/v/s://www.tktube.com/videos/26645/fc2-ppv-1399264-b//title/myhash/3

172.64.128.21

200 OK

23 kB

URL HTTP/2
rz.nakadashi.pw/v/s://www.tktube.com/videos/26645/fc2-ppv-1399264-b//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
23 kB (23077 bytes)
Hash
aff1e302d2a9dfa214b8dbbdd6e4b489
b6fdeb3362748f9c819c2c5cc745809bee16ca90
10386a9245f868f133bbc1b0528ec5177c3930f4da335736192a738558318475

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://www.tktube.com/videos/26645/fc2-ppv-1399264-b//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.tktube.com/videos/26645/fc2-ppv-1399264-b//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/ce/05/bbe450, lfm-7-335629, lmd-335629, lud-2337978, xfvlen-1780022, fsize-796717, played-2
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.tktube.com/videos/26645/fc2-ppv-1399264-b//title/myhash/3-A-rz.nakadashi.pw--ssdzone---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.tktube.com/videos/26645/fc2-ppv-1399264-b//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 02:48:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYNby1%2FanmeEDzAtMXKBmiZOQT6qI6UxbMkm%2B2FjD7jmexwrc%2BQk7b6Q5XwR%2FkEwzd6xZ0MtRewyMchu0lsZPT4oAQy5ophuwINcg6BGwET7zddgIiYilbOEagh2NwSAfQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99a941776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ve14.pornve.com/i/03/00096/03n9apkkehi5_t.jpg

51.38.62.22

200 OK

13 kB

URL HTTP/1.1
ve14.pornve.com/i/03/00096/03n9apkkehi5_t.jpg
IP
51.38.62.22:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.4.100", baseline, precision 8, 350x200, components 3\012- data
Size
13 kB (13227 bytes)
Hash
2b702c4ced854ae3d1b03dd9a257b451
490b00e645da9df8f7676f0115d8632a3a249147
c49759e4c54d5c36e13d8500075390fb92929f14764a0807658541f02be48ada

HTTP Headers

GET /i/03/00096/03n9apkkehi5_t.jpg HTTP/1.1
Host: ve14.pornve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 02:48:05 GMT
Content-Type: image/jpeg
Content-Length: 13227
Last-Modified: Thu, 29 Oct 2020 04:57:05 GMT
Connection: keep-alive
ETag: "5f9a4ba1-33ab"
Expires: Sun, 26 Nov 2023 02:48:05 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9c91234f1b7185a8da0ce81c9929563f
e1ca8aea61ba5783c7bc41f208a60058e1238d76
cf4745263b978400fc5802899a7965a8220619dc090eb7702c93be82893f1592

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6200
Cache-Control: max-age=114976
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:05 GMT
Etag: "6380844d-117"
Expires: Sun, 27 Nov 2022 10:44:21 GMT
Last-Modified: Fri, 25 Nov 2022 09:01:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9c91234f1b7185a8da0ce81c9929563f
e1ca8aea61ba5783c7bc41f208a60058e1238d76
cf4745263b978400fc5802899a7965a8220619dc090eb7702c93be82893f1592

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6200
Cache-Control: max-age=114976
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:05 GMT
Etag: "6380844d-117"
Expires: Sun, 27 Nov 2022 10:44:21 GMT
Last-Modified: Fri, 25 Nov 2022 09:01:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

rz.nakadashi.pw/v/s://javtube.net/81393/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3

172.64.128.21

200 OK

9.1 kB

URL HTTP/2
rz.nakadashi.pw/v/s://javtube.net/81393/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
9.1 kB (9116 bytes)
Hash
8b38b30557a4d6547ca0c0ae91f38870
8338ab7ad45820adfda370d869e1505efc61d8ff
78301b963bef2b505fd724edbfd81ad2d3de39315c744f0cd014d8cd63297cae

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://javtube.net/81393/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://javtube.net/81393/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/58/67/f681124, lfm-1-9795, lmd-9796, lud-567258, xfvlen-2623393, fsize-568091, played-25
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://javtube.net/81393/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--ssdzone---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://javtube.net/81393/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1202126-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B129-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E7%89%B9%E5%85%B8%E9%99%90%E5%AE%9A%E5%8B%95%E7%94%BB//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 375482
last-modified: Mon, 21 Nov 2022 18:30:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6aDXCbPx5ewmFrII%2BZ%2BCsk2JCLUeda8NaS6wznveVxNrT1X2tEEE2DY1muPdjwRQkw34usOfJ2vgqpkSqjhZDI6zVUgVG95ICIM8Fn2ys1Tkr6cqYLjqaXmxLj6gD1A%2FDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b95e776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kissjav.li/media/videos/tmb/000/118/723/1.jpg

82.118.242.43

200 OK

7.3 kB

URL HTTP/1.1
kissjav.li/media/videos/tmb/000/118/723/1.jpg
IP
82.118.242.43:0
ASN
#201133 Verdina Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 256x144, components 3\012- data
Size
7.3 kB (7296 bytes)
Hash
86c039252d064ea352429cc31576b6b5
3fd7b2c8a4cf1264dd408037e6842d7d62281c36
25f3b60e8fce01c383be8dabe51069f3bff59e41514ec430fc5711a35a428bbc

HTTP Headers

GET /media/videos/tmb/000/118/723/1.jpg HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 02:48:06 GMT
Content-Type: image/jpeg
Content-Length: 7296
Last-Modified: Tue, 16 Jun 2020 19:27:02 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5ee91d06-1c80"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

kissjav.li/media/videos/tmb/000/118/722/1.jpg

82.118.242.43

200 OK

7.5 kB

URL HTTP/1.1
kissjav.li/media/videos/tmb/000/118/722/1.jpg
IP
82.118.242.43:0
ASN
#201133 Verdina Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 256x144, components 3\012- data
Size
7.5 kB (7485 bytes)
Hash
5061085c2db463c5938f58a0755841ba
056a47ad3fc954ca42776c64ef9a71716bf80448
5d15cd22f0e09be26a04b0e94f9b20474cc91f8fe778fe6c65c0b3bd56fb5cdf

HTTP Headers

GET /media/videos/tmb/000/118/722/1.jpg HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 02:48:06 GMT
Content-Type: image/jpeg
Content-Length: 7485
Last-Modified: Tue, 16 Jun 2020 19:21:02 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5ee91b9e-1d3d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9c91234f1b7185a8da0ce81c9929563f
e1ca8aea61ba5783c7bc41f208a60058e1238d76
cf4745263b978400fc5802899a7965a8220619dc090eb7702c93be82893f1592

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6201
Cache-Control: max-age=114976
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:06 GMT
Etag: "6380844d-117"
Expires: Sun, 27 Nov 2022 10:44:22 GMT
Last-Modified: Fri, 25 Nov 2022 09:01:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

kissjav.li/media/videos/tmb/000/124/651/1.jpg

82.118.242.43

200 OK

9.4 kB

URL HTTP/1.1
kissjav.li/media/videos/tmb/000/124/651/1.jpg
IP
82.118.242.43:0
ASN
#201133 Verdina Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 256x144, components 3\012- data
Size
9.4 kB (9371 bytes)
Hash
57650a4c3272a29af4087bdd11b70d9a
b76a8ef2f1fc9cdc5e5001e8faba31e70030fa05
1dc788c46af797d7cb493dfb5380f5fe00935704881b9a239ea9783dffe23b4b

HTTP Headers

GET /media/videos/tmb/000/124/651/1.jpg HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 02:48:06 GMT
Content-Type: image/jpeg
Content-Length: 9371
Last-Modified: Sun, 27 Sep 2020 16:45:02 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5f70c18e-249b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

kissjav.li/media/videos/tmb/000/104/171/1.jpg

82.118.242.43

200 OK

8.7 kB

URL HTTP/1.1
kissjav.li/media/videos/tmb/000/104/171/1.jpg
IP
82.118.242.43:0
ASN
#201133 Verdina Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 256x144, components 3\012- data
Size
8.7 kB (8727 bytes)
Hash
f6b9c79dc60e0f318e985fd672db26cf
f535e6f515ac9df6cd94e318c6c0ca3db39056d3
4c1b37a287305d0b54268165511067f8abb1f4e2b7c900ba3982fc18b91faa77

HTTP Headers

GET /media/videos/tmb/000/104/171/1.jpg HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 02:48:06 GMT
Content-Type: image/jpeg
Content-Length: 8727
Last-Modified: Fri, 20 Dec 2019 23:53:02 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5dfd5ede-2217"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
e7134e10b179b79bb120a0e283c8ff7c
2a4d0be0ad62715abb19c4a97f1c804fa452db8c
2b9e4b4c062b6917d29a1491ff3485c6528558603020ff4f2bb452f84ac540cd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2B9E4B4C062B6917D29A1491FF3485C6528558603020FF4F2BB452F84AC540CD"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=247
Expires: Sat, 26 Nov 2022 02:52:13 GMT
Date: Sat, 26 Nov 2022 02:48:06 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9c91234f1b7185a8da0ce81c9929563f
e1ca8aea61ba5783c7bc41f208a60058e1238d76
cf4745263b978400fc5802899a7965a8220619dc090eb7702c93be82893f1592

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6201
Cache-Control: max-age=114976
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:06 GMT
Etag: "6380844d-117"
Expires: Sun, 27 Nov 2022 10:44:22 GMT
Last-Modified: Fri, 25 Nov 2022 09:01:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9c91234f1b7185a8da0ce81c9929563f
e1ca8aea61ba5783c7bc41f208a60058e1238d76
cf4745263b978400fc5802899a7965a8220619dc090eb7702c93be82893f1592

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5459
Cache-Control: max-age=114234
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:06 GMT
Etag: "6380844d-117"
Expires: Sun, 27 Nov 2022 10:32:00 GMT
Last-Modified: Fri, 25 Nov 2022 09:01:01 GMT
Server: ECS (amb/6BB4)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c36207244507e0bbc87a5cc320a68fd7
0ac505ff2027f829304411099c732039b1178cc8
ed76f66953f380a612c4495145db5e8d9b536e4d96e7f5cf6d7718e158773b16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED76F66953F380A612C4495145DB5E8D9B536E4D96E7F5CF6D7718E158773B16"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15787
Expires: Sat, 26 Nov 2022 07:11:13 GMT
Date: Sat, 26 Nov 2022 02:48:06 GMT
Connection: keep-alive

tb-lb.sb-cd.com/t/7908026/7/9/w:500/t2-enh/fc2ppv-1132613.jpg

104.18.200.68

200 OK

17 kB

URL HTTP/2
tb-lb.sb-cd.com/t/7908026/7/9/w:500/t2-enh/fc2ppv-1132613.jpg
IP
104.18.200.68:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
17 kB (16972 bytes)
Hash
eed894461e3927307f820842ce1be1f4
34622310b88a7822960bbabd57ad5afa4271c90a
36d1e9f3bf41852fccd4c168089fc5bbe9122bf90257327c7a49a1149cd28298

HTTP Headers

GET /t/7908026/7/9/w:500/t2-enh/fc2ppv-1132613.jpg HTTP/1.1
Host: tb-lb.sb-cd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:06 GMT
content-type: image/webp
content-length: 16972
cache-control: max-age=31536000, public
cf-bgj: imgq:85,h2pri,csam-hash
cf-polished: qual=85, origFmt=jpeg, origSize=20981
content-disposition: inline; filename="fc2ppv-1132613.webp"
vary: Accept
x-cache-status: HIT
x-request-id: ncgus_QuVOJ6PUOn_5ERJ
last-modified: Sat, 26 Nov 2022 01:31:09 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=JoYIi0DD3NEfYRHbVnDvfTogZovYnlSDm2t5vqeLuLg-1669430886-0-AUlpQZRZzsvUuu28IKAcwSBnCDR2TIq6d3lFmwiD9UYvitMgVfVPTudn9mn1khOeADJc0DAVHB/BseS3FJBl0Go=; path=/; expires=Sat, 26-Nov-22 03:18:06 GMT; domain=.sb-cd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76ff4d9d686cb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ve11.pornve.com/i/01/00082/z4tr3otgl5cl_t.jpg

51.38.54.145

200 OK

16 kB

URL HTTP/1.1
ve11.pornve.com/i/01/00082/z4tr3otgl5cl_t.jpg
IP
51.38.54.145:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Lavc57.4.100", baseline, precision 8, 350x200, components 3\012- data
Size
16 kB (16437 bytes)
Hash
a194b5fb7ed983102aed266014d431de
2d9cc2cb7c044294e256951a0c8c4791c54d5533
b5666298a2d6741d2c3039747fba7485ce302e49d871c5ed9e4192aea37d9c8f

HTTP Headers

GET /i/01/00082/z4tr3otgl5cl_t.jpg HTTP/1.1
Host: ve11.pornve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 02:48:06 GMT
Content-Type: image/jpeg
Content-Length: 16437
Last-Modified: Wed, 12 Feb 2020 22:23:09 GMT
Connection: keep-alive
ETag: "5e447acd-4035"
Expires: Sun, 26 Nov 2023 02:48:06 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

tb-lb.sb-cd.com/t/7908026/7/9/w:500/t4-enh/fc2ppv-1132613.jpg

104.18.200.68

200 OK

19 kB

URL HTTP/2
tb-lb.sb-cd.com/t/7908026/7/9/w:500/t4-enh/fc2ppv-1132613.jpg
IP
104.18.200.68:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
19 kB (18816 bytes)
Hash
15af37e292020a6fc3b4177d84959405
753865bbc574f8f0fc578850f84c99b84738aa62
ddb3ad49dfa36f2804ba7341f26e322c645b3f18bf03ed5e19849a34517a8a0e

HTTP Headers

GET /t/7908026/7/9/w:500/t4-enh/fc2ppv-1132613.jpg HTTP/1.1
Host: tb-lb.sb-cd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:06 GMT
content-type: image/webp
content-length: 18816
cache-control: max-age=31536000, public
cf-bgj: imgq:85,h2pri,csam-hash
cf-polished: qual=85, origFmt=jpeg, origSize=22316
content-disposition: inline; filename="fc2ppv-1132613.webp"
vary: Accept
x-cache-status: HIT
x-request-id: fAj7i82f3o8i3lnWJAB0A
last-modified: Fri, 25 Nov 2022 22:55:06 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=kf2.z6gfF2TLwKYXkAE.ppH3kl1zdy8.MTbguE0rfNA-1669430886-0-AZD5C9bcBf7TALc9/zKKq63xiXoh17LF1nIBIzGbssXcL8d10U9iFMeA2pWeG2SFQMaAz1hOrntF507EPxokroA=; path=/; expires=Sat, 26-Nov-22 03:18:06 GMT; domain=.sb-cd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76ff4d9d7873b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

i.cdnkimg.com/auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp

45.133.44.37

200 OK

10 kB

URL HTTP/2
i.cdnkimg.com/auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp
IP
45.133.44.37:0
ASN
#39572 DataWeb Global Group B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
10 kB (10348 bytes)
Hash
68329d624a42af6145117bed5c9a2f03
4439b8d8b7e2dc706b5e9a417852bf16e6eb17dd
ede7a9f931abc7e53d07dbf4a82e992cfc38ebb280158f7fa4d12d00cab03bc6

HTTP Headers

GET /auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:06 GMT
content-type: image/webp
content-length: 10348
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Sat, 10 Dec 2022 02:48:06 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a63a3976c90da3893466023222f44011
90b5aff83fe2fc8b4f23aadd39dac7f9a1094446
591680fbc4b3ec3e9b72f598522bf8d5c3aedd25e9329928854f4586c918bcec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "591680FBC4B3EC3E9B72F598522BF8D5C3AEDD25E9329928854F4586C918BCEC"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18614
Expires: Sat, 26 Nov 2022 07:58:20 GMT
Date: Sat, 26 Nov 2022 02:48:06 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9c91234f1b7185a8da0ce81c9929563f
e1ca8aea61ba5783c7bc41f208a60058e1238d76
cf4745263b978400fc5802899a7965a8220619dc090eb7702c93be82893f1592

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6201
Cache-Control: max-age=114976
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:48:06 GMT
Etag: "6380844d-117"
Expires: Sun, 27 Nov 2022 10:44:22 GMT
Last-Modified: Fri, 25 Nov 2022 09:01:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
e7134e10b179b79bb120a0e283c8ff7c
2a4d0be0ad62715abb19c4a97f1c804fa452db8c
2b9e4b4c062b6917d29a1491ff3485c6528558603020ff4f2bb452f84ac540cd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2B9E4B4C062B6917D29A1491FF3485C6528558603020FF4F2BB452F84AC540CD"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7319
Expires: Sat, 26 Nov 2022 04:50:05 GMT
Date: Sat, 26 Nov 2022 02:48:06 GMT
Connection: keep-alive

rz.nakadashi.pw/v/s://jp.xero.porn/video/urpfv41vqpj4mlre101895/title/myhash/3

172.64.128.21

200 OK

16 kB

URL HTTP/2
rz.nakadashi.pw/v/s://jp.xero.porn/video/urpfv41vqpj4mlre101895/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
16 kB (16200 bytes)
Hash
fc227f3782fa7863dfe7fc1c6ad255b1
408ca9dd45068ef05f28756aac3cdfc0d1121154
e4bc58de06104735db9e8c5737f79412ea51bb661bec11f08f1ce773f781d67b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://jp.xero.porn/video/urpfv41vqpj4mlre101895/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://jp.xero.porn/video/urpfv41vqpj4mlre101895/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/38/23/b47045, lfm-1-20100, lmd-20100, lud-3996951, xfvlen-2790636, fsize-783460, played-318
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://jp.xero.porn/video/urpfv41vqpj4mlre101895/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://jp.xero.porn/video/urpfv41vqpj4mlre101895/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 2632
last-modified: Sat, 26 Nov 2022 02:04:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBRbrWwhtUKD5t%2BWEpff7ckyEOIFqHryGPqDP4IGDt55kdktIzRrOqveWO2Acmw7is3wt0mppUyVkdTg9cTaXsP15nPyQ6vzNRXsQEqRCUX9zar7YnysLOzSAcPnV3oNqMo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b96b776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s.viiqvmfb.com/n/1064/pniesyteaf6vuatoo57vayklmzta64kqavqh44srmreg2kwusewtqxrkojktkqdcmbmvw3qhmf7hqv3ejngkrwc2jh7mjfeytgxypk5nhf4w2csgd7rwscaqgseltzwl5pz4bevfkeilblv52vxufvu3uo5vkagml2zeqob2xwjjoy2imzsveocjzgv47vtufg4x6lkshbewsmswx52oculz3rjtfwliwpwup63avx5hb2rzs5rpev5es26vfnkviwhzquphk5cjyqtltvkz75efkxnfounwmbd47blksbefnasxjtzwaonikvmoasg3576oosebkhfit6eqjkatgv55jjrakkyq3m5dqvbyqhwdxbdp5blfheslnjtqkc73mpkznnojhkfwwgs7j5fwd4hbzxfqowb3rjedfishyfdwirqaluugd3srg2ehn2llam4es2jskzh3wxuypi7iaosjweyfjl2j4xn3pvkvzbfwzocvi5zfom2bg5vqqkhzgfk66seik7ifou4ijjqyuvmdu7pfdocxtdkpm2gckwjmlrxwpllfmo2oniz4ms6hmpyhzmfoxxkw7gssj35wlhhkr6azbrwvgdxextupwhrvncb4luhaogt2d4eaaqdanifcuokiaalqylibgswfn74grgvfbt2omxyh2vi=?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp

185.196.197.130

302 Found

0 B

URL HTTP/2
s.viiqvmfb.com/n/1064/pniesyteaf6vuatoo57vayklmzta64kqavqh44srmreg2kwusewtqxrkojktkqdcmbmvw3qhmf7hqv3ejngkrwc2jh7mjfeytgxypk5nhf4w2csgd7rwscaqgseltzwl5pz4bevfkeilblv52vxufvu3uo5vkagml2zeqob2xwjjoy2imzsveocjzgv47vtufg4x6lkshbewsmswx52oculz3rjtfwliwpwup63avx5hb2rzs5rpev5es26vfnkviwhzquphk5cjyqtltvkz75efkxnfounwmbd47blksbefnasxjtzwaonikvmoasg3576oosebkhfit6eqjkatgv55jjrakkyq3m5dqvbyqhwdxbdp5blfheslnjtqkc73mpkznnojhkfwwgs7j5fwd4hbzxfqowb3rjedfishyfdwirqaluugd3srg2ehn2llam4es2jskzh3wxuypi7iaosjweyfjl2j4xn3pvkvzbfwzocvi5zfom2bg5vqqkhzgfk66seik7ifou4ijjqyuvmdu7pfdocxtdkpm2gckwjmlrxwpllfmo2oniz4ms6hmpyhzmfoxxkw7gssj35wlhhkr6azbrwvgdxextupwhrvncb4luhaogt2d4eaaqdanifcuokiaalqylibgswfn74grgvfbt2omxyh2vi=?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp
IP
185.196.197.130:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /n/1064/pniesyteaf6vuatoo57vayklmzta64kqavqh44srmreg2kwusewtqxrkojktkqdcmbmvw3qhmf7hqv3ejngkrwc2jh7mjfeytgxypk5nhf4w2csgd7rwscaqgseltzwl5pz4bevfkeilblv52vxufvu3uo5vkagml2zeqob2xwjjoy2imzsveocjzgv47vtufg4x6lkshbewsmswx52oculz3rjtfwliwpwup63avx5hb2rzs5rpev5es26vfnkviwhzquphk5cjyqtltvkz75efkxnfounwmbd47blksbefnasxjtzwaonikvmoasg3576oosebkhfit6eqjkatgv55jjrakkyq3m5dqvbyqhwdxbdp5blfheslnjtqkc73mpkznnojhkfwwgs7j5fwd4hbzxfqowb3rjedfishyfdwirqaluugd3srg2ehn2llam4es2jskzh3wxuypi7iaosjweyfjl2j4xn3pvkvzbfwzocvi5zfom2bg5vqqkhzgfk66seik7ifou4ijjqyuvmdu7pfdocxtdkpm2gckwjmlrxwpllfmo2oniz4ms6hmpyhzmfoxxkw7gssj35wlhhkr6azbrwvgdxextupwhrvncb4luhaogt2d4eaaqdanifcuokiaalqylibgswfn74grgvfbt2omxyh2vi=?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp HTTP/1.1
Host: s.viiqvmfb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.19.0
date: Sat, 26 Nov 2022 02:48:06 GMT
content-length: 0
location: https://i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp
X-Firefox-Spdy: h2

tb-lb.sb-cd.com/t/7908026/7/9/w:500/t9-enh/fc2ppv-1132613.jpg

104.18.200.68

200 OK

15 kB

URL HTTP/2
tb-lb.sb-cd.com/t/7908026/7/9/w:500/t9-enh/fc2ppv-1132613.jpg
IP
104.18.200.68:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
15 kB (14658 bytes)
Hash
344add307cbad7690af8f3fa6b562cdd
bf92dbf46a689dfe627e11bd79d89cbdf4b5f3a3
56c62c6092d580afc39484671ec97975e9ce35cccbaa1bbe9121f00de3d7c6c2

HTTP Headers

GET /t/7908026/7/9/w:500/t9-enh/fc2ppv-1132613.jpg HTTP/1.1
Host: tb-lb.sb-cd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:06 GMT
content-type: image/webp
content-length: 14658
cache-control: max-age=31536000, public
cf-bgj: imgq:85,h2pri,csam-hash
cf-polished: qual=85, origFmt=jpeg, origSize=18847
content-disposition: inline; filename="fc2ppv-1132613.webp"
vary: Accept
x-cache-status: HIT
x-request-id: GNUdceTaJTxfzv3DPM_YX
last-modified: Fri, 25 Nov 2022 22:55:06 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=LHOBuK88QTRbLQIUqdfVRniSAS0S4n3E.xxVSXx1SLk-1669430886-0-ATCT06YnNprdT69uq6i0VrjgfB4sjeJEcZZniRvCaFqD1XXIjOwwh1XBvg1iI3dxFA20retTqxynFwLvVjzX2QY=; path=/; expires=Sat, 26-Nov-22 03:18:06 GMT; domain=.sb-cd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76ff4d9e08b8b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp

88.198.136.234

200 OK

590 B

URL HTTP/2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP
88.198.136.234:0
ASN
#24940 Hetzner Online GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
590 B (590 bytes)
Hash
debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579

HTTP Headers

GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 26 Nov 2022 02:48:06 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp

45.133.44.37

200 OK

7.7 kB

URL HTTP/2
i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp
IP
45.133.44.37:0
ASN
#39572 DataWeb Global Group B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
7.7 kB (7712 bytes)
Hash
311dea4d14f115d233335c6e836384b4
8b92a31d5f07440ea67469f1b2827fe1bde271e4
8136f9d883af8abb2895a1c5946063fc41ed4b3a7f7226ffe2f49e49a3d0c961

HTTP Headers

GET /auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:06 GMT
content-type: image/webp
content-length: 7712
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Sat, 10 Dec 2022 02:48:06 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0870b011b9fd2f6fdb8eb3196c09d850
ea5c26da685a7452a3971e549418bd998510c6f1
1b6eddebd069c86e6c43de55d21c4ab6e4f087cfa70d9a48ab42a28e49216b3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B6EDDEBD069C86E6C43DE55D21C4AB6E4F087CFA70D9A48AB42A28E49216B3E"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5378
Expires: Sat, 26 Nov 2022 04:17:44 GMT
Date: Sat, 26 Nov 2022 02:48:06 GMT
Connection: keep-alive

tb-lb.sb-cd.com/t/7908026/7/9/w:500/t6-enh/fc2ppv-1132613.jpg

104.18.200.68

200 OK

15 kB

URL HTTP/2
tb-lb.sb-cd.com/t/7908026/7/9/w:500/t6-enh/fc2ppv-1132613.jpg
IP
104.18.200.68:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
15 kB (15238 bytes)
Hash
9a02a55a173453ed689203729e47399a
8ee700a729de919a3b7227c347c200e37d0de75b
51149abd3cc0a607d8ddef728fbb60ef6d709ced23d4925709ba392da772b817

HTTP Headers

GET /t/7908026/7/9/w:500/t6-enh/fc2ppv-1132613.jpg HTTP/1.1
Host: tb-lb.sb-cd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:06 GMT
content-type: image/webp
content-length: 15238
cache-control: max-age=31536000, public
cf-bgj: imgq:85,h2pri,csam-hash
cf-polished: qual=85, origFmt=jpeg, origSize=20013
content-disposition: inline; filename="fc2ppv-1132613.webp"
vary: Accept
x-cache-status: HIT
x-request-id: tzaQrEhxkpBYgo7OCx7Cj
last-modified: Wed, 23 Nov 2022 09:07:12 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=j.Y8KSK61udwwzucsIkp4CqLEsDOPdTxUSKzUchu8Do-1669430886-0-AdO4DHfs+/q8hIeKwzdjdJS1JMbE1NUXsoBmJs3AaYkbaVLYMRfElxh99uc1pLGRp8MUUhSNjg+ARX6g/0yZmSg=; path=/; expires=Sat, 26-Nov-22 03:18:06 GMT; domain=.sb-cd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76ff4d9e08b5b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-1.ggjav.com/media/video/large_98649.jpg

51.79.204.224

200 OK

82 kB

URL HTTP/1.1
cdn-1.ggjav.com/media/video/large_98649.jpg
IP
51.79.204.224:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 960x540, components 3\012- data
Size
82 kB (81584 bytes)
Hash
d8bb1c5da07c659677af8a5b2e44653d
55b0c831da29a1dc2c60fb47a6f84f6f4ab83536
804830662d991b201ceffd3f7c01c44e2a6573bb516db8be50d778439c5c3a05

HTTP Headers

GET /media/video/large_98649.jpg HTTP/1.1
Host: cdn-1.ggjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 26 Nov 2022 02:48:06 GMT
Content-Type: image/jpeg
Content-Length: 81584
Last-Modified: Wed, 05 May 2021 18:42:39 GMT
Connection: keep-alive
ETag: "6092e71f-13eb0"
Expires: Mon, 26 Dec 2022 02:48:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

cdn-1.ggjav.com/media/video/large_127759.jpg

51.79.204.224

200 OK

79 kB

URL HTTP/1.1
cdn-1.ggjav.com/media/video/large_127759.jpg
IP
51.79.204.224:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 960x540, components 3\012- data
Size
79 kB (78679 bytes)
Hash
be12b8664782a1a1017ce39f82a7a1ef
0973600f6a27a2d847a02b5bf48ec7275f94876a
987251c9bf1ea084db10ccd05e1ed8713ce9e8bbda2abdf4fdefe33cddc30ec9

HTTP Headers

GET /media/video/large_127759.jpg HTTP/1.1
Host: cdn-1.ggjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 26 Nov 2022 02:48:06 GMT
Content-Type: image/jpeg
Content-Length: 78679
Last-Modified: Wed, 05 May 2021 17:31:55 GMT
Connection: keep-alive
ETag: "6092d68b-13357"
Expires: Mon, 26 Dec 2022 02:48:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

rz.nakadashi.pw/v/s://jp.xero.porn/video/b48tfg2a80m3i1pt188276/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://jp.xero.porn/video/b48tfg2a80m3i1pt188276/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://jp.xero.porn/video/b48tfg2a80m3i1pt188276/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://jp.xero.porn/video/b48tfg2a80m3i1pt188276/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/3c/29/b38a45, lfm-1-21102, lmd-21102, lud-204739, xfvlen-1419869, fsize-351581, played-32
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://jp.xero.porn/video/b48tfg2a80m3i1pt188276/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://jp.xero.porn/video/b48tfg2a80m3i1pt188276/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 321057
last-modified: Tue, 22 Nov 2022 09:37:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rmvXobRJLw5d3czZuFAnhrLC2wqtW7Z01kBReaTyohD99ta8NNtOqZhBSfRY5NXyHPul26IPDT35OymYPdhxEfH6jvTKxi1XQ3lMtgSOPEbiDcZSlGHtjHMECZGydqUV2s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b964776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://jp.xero.porn/video/iw1m4csxjfqsad4p130402/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://jp.xero.porn/video/iw1m4csxjfqsad4p130402/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://jp.xero.porn/video/iw1m4csxjfqsad4p130402/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://jp.xero.porn/video/iw1m4csxjfqsad4p130402/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/59/c1/026b45, lfm-1-2587, lmd-2587, lud-741513, xfvlen-2323804, fsize-843813, played-97
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://jp.xero.porn/video/iw1m4csxjfqsad4p130402/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://jp.xero.porn/video/iw1m4csxjfqsad4p130402/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 2632
last-modified: Sat, 26 Nov 2022 02:04:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGs1iofPW9Q%2FQkGscf1VHPgs228ET5orZm3PUG6NFg3Ue%2BwvU4YAYGwzi%2Brww6FU2Q07ydyQYGYszS4BefMHcfvPjA3F0vRjMh7kDi69cL3V%2FmYq4UB4P6DXBIZ%2BJRsUuCE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b96d776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://javfan.one/uncensored/254262//title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://javfan.one/uncensored/254262//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://javfan.one/uncensored/254262//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://javfan.one/uncensored/254262//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/ae/8d/242e33, lfm-1-10862, lmd-10862, lud-604913, xfvlen-2728967, fsize-755470, played-24
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://javfan.one/uncensored/254262//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://javfan.one/uncensored/254262//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 249938
last-modified: Wed, 23 Nov 2022 05:22:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFfsgtJLW0tEmmF0mitBd2CNfTi%2FXPn0SQhQRHxw0PFPmzbj8%2FTZRZ9Cuuu%2BudKyTPn%2BMwGv%2Bf4HOmRGO2xDxYnTSzKZMz%2F4HzWS2n9bL7dFgt1Dk8CXE0hQdSI0H%2Bry7xU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b96f776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://en.ero-video.net/movie/?mcd=ZKnITRCTOXVj2i8c/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://en.ero-video.net/movie/?mcd=ZKnITRCTOXVj2i8c/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://en.ero-video.net/movie/?mcd=ZKnITRCTOXVj2i8c/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://en.ero-video.net/movie/?mcd=ZKnITRCTOXVj2i8c/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/ff/37/b3ed48, lfm-1-9927, lmd-9927, lud-163148, xfvlen-2473744, fsize-682004, played-12
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://en.ero-video.net/movie/?mcd=ZKnITRCTOXVj2i8c/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://en.ero-video.net/movie/?mcd=ZKnITRCTOXVj2i8c/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 2632
last-modified: Sat, 26 Nov 2022 02:04:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FCVhdDyhfDmO6HNxg7ovJNFdGNqysif4nUYVdb74n3u9KbzKax5LnfB61a1e9nj1bsOMtjY9OZvGih4bQCyIxYJNWQenNerBTvtUTXG1Blk9hP%2FopSwvfazE9T2nJowc%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b96e776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://jp.xero.porn/video/u23wspm0l31nh333154643/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://jp.xero.porn/video/u23wspm0l31nh333154643/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://jp.xero.porn/video/u23wspm0l31nh333154643/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://jp.xero.porn/video/u23wspm0l31nh333154643/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/e0/99/e98645, lfm-1-5641, lmd-5641, lud-6808369, xfvlen-2313380, fsize-740243, played-523
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://jp.xero.porn/video/u23wspm0l31nh333154643/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://jp.xero.porn/video/u23wspm0l31nh333154643/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 321057
last-modified: Tue, 22 Nov 2022 09:37:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgmHZqHhhs5E177ic1WheCGeqDAZW0SAg7HHePkO%2FvSGx%2FVJ%2BrFsolZ0Z6nvI1COHk8AK6ukv2jiUUdThUmCFBSCo%2BcZwbUHtY4fdzHymeczZH48VQ68h8eQ4HqKt0OPwJA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b97f776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/21.webp

23.237.196.74

302 Found

0 B

URL HTTP/2
cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/21.webp
IP
23.237.196.74:0
ASN
#174 COGENT-174

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /t/1572488206_424249_692778.flv.mp4/450x338/21.webp HTTP/1.1
Host: cdnmedia4.ero-video.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx/1.18.0
date: Sat, 26 Nov 2022 02:48:06 GMT
content-type: text/html; charset=UTF-8
location: https://cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/21.webp
x-powered-by: PHP/7.2.24
X-Firefox-Spdy: h2

cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/4.webp

23.237.196.74

302 Found

0 B

URL HTTP/2
cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/4.webp
IP
23.237.196.74:0
ASN
#174 COGENT-174

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /t/1572488206_424249_692778.flv.mp4/450x338/4.webp HTTP/1.1
Host: cdnmedia4.ero-video.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx/1.18.0
date: Sat, 26 Nov 2022 02:48:06 GMT
content-type: text/html; charset=UTF-8
location: https://cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/4.webp
x-powered-by: PHP/7.2.24
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://pornve.com/03n9apkkehi5/FC2PPV_1510547_B__.html/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://pornve.com/03n9apkkehi5/FC2PPV_1510547_B__.html/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://pornve.com/03n9apkkehi5/FC2PPV_1510547_B__.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://pornve.com/03n9apkkehi5/FC2PPV_1510547_B__.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/9d/d0/98ef51, lfm-1-8461, lmd-8461, lud-2441092, xfvlen-1727030, fsize-517472, played-32
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://pornve.com/03n9apkkehi5/FC2PPV_1510547_B__.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://pornve.com/03n9apkkehi5/FC2PPV_1510547_B__.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 02:48:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BqavSxWqqIdRct%2BwmEFTqOyYWykTspU69GpUSEnogakwchAFZK%2FcZiJyBJ1mD28TWzN0Op4cuEOEnW6%2BePNj82MhZBP%2BYucHNMN312SMtkBDsZJ7KzdxxBWEJTWZINsgcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b97d776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

yavtube.com/favicon.ico

104.21.233.216

200 OK

0 B

URL HTTP/2
yavtube.com/favicon.ico
IP
104.21.233.216:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: yavtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/x-icon
last-modified: Fri, 15 Oct 2021 07:28:16 GMT
etag: W/"61692d90-81d"
cf-cache-status: HIT
age: 961
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5X2RTJ58JuZ1ghN0SYvntl%2FW5qIMmQTBJWDLQOqoEt60VrBBMiICQcjsr2OvtNgLg8kg7BioE4SMsSsbtvfh%2Fl8%2BBr67MhZRcQU3CvTFXsDKCmqLrriCMVHwALtpVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76ff4d8f4dc2dd3f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e3d5e80fdb.8659c84895.com/a62aeb182151cbf0807b92d6894b4c0f/23782?version_name=a

45.133.44.24

200 OK

0 B

URL HTTP/2
e3d5e80fdb.8659c84895.com/a62aeb182151cbf0807b92d6894b4c0f/23782?version_name=a
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /a62aeb182151cbf0807b92d6894b4c0f/23782?version_name=a HTTP/1.1
Host: e3d5e80fdb.8659c84895.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Sat, 26 Nov 2022 02:53:03 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://kissjav.com/103386/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1220150-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B136-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E3%82%A2%E3%83%B3%E3%82%B0%E3%83%AB//title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://kissjav.com/103386/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1220150-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B136-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E3%82%A2%E3%83%B3%E3%82%B0%E3%83%AB//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://kissjav.com/103386/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1220150-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B136-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E3%82%A2%E3%83%B3%E3%82%B0%E3%83%AB//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/103386/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1220150-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B136-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E3%82%A2%E3%83%B3%E3%82%B0%E3%83%AB//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/ad/6f/4197122, lfm-1-789, lmd-789, lud-3757816, xfvlen-1699698, fsize-367250, played-51
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://kissjav.com/103386/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1220150-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B136-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E3%82%A2%E3%83%B3%E3%82%B0%E3%83%AB//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/103386/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1220150-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B136-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E3%82%A2%E3%83%B3%E3%82%B0%E3%83%AB//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 249938
last-modified: Wed, 23 Nov 2022 05:22:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3lM46iMMP6QK9U%2Bf%2Bg6Z4tVEIqOZ7GG1ZJuDwcRg9I1jky0lXeosYcuPRs5Y%2FP5PGs8YKv4uCDK4BI%2B6UhxkAQvzAnlCMJzuN2CiC5AStqqXQb6vutwxdWZ%2BcoPtrZxhcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b961776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://7mmtv.tv/zh/uncensored_content/26887/[fc2-ppv%201523617]%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20%E5%8B%95%E7%94%BB%E3%80%90%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98%E3%80%80%E7%95%AA%E5%A4%96%E7%B7%A8%E3%80%91%E2%80%BB%E7%89%B9%E5%85%B8%E3%81%AB%E9%9B%A3%E6%B3%A2%E3%82%B9%E2%97%8B%E3%83%90_%E7%9B%AE%E9%9A%A0%E3%81%97%EF%BC%88%E5%88%A5%E8%A7%92%E5%BA%A6%E5%8B%95%E7%94%BB%EF%BC%89/index.html/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://7mmtv.tv/zh/uncensored_content/26887/[fc2-ppv%201523617]%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20%E5%8B%95%E7%94%BB%E3%80%90%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98%E3%80%80%E7%95%AA%E5%A4%96%E7%B7%A8%E3%80%91%E2%80%BB%E7%89%B9%E5%85%B8%E3%81%AB%E9%9B%A3%E6%B3%A2%E3%82%B9%E2%97%8B%E3%83%90_%E7%9B%AE%E9%9A%A0%E3%81%97%EF%BC%88%E5%88%A5%E8%A7%92%E5%BA%A6%E5%8B%95%E7%94%BB%EF%BC%89/index.html/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://7mmtv.tv/zh/uncensored_content/26887/[fc2-ppv%201523617]%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20%E5%8B%95%E7%94%BB%E3%80%90%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98%E3%80%80%E7%95%AA%E5%A4%96%E7%B7%A8%E3%80%91%E2%80%BB%E7%89%B9%E5%85%B8%E3%81%AB%E9%9B%A3%E6%B3%A2%E3%82%B9%E2%97%8B%E3%83%90_%E7%9B%AE%E9%9A%A0%E3%81%97%EF%BC%88%E5%88%A5%E8%A7%92%E5%BA%A6%E5%8B%95%E7%94%BB%EF%BC%89/index.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://7mmtv.tv/zh/uncensored_content/26887/[fc2-ppv%201523617]%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20%E5%8B%95%E7%94%BB%E3%80%90%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98%E3%80%80%E7%95%AA%E5%A4%96%E7%B7%A8%E3%80%91%E2%80%BB%E7%89%B9%E5%85%B8%E3%81%AB%E9%9B%A3%E6%B3%A2%E3%82%B9%E2%97%8B%E3%83%90_%E7%9B%AE%E9%9A%A0%E3%81%97%EF%BC%88%E5%88%A5%E8%A7%92%E5%BA%A6%E5%8B%95%E7%94%BB%EF%BC%89/index.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/66/36/0fcf194, lfm-1-52912, lmd-52912, lud-489104, xfvlen-2357160, fsize-564519, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://7mmtv.tv/zh/uncensored_content/26887/[fc2-ppv%201523617]%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20%E5%8B%95%E7%94%BB%E3%80%90%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98%E3%80%80%E7%95%AA%E5%A4%96%E7%B7%A8%E3%80%91%E2%80%BB%E7%89%B9%E5%85%B8%E3%81%AB%E9%9B%A3%E6%B3%A2%E3%82%B9%E2%97%8B%E3%83%90_%E7%9B%AE%E9%9A%A0%E3%81%97%EF%BC%88%E5%88%A5%E8%A7%92%E5%BA%A6%E5%8B%95%E7%94%BB%EF%BC%89/index.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://7mmtv.tv/zh/uncensored_content/26887/[fc2-ppv%201523617]%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%20%E5%8B%95%E7%94%BB%E3%80%90%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%98%E3%80%80%E7%95%AA%E5%A4%96%E7%B7%A8%E3%80%91%E2%80%BB%E7%89%B9%E5%85%B8%E3%81%AB%E9%9B%A3%E6%B3%A2%E3%82%B9%E2%97%8B%E3%83%90_%E7%9B%AE%E9%9A%A0%E3%81%97%EF%BC%88%E5%88%A5%E8%A7%92%E5%BA%A6%E5%8B%95%E7%94%BB%EF%BC%89/index.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 321056
last-modified: Tue, 22 Nov 2022 09:37:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUoutPCzvIODdnKSwc40Zg%2FnVBbghDjGuD2Yz2xh2r%2FJGOoa%2FASONwawpRFbVhW3F1LQH5ru%2Fipzl4MCSy6uEUhDV%2BKr9ubYYwHnqKNF0mTFuSWnU4I1NdIz5YCX1yizEqg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b966776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/21.webp

23.237.196.74

302 Found

0 B

URL HTTP/2
cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/21.webp
IP
23.237.196.74:0
ASN
#174 COGENT-174

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /t/1572488206_424249_692778.flv.mp4/450x338/21.webp HTTP/1.1
Host: cdnmedia4.ero-video.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx/1.18.0
date: Sat, 26 Nov 2022 02:48:07 GMT
content-type: text/html; charset=UTF-8
location: https://cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/21.webp
x-powered-by: PHP/7.2.24
X-Firefox-Spdy: h2

unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js

104.16.123.175

200 OK

0 B

URL HTTP/2
unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js
IP
104.16.123.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /videojs-flash@2.2.1/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:00 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"99ef-EigKzOQZJEjpPjsu+eGt9sbrqUo"
via: 1.1 fly.io
fly-request-id: 01G4XED00012H0FHS4H5YGBK8Y-fra
cf-cache-status: HIT
age: 14880208
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76ff4d7a0e4ffab8-OSL
content-encoding: br
X-Firefox-Spdy: h2

e3d5e80fdb.8659c84895.com/eecac4af0b33c918bd2ed3510a0e46ed.js

45.133.44.24

200 OK

0 B

URL HTTP/2
e3d5e80fdb.8659c84895.com/eecac4af0b33c918bd2ed3510a0e46ed.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /eecac4af0b33c918bd2ed3510a0e46ed.js HTTP/1.1
Host: e3d5e80fdb.8659c84895.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 15 Nov 2022 13:38:16 GMT
etag: W/"63739648-17810"
content-encoding: gzip
expires: Sat, 26 Nov 2022 02:53:03 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.thisav.com/favicon.ico

104.27.205.87

200 OK

0 B

URL HTTP/2
www.thisav.com/favicon.ico
IP
104.27.205.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/x-icon
last-modified: Tue, 08 May 2018 04:55:15 GMT
etag: W/"5af12db3-32a"
cf-cache-status: HIT
age: 2038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FQRh16L918f6Ye516KYkson%2FC%2BHspo0dtixMbUGAJAHlNlN4WhfmPzIl0SAkKkwnXE%2BuaeVKfbnoqRfxo89TQIFbYy%2F0LLvewEj8pT3EkR3RHdce%2Fu4uvNqEIbqHdhH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d8cf893b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e3d5e80fdb.8659c84895.com/adfe84a1ecfdf5fa2977d9740d66dc94.js

45.133.44.24

200 OK

0 B

URL HTTP/2
e3d5e80fdb.8659c84895.com/adfe84a1ecfdf5fa2977d9740d66dc94.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /adfe84a1ecfdf5fa2977d9740d66dc94.js HTTP/1.1
Host: e3d5e80fdb.8659c84895.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:04 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 25 Nov 2022 13:22:47 GMT
etag: W/"6380c1a7-adbb"
content-encoding: gzip
expires: Sat, 26 Nov 2022 02:53:04 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/4.webp

23.237.196.74

302 Found

0 B

URL HTTP/2
cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/4.webp
IP
23.237.196.74:0
ASN
#174 COGENT-174

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /t/1572488206_424249_692778.flv.mp4/450x338/4.webp HTTP/1.1
Host: cdnmedia4.ero-video.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx/1.18.0
date: Sat, 26 Nov 2022 02:48:07 GMT
content-type: text/html; charset=UTF-8
location: https://cdnmedia4.ero-video.net/t/1572488206_424249_692778.flv.mp4/450x338/4.webp
x-powered-by: PHP/7.2.24
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://www.javbangers.com/video/95580/fc2-ppv-1401329/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://www.javbangers.com/video/95580/fc2-ppv-1401329/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://www.javbangers.com/video/95580/fc2-ppv-1401329/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/95580/fc2-ppv-1401329/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/c2/d6/33, lfm-11-56014, lmd-56014, lud-1048218, xfvlen-678415, fsize-540951, played-2
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://www.javbangers.com/video/95580/fc2-ppv-1401329/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/95580/fc2-ppv-1401329/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 249938
last-modified: Wed, 23 Nov 2022 05:22:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wur9o6gPRvwCwxvEKnoV07Bw0cfA6DRRV9Uq6l7kJfhAzsLWqeQlH%2FhmgZRgfPqALnTEeC3DClZYtHQDO57CcIZ5NPD%2FaBBGZWJYnwZ7pqX7QmqH%2FLT7jsZB5xrFiW0asg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b962776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://ggjav.com/en/main/video?id=98649/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://ggjav.com/en/main/video?id=98649/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://ggjav.com/en/main/video?id=98649/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://ggjav.com/en/main/video?id=98649/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/f3/e3/850636, lfm-1-4608, lmd-4608, lud-3431676, xfvlen-2991030, fsize-827463, played-177
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://ggjav.com/en/main/video?id=98649/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://ggjav.com/en/main/video?id=98649/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 27704
last-modified: Fri, 25 Nov 2022 19:06:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLfiEs9sExq0Py6UN3ySKPdvnn7VRB4MjMKX7GQP%2BaSM%2F1wLI5tXf%2B4tw3JYXaNTx10cgdjLdZ92vJFf34Ev1lS76VQY9b9Ce62MwFpvPC%2FM7DXpJ5WKlpA1A6jTjq8RsmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b97b776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

js.gazo.space/index.php?js=av4&advertisement&

104.21.235.170

200 OK

0 B

URL HTTP/2
js.gazo.space/index.php?js=av4&advertisement&
IP
104.21.235.170:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /index.php?js=av4&advertisement& HTTP/1.1
Host: js.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:47:59 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsgazospacmh--GB-rm2400cb003761024ac4655a9/index.php?js=av4&advertisement&
55nloadrate: 0.545
cache-control: public, max-age=7200, s-max-age=1800
vary: Accept-Encoding
cf-cache-status: HIT
age: 1771
last-modified: Sat, 26 Nov 2022 02:18:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LfGZYOi2Fr75tKK9COPVfPMdEwgYqgdGSODzv02cv8kP6QjJW9IKb0iwfaemhwZlHyTAttRRrAbIc2hLUQjIdmaG4%2BpP5DOfgd5rnEOq1bDGBYDqL8DaxWfDLw1y2LJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d73d8ef770e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fav.xvideos-dl.top%2Fv%2Fs%3A%2Favninga.com%2Fvodplay%2F263422%2Ftitle%2FFC2-PPV-1399264-%25E3%2583%2595%25E3%2583%25A9%25E3%2583%2583%25E3%2582%25B7%25E3%2583%25A5%25E3%2583%259E%25E3%2583%25B3%25E3%2581%25AE%2520%5B43%3A31x720p%5D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1526%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A449977785585%3Ahid%3A901734404%3Az%3A0%3Ai%3A20221126024759%3Aet%3A1669430879%3Ac%3A1%3Arn%3A410517987%3Arqn%3A1%3Au%3A1669430879612549646%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A%2C%2C256%2C5%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Ans%3A1669430877749%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669430879%3At%3AFC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)

87.250.251.119

302 Found

0 B

URL HTTP/2
mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fav.xvideos-dl.top%2Fv%2Fs%3A%2Favninga.com%2Fvodplay%2F263422%2Ftitle%2FFC2-PPV-1399264-%25E3%2583%2595%25E3%2583%25A9%25E3%2583%2583%25E3%2582%25B7%25E3%2583%25A5%25E3%2583%259E%25E3%2583%25B3%25E3%2581%25AE%2520%5B43%3A31x720p%5D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1526%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A449977785585%3Ahid%3A901734404%3Az%3A0%3Ai%3A20221126024759%3Aet%3A1669430879%3Ac%3A1%3Arn%3A410517987%3Arqn%3A1%3Au%3A1669430879612549646%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A%2C%2C256%2C5%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Ans%3A1669430877749%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669430879%3At%3AFC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /watch/48140495?wmode=7&page-url=http%3A%2F%2Fav.xvideos-dl.top%2Fv%2Fs%3A%2Favninga.com%2Fvodplay%2F263422%2Ftitle%2FFC2-PPV-1399264-%25E3%2583%2595%25E3%2583%25A9%25E3%2583%2583%25E3%2582%25B7%25E3%2583%25A5%25E3%2583%259E%25E3%2583%25B3%25E3%2581%25AE%2520%5B43%3A31x720p%5D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1526%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A449977785585%3Ahid%3A901734404%3Az%3A0%3Ai%3A20221126024759%3Aet%3A1669430879%3Ac%3A1%3Arn%3A410517987%3Arqn%3A1%3Au%3A1669430879612549646%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A%2C%2C256%2C5%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Ans%3A1669430877749%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669430879%3At%3AFC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.xvideos-dl.top%2Fv%2Fs%3A%2Favninga.com%2Fvodplay%2F263422%2Ftitle%2FFC2-PPV-1399264-%25E3%2583%2595%25E3%2583%25A9%25E3%2583%2583%25E3%2582%25B7%25E3%2583%25A5%25E3%2583%259E%25E3%2583%25B3%25E3%2581%25AE%2520%5B43%3A31x720p%5D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1526%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A449977785585%3Ahid%3A901734404%3Az%3A0%3Ai%3A20221126024759%3Aet%3A1669430879%3Ac%3A1%3Arn%3A410517987%3Arqn%3A1%3Au%3A1669430879612549646%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A%2C%2C256%2C5%2C-6%2C0%2C%2C%2C%2C%2C%2C%2C%3Ans%3A1669430877749%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669430879%3At%3AFC2-PPV-1399264-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Sat, 26 Nov 2022 02:48:00 GMT
access-control-allow-origin: http://av.xvideos-dl.top
set-cookie: yandexuid=6563802081669430880; Expires=Sun, 26-Nov-2023 02:48:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6563802081669430880; Expires=Sun, 26-Nov-2023 02:48:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=361336831669430880; Path=/; SameSite=None; Secure
i=KYv2q3BxGLMXKt5XsKKkY2opIQEfdxeG1GZS6hyyJ/3KHBenhaT9nZ4/oDGmwNeM5x2t8acagYXjdOuYlF+KqKA8dLc=; Expires=Tue, 23-Nov-2032 02:47:53 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1700966880.yc.1669430880#1700966880.yrts.1669430880#1700966880.yrtsi.1669430880; Expires=Sun, 26-Nov-2023 02:48:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 26-Nov-2022 02:48:00 GMT
last-modified: Sat, 26-Nov-2022 02:48:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js

104.21.13.216

200 OK

0 B

URL HTTP/2
cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
IP
104.21.13.216:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /videojs-hotkeys/latest/videojs.hotkeys.min.js HTTP/1.1
Host: cdn.sc.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:00 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 02:39:12 GMT
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6IHnANPw%2FLr%2FEsOMp2wtE%2FQOxc9hA8iIDp8XHmnvZweWYaHDyJzL%2FjmvGsrpKXD%2BELmJx%2FuU7%2FYicWA9mFT%2B13jRW5%2BXh9B29iazZ6CdSFTgFWa4yFxGgCS1Vo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ff4d78c9c10b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://kissjav.com/124651/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://kissjav.com/124651/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://kissjav.com/124651/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/124651/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/80/6a/e802104, lfm-1-20203, lmd-20203, lud-798578, xfvlen-2181399, fsize-637354, played-242
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/124651/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/124651/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1510547-b-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E9%9B%A3%E6%B3%A2%E9%AB%98%E9%A1%8D%E6%8F%B4%E5%8A%A9%EF%BC%95//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 02:48:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qno9Jke%2F%2FCg7y3cCiaqT4S8WXfKbspbU1dxjpj5CHsc0beb%2FozmZmlyVRXO3DdXBg%2BdfJ30EHgw3vUifSuGcAzlCv5JRWQdS2l4vmUNU52EwbApQEHJze6AwQEno4bz3fwA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b95d776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://24hjav.com/watch/fc2-ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%95%AB_SEzvmdJGEXGFDkW.html/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://24hjav.com/watch/fc2-ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%95%AB_SEzvmdJGEXGFDkW.html/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://24hjav.com/watch/fc2-ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%95%AB_SEzvmdJGEXGFDkW.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://24hjav.com/watch/fc2-ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%95%AB_SEzvmdJGEXGFDkW.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/8c/4f/b88e125, lfm-1-6724, lmd-6724, lud-6724, xfvlen-1696323, fsize-374175, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://24hjav.com/watch/fc2-ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%95%AB_SEzvmdJGEXGFDkW.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://24hjav.com/watch/fc2-ppv-1240706-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE%E5%80%8B%E4%BA%BA%E6%92%AE%E5%BD%B143-%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E7%89%B9%E5%85%B8-%E5%88%A5%E5%8B%95%E7%95%AB_SEzvmdJGEXGFDkW.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 110168
last-modified: Thu, 24 Nov 2022 20:11:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLYacZnKrUlzvpfL88MWn6m5UywaxMepn6DgmPyQISaV%2FBMzFTmnSZXdJqw7dmHjX%2F3p71CNFAU5HQEhSX6XrQi9ujFpb0KvP35bwvNBENF6WHfJsvsMg%2FcfchmSfH7AqJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99a949776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://kissjav.com/zh/118722/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://kissjav.com/zh/118722/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://kissjav.com/zh/118722/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/zh/118722/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/32/6f/ff58115, lfm-1-2121, lmd-2121, lud-709291, xfvlen-1425779, fsize-397495, played-62
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://kissjav.com/zh/118722/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/zh/118722/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1399264-a-%E3%83%95%E3%83%A9%E3%83%83%E3%82%B7%E3%83%A5%E3%83%9E%E3%83%B3%E3%81%AE-%E5%8B%95%E7%94%BB-%E3%81%8A%E6%B0%97%E3%81%AB%E5%85%A5%E3%82%8A%E5%A8%987-%E7%89%B9%E5%85%B8%E6%9C%89//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 02:48:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2B4cGoZMwHqfQSRbvWP8Kvwct2%2BMl8a%2BmOGY4eP6VlQU6mfCQHc%2FgeMs9jxD%2Fmb%2B9kc4%2FzoFnbEdgflLaZARfrsytLuBLCYY5W9BjQ4Yx%2BiOLf5TbXTPXYbwYH3NjVIwTs4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99a93f776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://www.sextvx.com/ja/video/303594/stickam-teen-flashing-tits-pussy/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://www.sextvx.com/ja/video/303594/stickam-teen-flashing-tits-pussy/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://www.sextvx.com/ja/video/303594/stickam-teen-flashing-tits-pussy/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.sextvx.com/ja/video/303594/stickam-teen-flashing-tits-pussy/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/33/84/efd067, lfm-1-4663, lmd-4663, lud-8168152, xfvlen-2231668, fsize-643897, played-179
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://www.sextvx.com/ja/video/303594/stickam-teen-flashing-tits-pussy/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.sextvx.com/ja/video/303594/stickam-teen-flashing-tits-pussy/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 74998
last-modified: Fri, 25 Nov 2022 05:58:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07GQkSwaKy82YMf3d%2B98ZZCO3V1nvwfPutf4Z7mSbT7BFJbAmgKP6ETBde%2Bc7YslZJ4eW%2BTzUxyxLsQnyApK2rlcnIvRUsxKdWI7gLlxFt6NJ25A9rXef2snzzk%2Fz3pPUGw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b971776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://www.javbangers.com/video/91972/fc2-ppv-1367526-1/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://www.javbangers.com/video/91972/fc2-ppv-1367526-1/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://www.javbangers.com/video/91972/fc2-ppv-1367526-1/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/91972/fc2-ppv-1367526-1/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/41/8b/0a6a52, lfm-1-4082, lmd-4082, lud-797154, xfvlen-1982799, fsize-557994, played-5
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/91972/fc2-ppv-1367526-1/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/91972/fc2-ppv-1367526-1/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 130532
last-modified: Thu, 24 Nov 2022 14:32:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jhc%2FS%2F2%2BpevCNYlIT02gUHP9iOgtCyg4CH%2BsKydH%2FOKw2Wl22eDfmxe0EoIoZIUi%2B2lqSfmO6K0mvG7gP%2FdPBplyZwd%2BD3jBb%2Fm8pLClYpjATdCTZvMTpTmLvfUjtmjuzQM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b970776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-620120-3

142.250.74.168

200 OK

0 B

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-620120-3
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.xvideos-dl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 02:47:59 GMT
expires: Sat, 26 Nov 2022 02:47:59 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

spankbang.com/favicon.ico

104.19.137.100

200 OK

0 B

URL HTTP/2
spankbang.com/favicon.ico
IP
104.19.137.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: spankbang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:03 GMT
content-type: image/x-icon
last-modified: Tue, 03 May 2022 21:44:53 GMT
etag: W/"6271a255-3c2e"
access-control-allow-origin: *
cf-cache-status: HIT
age: 293
set-cookie: __cf_bm=lpU_vP0KEVZmI38gd0cYmLVq9mBuEB08mkZd_TLjH.Y-1669430883-0-ASEob+Wcq0ivUJkjlE4DCYMe/V8BBrqGAiC5K+FnhuaEuzD3O181KfMC5zm9IR/Tu18SgE//XAMigqai/gMQwPI=; path=/; expires=Sat, 26-Nov-22 03:18:03 GMT; domain=.spankbang.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76ff4d8eaaa9b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://spankbang.com/3mdt6-3fta7z/playlist/porn/title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://spankbang.com/3mdt6-3fta7z/playlist/porn/title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://spankbang.com/3mdt6-3fta7z/playlist/porn/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://spankbang.com/3mdt6-3fta7z/playlist/porn/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/35/fa/01, lfm-12-61202, lmd-61202, lud-252554, xfvlen-403443, fsize-501086, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://spankbang.com/3mdt6-3fta7z/playlist/porn/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://spankbang.com/3mdt6-3fta7z/playlist/porn/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 02:48:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6bdXDliuZXx%2BJn0YtXgBYj%2FwJjLmdHUDPXnfoXDnQbGLdXyZUgefv6KlomKBSP97sV5keGRHdf8ed12c9UqdU6DiWMdSTXNJ%2FSzlGXDpbJA5%2BI4ZgoYkE1tXqb%2BxCbbWAY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99b976776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rz.nakadashi.pw/v/s://www.tktube.com/videos/69371/fc2-ppv-1887749//title/myhash/3

172.64.128.21

200 OK

0 B

URL HTTP/2
rz.nakadashi.pw/v/s://www.tktube.com/videos/69371/fc2-ppv-1887749//title/myhash/3
IP
172.64.128.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/s://www.tktube.com/videos/69371/fc2-ppv-1887749//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.xvideos-dl.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:05 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.tktube.com/videos/69371/fc2-ppv-1887749//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo4/1f/4a/c34948, lfm-1-182, lmd-182, lud-2124369, xfvlen-1312343, fsize-525164, played-819
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.tktube.com/videos/69371/fc2-ppv-1887749//title/myhash/3-A-rz.nakadashi.pw--ssdzone---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.tktube.com/videos/69371/fc2-ppv-1887749//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 02:48:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSioqqWfvvQh8hX0ZB1Z9Q9VHtlbt2eBJ4SzoiaeZNRTYEhnRZvSyb2gJeD6sSOHpMG57nTClwnlYOz5wV0EWzKIJ9WU2Oyv7D4s%2BbP87j5wZpkEiVFqDBDpevcqwA0VhOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d99a94a776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

7mmtv.sx/

172.67.218.77

200 OK

0 B

URL HTTP/2
7mmtv.sx/
IP
172.67.218.77:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: 7mmtv.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.xvideos-dl.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 02:48:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lgQh%2F0p8vL%2B7LjMl7sZ8Iq7ioAQwdE%2Bc%2F%2BikAgFsvUGqvfqRDclhD0IaWJ9sSccBWzohRyu4v35c81yecKPghKAQHPEnNyu51O0LpPHwp3xk5XkMVExP4M47w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ff4d9dc892b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (37)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations