r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4b8b051d555b46b1e9e64faebf91b4ab
bdab7f1f4146f0e7c16665692e4f1edd83c10a24
e069730519f658e767ec8edb57edd8e2b1ccb18d4f0ade0920654eac18f83456
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E069730519F658E767EC8EDB57EDD8E2B1CCB18D4F0ADE0920654EAC18F83456"
Last-Modified: Tue, 17 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12145
Expires: Tue, 17 Jan 2023 15:39:43 GMT
Date: Tue, 17 Jan 2023 12:17:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 405f8f149ccdf0005ca0d890c96a9cb4
64de3200cef76133dfad901d6709697d6842405e
3a10790c397a419450ac2c90b941fd20bc49af1dbaeb34678836306de8febfce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A10790C397A419450AC2C90B941FD20BC49AF1DBAEB34678836306DE8FEBFCE"
Last-Modified: Mon, 16 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20544
Expires: Tue, 17 Jan 2023 17:59:42 GMT
Date: Tue, 17 Jan 2023 12:17:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 11:49:14 GMT
content-type: application/json
age: 1684
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8350
Expires: Tue, 17 Jan 2023 14:36:28 GMT
Date: Tue, 17 Jan 2023 12:17:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HDi4DhctFr22cxUXpzyaCdA8YyHn1zSkxJ+ZicjCd5hDQgwM8qOVn4xMg+hGX/QUkKY2VvlXd5pXPGbV20YwSA==
x-amz-request-id: K7XA26ZNXM2ETSTS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 11:44:59 GMT
age: 1939
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:17:18 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
av.co-vid.win/v/s:/chuliany.xyz/videos/13027/3dafc8039b74a4928336a57cdb2136d3/title/%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C%20[11:28x721p]
148.72.246.38200 OK 6.7 kB URL HTTP/1.1 av.co-vid.win/v/s:/chuliany.xyz/videos/13027/3dafc8039b74a4928336a57cdb2136d3/title/%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C%20[11:28x721p]
IP 148.72.246.38:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (2837), with CRLF, NEL line terminators
Hash 43aaf3aa7198cf855f95cecc0b645bcb
df10ea623e3a8c0873189ad27df9cb140bb5284f
1c64bc767e0b1b240f4cd3333ee54df1124a1118915e23300bf1425e94ea7069
GET /v/s:/chuliany.xyz/videos/13027/3dafc8039b74a4928336a57cdb2136d3/title/%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C%20[11:28x721p] HTTP/1.1
Host: av.co-vid.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 17 Jan 2023 12:17:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Host,Accept-Encoding
pdo-line8: host-av.co-vid.win127.0.0.1-myhost-av.co-vid.win127.0.0.1/v/s://chuliany.xyz/videos/13027/3dafc8039b74a4928336a57cdb2136d3/title/%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C%20[11:28x721p]
phost: av.co-vid.win
line1066: notjp--myhost-av.co-vid.win-filteron-
pdo106: feedvid-, cachefileb-cacpdo1/f9/8e/5da762, lfm-1-7477, lmd-7477, lud-248444, xfvlen-1723106, fsize-280998, played-1
pdophp-line408: -; cachetime- 4105.7997778745; ctime- 20221231093155
line1514: method-0: ik-【母|||子乱|||伦】|||淫乱|||母亲|||强占|||儿子|||处子|||身!|||-初|||恋之|||夜【母子乱伦】淫乱母亲强占儿子处子身!-初恋之夜: vidlang-cn5757
line1528: method-0: ik-【母|||子乱|||伦】|||淫乱|||母亲|||强占|||儿子|||处子|||身!|||-初|||恋之|||夜【母子乱伦】淫乱母亲强占儿子处子身!-初恋之夜: vidlang-cn
pdoline1599: sarray-335cn8080
pdoline1662: notjp-: fvkwcnt-5757
pdoline1666: notjp-: fvkwcnt-335
pdo-line1950: $i-79$load-1.5453125
Cache-Control: max-age=135175, public
genre: genre=
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: EXPIRED
Xkey-5950: av.co-vid.win/v/s:/chuliany.xyz/videos/13027/3dafc8039b74a4928336a57cdb2136d3/title/%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C%20[11:28x721p]-B-av.co-vid.win-av.co-vid.win-cacpdo0---yes
X-Proxy-Cache-g-jp: HIT
Xkey-g-jp2: av.co-vid.win/v/s:/chuliany.xyz/videos/13027/3dafc8039b74a4928336a57cdb2136d3/title/%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C%20[11:28x721p]-B-av.co-vid.win--my_zone
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 17 Jan 2023 11:33:47 GMT
age: 2612
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 274fa5c5f99fe6db7b1cd1003c69abe3
b85c59724c2477200b2ac2f46cb276d63aba64ea
6cc71ef6f4ddd3cdf129070e391fb6410866754e0bbcdd3667b27d41b3b71572
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2091
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:19 GMT
Last-Modified: Tue, 17 Jan 2023 11:42:28 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4363
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:19 GMT
Last-Modified: Tue, 17 Jan 2023 11:04:36 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 274fa5c5f99fe6db7b1cd1003c69abe3
b85c59724c2477200b2ac2f46cb276d63aba64ea
6cc71ef6f4ddd3cdf129070e391fb6410866754e0bbcdd3667b27d41b3b71572
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2091
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:19 GMT
Last-Modified: Tue, 17 Jan 2023 11:42:28 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 274fa5c5f99fe6db7b1cd1003c69abe3
b85c59724c2477200b2ac2f46cb276d63aba64ea
6cc71ef6f4ddd3cdf129070e391fb6410866754e0bbcdd3667b27d41b3b71572
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5448
Cache-Control: max-age=134813
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:19 GMT
Etag: "63c5e824-117"
Expires: Thu, 19 Jan 2023 01:44:12 GMT
Last-Modified: Tue, 17 Jan 2023 00:13:24 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
52.89.136.7101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.136.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 26o9HQlcOkhj7A72uN6IYg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sxLM4ptCUGM7BeXbLw9zFB+eJus=
cacrip.nakadashi.pw/AV4.us.jpg
172.64.129.21200 OK 8.7 kB URL HTTP/1.1 cacrip.nakadashi.pw/AV4.us.jpg
IP 172.64.129.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3\012- data
Hash edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
NIDS Severity Alert suricata low ET INFO HTTP Request to a *.pw domain
GET /AV4.us.jpg HTTP/1.1
Host: cacrip.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:20 GMT
Content-Type: image/jpeg
Content-Length: 8741
Connection: keep-alive
ETag: "2225-5499bcea176c0"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=360000
X-Proxy-Cache-5950: HIT
Xkey-5950: cacrip./AV4.us.jpg-A-cacrip.nakadashi.pw--cacpdo0---yes
CF-Cache-Status: HIT
Age: 201137
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T86VJX6B89L%2FC%2FrqcsjN4NGFMk5M1ItE9JrZitYE%2FmkahssAp1hJ76Mhx%2BHHOyldAX1A8QInIjtbpS5wX52gf70%2BAUTfgm4YBK0ZO51shRWwgCcOlSfciHk82kZoqogTerew2DFD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af06f41d3171c6-LHR
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
104.17.25.14200 OK 4.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (10613)
Hash 9653b380e66b38af571efdafa5763f0d
835aa2c117b6b3156a3b439ec302ffa268466c55
3181b9ecf39cca87ae50e71c715a2accc9787ac8655edf1d0fc5195bd688b38f
GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 414848
expires: Sun, 07 Jan 2024 12:17:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9WRX3Uvbiffy92KITpc1cizH892nrMiF%2BVhtSLcC325JqZH2eIbrb9ilNfhLEcRP4UhRdaOgp1PgU9RaPAnb0HMokSpVZjGj8KZZ1SBIeYERoIdClPALRBUVAVhiX57co18zakD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78af06f438bb0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jsjs.gazo.space/mycss/av4.css?3
172.64.99.28200 OK 1.3 kB URL HTTP/1.1 jsjs.gazo.space/mycss/av4.css?3
IP 172.64.99.28:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 55d39b2d0155f6d4ef3be034128f27bb
e21c9b2e878a57898ec2883cf334c057ecdb927c
6650b9e1cbcfe327a56bfefef2bec6ec0aa756ffa3d7ceb2e901dc828d42843d
GET /mycss/av4.css?3 HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"f05-5ef068d702bfd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Cake
Cache-Control: public, max-age=3600000
CF-Cache-Status: HIT
Age: 3337118
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFYLGP973w6GzeYCK2Ft%2BJgteEyLrX750W9y3%2FBusN6J7Ldvb1RLtSZir52gafBmv4yLQIB2jVUWx1X2DiNJRhN9BWHtMMMg75cZc%2FGM3MUFhZkPohmBMtyDsmAHjfBa50Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af06f45946bc9d-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
151.101.1.229200 OK 67 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP 151.101.1.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (549)
Hash 6479de08f402b26b1998f86398769c93
905e1270234d2ac185e93622fcae00e36a90a8d8
1519be7d34cee9b973d5c28c8b2e7133eaedd72dec825b7de6475b56dd99d7e0
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.256.0
x-jsd-version-type: version
etag: W/"28b56-ECSInNVNzAVmdkHtunwb0yjK3hU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 17 Jan 2023 12:17:20 GMT
age: 36024
x-served-by: cache-fra-eddf8230043-FRA, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 67123
X-Firefox-Spdy: h2
comments.gazo.space/comments/embed.js?37
172.64.98.28200 OK 6.7 kB URL HTTP/1.1 comments.gazo.space/comments/embed.js?37
IP 172.64.98.28:0
File type ASCII text, with very long lines (14022)
Hash 352c889af2cf2163a866e7e381ae9252
dba161ee742e83c96891e1c3fa8e9a6ecd88ab55
aca3691a6709b371e3dedde66943ed3a1b9a8d2b67734123916d74c1a82e510c
Analyzer Verdict Alert fortinet Phishing
GET /comments/embed.js?37 HTTP/1.1
Host: comments.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=360000
Cf-Bgj: minify
Cf-Polished: origSize=20813
ETag: W/"514d-5e998fd344edc"
X-Proxy-Cache-Rip: HIT
XkeyRip: jcomments./comments/embed.js?37-A-comments.gazo.space--my_zone-yes
CF-Cache-Status: HIT
Age: 140090
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqUBMrn%2FxkO0%2BPsZcXpbcwvtWLMwAxkpE0jzdzrs6QCxxZRmcKvWf1UN3vEJYunlOCWMKDzfnDtgGhPqBJPLvsSCOr7%2BtlmmzIGW%2BSBUierfoaAp%2FzLreqHUpE99uZsOC%2Bq4PniS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af06f4ce2923c5-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6f4934ef37f04950c15313f2cdc6902d
3ed5b8439867115a06edaf046472ee8d271c33ea
3fb58a81be10df91f59e3f6ceed7d607f77409087515cf675ff0d098c482c574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
151.101.194.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 151.101.194.133:0
Hash bd951bc837f80a4b8d6bac309abda1e3
8c14f33a6c42a8697a14f94005bad514f4670302
4d3be185483cfb12abdb9e3781fe7b9824aaa039f5124ed204baa610e397379e
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "0CD4732640CB356A7FD0EB3193399510004F2398"
Expires: Tue, 17 Jan 2023 23:00:00 UTC
Last-Modified: Tue, 17 Jan 2023 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 12:17:20 GMT
Via: 1.1 varnish
Age: 2034
X-Served-By: cache-bma1677-BMA
X-Cache: HIT
X-Cache-Hits: 3
X-Timer: S1673957840.190288,VS0,VE0
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 01:25:53 GMT
expires: Sat, 13 Jan 2024 01:25:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 384687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-620120-3
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-620120-3
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 86b9defa10353509dbf633c2b6df7103
a7fd8b46c20f3d4973b0f8b707565004ddf2646e
8178f956ebbd1abb4f8d8576965ca51b42d6ed1aba73a70666b0c8dc83f9a81c
GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 17 Jan 2023 12:17:20 GMT
expires: Tue, 17 Jan 2023 12:17:20 GMT
cache-control: private, max-age=900
last-modified: Tue, 17 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44105
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6f4934ef37f04950c15313f2cdc6902d
3ed5b8439867115a06edaf046472ee8d271c33ea
3fb58a81be10df91f59e3f6ceed7d607f77409087515cf675ff0d098c482c574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5256be1082d11465353ab2a5c8e6cdde
f8a876f70a02af35f78cb9ed85c7f4cf2e1e6d66
ff275189489f455b95e4e362ef7c66e3b8a1bc405c02139a8cc5237eaf5902fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6458
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:20 GMT
Last-Modified: Tue, 17 Jan 2023 10:29:42 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
188.114.96.1200 OK 1.8 kB URL HTTP/1.1 cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (4505)
Hash 62df3c3b9c50eb48c9bdf36e310babf2
1f69b85084ccd0348dcd55fba839be4f271a591d
883898451b3b4a6a893b54c87b71fe23df90be071936330b23eb2cd6c4f49274
GET /videojs-hotkeys/latest/videojs.hotkeys.min.js HTTP/1.1
Host: cdn.sc.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 02:39:12 GMT
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 4520
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJ00DwmmW1kBuJRIhQ0uspLoESetGT%2BRvZ1Fh4F5HQkgsPaj8t%2BkMqcuCXZPuzButqekBVnJa5iMRpNcbop1407RESE9s8HVI8ZS3sQ7WmxhB3pWHO6b0indj94%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af06f68f7d0b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
vjs.zencdn.net/7.8.2/video-js.css
151.101.66.217200 OK 11 kB URL HTTP/2 vjs.zencdn.net/7.8.2/video-js.css
IP 151.101.66.217:0
File type Unicode text, UTF-8 text, with very long lines (5844)
Hash 8e0b9e4f5782827464baaa97ab90792a
25330bf40d7ad79648413156e6680a5c0de064b1
f26b66fc7b0a3f85500fe249594bfec05008ab32b33cd885a67fb588b6eb9ac5
GET /7.8.2/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 21:39:05 GMT
etag: "9d2c20f32d2509c50bdcb9239fb9b62e"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Tue, 17 Jan 2023 12:17:20 GMT
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 3198
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10723
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
151.101.194.133200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 151.101.194.133:0
Hash 787b1ce84b8f7cd638c754ef3cc35582
581ab2593add096686335c7488ce0907943efc39
7327462ff93c9c444a809c77913f3a4629dfadd191ccfe2762a96e78980f59da
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 940
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 21 Jan 2023 09:23:44 GMT
ETag: "581ab2593add096686335c7488ce0907943efc39"
Last-Modified: Tue, 17 Jan 2023 09:23:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 12:17:20 GMT
Age: 3136
X-Served-By: cache-qpg1244-QPG, cache-bma1677-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 80
X-Timer: S1673957840.434347,VS0,VE0
vjs.zencdn.net/7.8.2/video.js
151.101.66.217200 OK 420 kB URL HTTP/2 vjs.zencdn.net/7.8.2/video.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (320)
Size 420 kB (419634 bytes)
Hash 7dbd36f0fcc384a6409db98b80a76dcc
ec256a308360d2b696d874373430c495fdd5b313
33fe4721a551fd6335c11c42d75e828acf4d15dd49de3d93d761d260b5403d47
GET /7.8.2/video.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 21:39:10 GMT
etag: "52c53a33bb2cd149f293eb14fb22505d"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Tue, 17 Jan 2023 12:17:20 GMT
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 419634
X-Firefox-Spdy: h2
mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fchuliany.xyz%2Fvideos%2F13027%2F3dafc8039b74a4928336a57cdb2136d3%2Ftitle%2F%25E3%2580%2590%25E6%25AF%258D%25E5%25AD%2590%25E4%25B9%25B1%25E4%25BC%25A6%25E3%2580%2591%25E6%25B7%25AB%25E4%25B9%25B1%25E6%25AF%258D%25E4%25BA%25B2%25E5%25BC%25BA%25E5%258D%25A0%25E5%2584%25BF%25E5%25AD%2590%25E5%25A4%2584%25E5%25AD%2590%25E8%25BA%25AB%25EF%25BC%2581-%25E5%2588%259D%25E6%2581%258B%25E4%25B9%258B%25E5%25A4%259C%2520%5B11%3A28x721p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A971720928854%3Ahid%3A251813899%3Az%3A0%3Ai%3A20230117121720%3Aet%3A1673957840%3Ac%3A1%3Arn%3A843725180%3Arqn%3A1%3Au%3A1673957840745750954%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A20%2C247%2C247%2C0%2C-4%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673957838604%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673957840%3At%3A%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fchuliany.xyz%2Fvideos%2F13027%2F3dafc8039b74a4928336a57cdb2136d3%2Ftitle%2F%25E3%2580%2590%25E6%25AF%258D%25E5%25AD%2590%25E4%25B9%25B1%25E4%25BC%25A6%25E3%2580%2591%25E6%25B7%25AB%25E4%25B9%25B1%25E6%25AF%258D%25E4%25BA%25B2%25E5%25BC%25BA%25E5%258D%25A0%25E5%2584%25BF%25E5%25AD%2590%25E5%25A4%2584%25E5%25AD%2590%25E8%25BA%25AB%25EF%25BC%2581-%25E5%2588%259D%25E6%2581%258B%25E4%25B9%258B%25E5%25A4%259C%2520%5B11%3A28x721p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A971720928854%3Ahid%3A251813899%3Az%3A0%3Ai%3A20230117121720%3Aet%3A1673957840%3Ac%3A1%3Arn%3A843725180%3Arqn%3A1%3Au%3A1673957840745750954%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A20%2C247%2C247%2C0%2C-4%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673957838604%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673957840%3At%3A%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash ea39a83e7a6132429f32f3624b2fa7dd
0d8cb4ec093d6f809b6b485189afd371b395cfce
45267dd40c4a49a774f6b5456a1076b8de265ec552a7a2a327d98dedab6569ef
GET /watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fchuliany.xyz%2Fvideos%2F13027%2F3dafc8039b74a4928336a57cdb2136d3%2Ftitle%2F%25E3%2580%2590%25E6%25AF%258D%25E5%25AD%2590%25E4%25B9%25B1%25E4%25BC%25A6%25E3%2580%2591%25E6%25B7%25AB%25E4%25B9%25B1%25E6%25AF%258D%25E4%25BA%25B2%25E5%25BC%25BA%25E5%258D%25A0%25E5%2584%25BF%25E5%25AD%2590%25E5%25A4%2584%25E5%25AD%2590%25E8%25BA%25AB%25EF%25BC%2581-%25E5%2588%259D%25E6%2581%258B%25E4%25B9%258B%25E5%25A4%259C%2520%5B11%3A28x721p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A971720928854%3Ahid%3A251813899%3Az%3A0%3Ai%3A20230117121720%3Aet%3A1673957840%3Ac%3A1%3Arn%3A843725180%3Arqn%3A1%3Au%3A1673957840745750954%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A20%2C247%2C247%2C0%2C-4%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673957838604%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673957840%3At%3A%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Tue, 17 Jan 2023 12:17:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://av.co-vid.win
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 17-Jan-2023 12:17:20 GMT
last-modified: Tue, 17-Jan-2023 12:17:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12704
Expires: Tue, 17 Jan 2023 15:49:05 GMT
Date: Tue, 17 Jan 2023 12:17:21 GMT
Connection: keep-alive
jsjs.gazo.space/tagjpa.php?noself=1&url=av.hentaitube.win/tags/7
172.64.99.28200 OK 17 kB URL HTTP/1.1 jsjs.gazo.space/tagjpa.php?noself=1&url=av.hentaitube.win/tags/7
IP 172.64.99.28:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash ed139516f134cad15e8c8f5d7638537f
1eda9a19d8227633aa4fb5a295f940f12ea167e4
61847e72795da444cc78896cb8d2b3c4f74b476da94617e1949b6acaa4bb9c29
GET /tagjpa.php?noself=1&url=av.hentaitube.win/tags/7 HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
8tagproxuri: /tagjpa.php?noself=1&url=av.hentaitube.win/tags/7
X-Frame-Options: ALLOWALL
cross-origin-resource-policy: cross-origin
Cache-Control: public, max-age=72000
671tagproxuri: /tagjpa.php?noself=1&url=av.hentaitube.win/tags/7
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Cake
CF-Cache-Status: HIT
Age: 21620
Last-Modified: Tue, 17 Jan 2023 06:17:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QUxb46Md1Bwwj42zIYHJZov%2FqO%2FWWPbr53kytLr14A%2BZPHvCMx0NTfPgcbo9rs71S4hjp%2Bj8XkYYv8lWYKzWetbocNKZhZm0N%2BTGzeDNbXZEvzGZ7x1CcYRlRU13uYBNBs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af06fa9c99bc9d-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12704
Expires: Tue, 17 Jan 2023 15:49:05 GMT
Date: Tue, 17 Jan 2023 12:17:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fefb1f12a78ad92ed309da2c54984a3c
caf58bf6276e226a20a0d0cf6fc3d422f922eb28
baf6596c635254885f32e423cbc5667694754243f01109cbdbeb54c337b16bc2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14703
x-amzn-requestid: bdc14ffc-297a-4046-9a4f-26d454f6f9be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2trpGZkoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c317-58908dd71980be98200e8f6c;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: J674keESjH0GJBC8A6WnCmsHdxNtHNu5pbsv7EwSFSFMcxVCrZeFrw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 02:43:40 GMT
age: 34421
etag: "caf58bf6276e226a20a0d0cf6fc3d422f922eb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805a998e9a6fc452c152ab9542b6d0cd
0bd57ea7809abfa4136506f565ac8ba45c936406
b24e0b322cacda63e43582e713cb38d80914f6b82c735307188a2ddd9829338f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10736
x-amzn-requestid: 78c83dbb-f641-4ece-bd8d-ce9d524f100d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm5FLvoAMFn1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-73b261b87d3eb7b709161fdf;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hUS-ajMYSYKXI2jsZJApvgUgr0lnbrm02BXZ6rsPS5h0daBcIRtgEw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 52266
etag: "0bd57ea7809abfa4136506f565ac8ba45c936406"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec0e283376914297c3fb2464ed15a31b
acd84e057b6c618fd3b31915983998c00fe21dc4
3d02b82d8f6a00703de7594f5b34baf0010294c1a7023818344ca341e4ac203c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10660
x-amzn-requestid: ac5d6edc-5228-4318-a99f-c08d3265aa87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3HXpH4PoAMF78Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5ec30-044bf7c40e44de637c0c2dba;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 00:30:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkEloLsB0trkJ9t_rqIbVsZmUi9ytfJ9JdQ-zjs7ZM5smU4xVwvkxA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 00:31:58 GMT
age: 42323
etag: "acd84e057b6c618fd3b31915983998c00fe21dc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a588566-7d22-4b47-96ce-ee6bb56e4898.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a588566-7d22-4b47-96ce-ee6bb56e4898.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57828b7affae7633b38d0fb6057b894d
db4cd956ba7e1e6b43174c250b7d4f1193277be9
26d83d511af9583a8f0a9ef1bd2ce3deab3ca42fa2c2ae141b61cd123afa9625
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a588566-7d22-4b47-96ce-ee6bb56e4898.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: eac845c9-b10c-4fce-b2ff-01b4111b506e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2OjhHp_IAMFeyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c59149-0058376c385a7bf91e07a395;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 18:02:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJvk4N80rrZjzks6MsuDc3XXdRIBAmoEQLVkvN6TXISBtWwXHYDJ_A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 18:44:18 GMT
etag: "db4cd956ba7e1e6b43174c250b7d4f1193277be9"
content-type: image/jpeg
age: 63183
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fda3d0-f25d-4038-bce9-349d25d63a74.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fda3d0-f25d-4038-bce9-349d25d63a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd54f560a77956e0ffb9645ba786c193
0a67ed30b7b9c66a6ccd2a72cd0de27b0fd38509
359fd1bdac8f7106b2d1dc71136ddca2bb70e95fab441af114e24d04fa69afe7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fda3d0-f25d-4038-bce9-349d25d63a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7847
x-amzn-requestid: 15cc6d5b-0805-4828-9bdc-5067a2d542d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: evbCYETXoAMFVqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c2d875-5ff79c917007ccbd40957aa3;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 16:29:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MTdWQGgqXhGjGRJbtMqJPn__CZJyfhtbDU81Ay-SaZE2CGJ55s8Lw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 11:17:12 GMT
age: 3609
etag: "0a67ed30b7b9c66a6ccd2a72cd0de27b0fd38509"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unpkg.com/videojs-flash/dist/videojs-flash.js
104.16.122.175302 Found 9.6 kB URL HTTP/2 unpkg.com/videojs-flash/dist/videojs-flash.js
IP 104.16.122.175:0
Hash 3b7eb62e930360347ca4a695a68519fe
820bd1d16d74dff31761ac0dde7244acf93e077d
5f8a7a25daaac8e67e2b50b54410f762ea2cd43c5a7cc63bbe31b3c0e655b359
GET /videojs-flash/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 17 Jan 2023 12:17:20 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-flash@2.2.1/dist/videojs-flash.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GPZT8GBYHKK6QN9F0AQRZDHP-ams
cf-cache-status: HIT
age: 349
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78af06f68aeab509-OSL
X-Firefox-Spdy: h2
av.hentaitube.win//cacrip.nakadashi.pw/AV4.us.jpg
172.64.161.18200 OK 2.4 kB URL HTTP/1.1 av.hentaitube.win//cacrip.nakadashi.pw/AV4.us.jpg
IP 172.64.161.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1344), with CRLF, LF line terminators
Hash fa484157d11be435da31d79378293028
9eebf207fd893fda335c58c54b103e6298b52739
5b7d7db83ceb3719062e913fe8831ba4b96506f032aec6fed6d91387d07a7038
GET //cacrip.nakadashi.pw/AV4.us.jpg HTTP/1.1
Host: av.hentaitube.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jsjs.gazo.space/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Host,Accept-Encoding
pdo-line8: host-av.hentaitube.win127.0.0.1-myhost-av.hentaitube.win127.0.0.1//cacrip.nakadashi.pw/AV4.us.jpg
phost: av.hentaitube.win
line1066: notjp--myhost-av.hentaitube.win-filteron-
line2430: notjp-//cacrip.nakadashi.pw/AV4.us.jpg-myhost-av.hentaitube.win-filteron-
Cache-Control: public, max-age=780511798
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: EXPIRED
Xkey-5950: av.//cacrip.nakadashi.pw/AV4.us.jpg-A-av.hentaitube.win-av.hentaitube.win-cacpdo0---yes
X-Proxy-Cache-gla: HIT
Xkey-gla: av.//cacrip.nakadashi.pw/AV4.us.jpg-A-av.hentaitube.win--my_zone
CF-Cache-Status: HIT
Age: 2532274
Last-Modified: Mon, 19 Dec 2022 04:52:47 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qc8Nh0IeouVB4hy9aLd%2Fepcg8FcvvyPvb87CFzGjxx3NIUI1uihCPsaM8phN8WAMbdl8%2FKzPrc3fxMnR1A1E1VToDWg0S%2By50BRN0Ybf59591ii2mFMrJoJ6I1FY9lSSREqoRg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78af06fb6ec672b4-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
188.114.96.1302 Found 0 B URL HTTP/1.1 av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg HTTP/1.1
Host: av.dmm.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 302 Found
Date: Tue, 17 Jan 2023 12:17:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Host,Accept-Encoding
pdo-line8: host-av.dmm.monster127.0.0.1-myhost-av.dmm.monster127.0.0.1/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
phost: av.dmm.monster
line1066: notjp-dmm-myhost-av.dmm.monster-filteron-
Cache-Control: public, max-age=36000000
Location: https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: HIT
Xkey-5950: av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg--av.dmm.monster-av.dmm.monster-cacpdo0---yes
X-Proxy-Cache-gjp: HIT
Xkey-g-jp: av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg--av.dmm.monster--my_zone
CF-Cache-Status: HIT
Age: 5515051
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trKFZwF%2BegSyB6adgJgJupFA4gON5sn%2BHlBo3CW1fbRs16SWekE6R7W8lVUm80ecK18%2BxQzKhQ8QJ4ml3G4X2bv9%2FT62Q7S3Vb7ztiUDXw4hOmDiwieho2%2FN7EjFPsA14A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78af06fd28231bfe-OSL
alt-svc: h2=":443"; ma=60
kapp66.com/contents/videos_screenshots/82000/82310/preview.jpg
188.114.96.1200 OK 115 kB URL HTTP/2 kapp66.com/contents/videos_screenshots/82000/82310/preview.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 115 kB (114832 bytes)
Hash 898e7c29955f0bb662d817ab82ea89f8
50aeb79082390dfefb096cbfcc939e4789b4ea03
d4429e50e81fdedfebc0c735f9bab07038c7b11b2c0b19e135ffac3d17bf5cec
GET /contents/videos_screenshots/82000/82310/preview.jpg HTTP/1.1
Host: kapp66.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:21 GMT
content-type: image/jpeg
content-length: 114832
last-modified: Sun, 18 Jul 2021 14:50:19 GMT
etag: "60f43fab-1c090"
expires: Sat, 28 Jan 2023 12:05:08 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 1642333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhAmbb21zuLQLaHinygsByiwx7gVWn6491O50WFFdGUo%2FXkalnmoxXNzefcMU%2Bb%2BPxU1kaeii42oulC%2FEq879Pc7CYQ59%2FvasvT1tFn4MtirL7qpffrfk2Dz0gIX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af06fd7b84b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
av.co-vid.win/9
148.72.246.38200 OK 20 kB IP 148.72.246.38:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (46443), with CRLF line terminators
Hash 7cb867579bb629369a7159141f693a54
78667e7bcb5a0e26604ae87b24454c839522f152
a1b6a4b543a9b41cb828d43e77e0614ac73138a13acad87dfc5d9f2836d7b798
GET /9 HTTP/1.1
Host: av.co-vid.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/v/s:/chuliany.xyz/videos/13027/3dafc8039b74a4928336a57cdb2136d3/title/%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C%20[11:28x721p]
Cookie: lctcfck=NO; _ym_uid=1673957840745750954; _ym_d=1673957840
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 17 Jan 2023 12:17:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Host,Accept-Encoding
pdo-line8: host-av.co-vid.win127.0.0.1-myhost-av.co-vid.win127.0.0.1/9
phost: av.co-vid.win
line1066: notjp--myhost-av.co-vid.win-filteron-
line2430: notjp-/9-myhost-av.co-vid.win-filteron-
line2504:
line2538: -
line2550296uuuuuuuuu: counted
Cache-Control: max-age=60, public
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: EXPIRED
Xkey-5950: av.co-vid.win/9--av.co-vid.win-av.co-vid.win-cacpdo0---yes
X-Proxy-Cache-g-jp: EXPIRED
Xkey-g-jp2: av.co-vid.win/9--av.co-vid.win--my_zone
iie8.com/vs/10439109.jpg
104.21.235.52200 OK 18 kB IP 104.21.235.52:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc54.92.100", baseline, precision 8, 360x240, components 3\012- data
Hash 630315e771f17bddf127bfcd097ef699
3d0169e2fe694526aa5b2d9a549fb7b8b0007904
41ded4cf8c4b52ae4d88712ae9a787718424b8078024b5efc497b586909a1174
GET /vs/10439109.jpg HTTP/1.1
Host: iie8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:21 GMT
content-type: image/jpeg
content-length: 17621
last-modified: Wed, 29 Aug 2018 20:00:56 GMT
etag: "5b86fb78-44d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: HIT
age: 1232625
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=le2b5H%2F2viEfLr8qDinGdnfR9fQn9wvViO09QMULUdlKKwXFRzS%2BwqJKUoYO1kLMvOzhFf9Q8YNlcjTMXOwwjlTnouGx3HgMLz%2FzXWGb1dJYslGAM8L2Fytf6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af06fdfae5719c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pornognomik.info/contents/videos_screenshots/2000/2819/preview.mp4.jpg
51.83.166.97200 OK 8.4 kB URL HTTP/2 pornognomik.info/contents/videos_screenshots/2000/2819/preview.mp4.jpg
IP 51.83.166.97:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, components 3\012- data
Hash 7c7968487fc3e0a90e6c2f8068748a5e
c63baf98128c577c09a16a7313b9a11854f18948
08a9a20525dca25ed9187c49dd81620ee1570b4eaf7a1ec8810e76f3bdd6c02b
GET /contents/videos_screenshots/2000/2819/preview.mp4.jpg HTTP/1.1
Host: pornognomik.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:17:21 GMT
content-type: image/jpeg
content-length: 8387
last-modified: Tue, 16 Nov 2021 05:43:03 GMT
etag: "619344e7-20c3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
sopornmovies.com/tmb/317/707-teen-anna.jpg
62.138.6.129200 OK 11 kB URL HTTP/1.1 sopornmovies.com/tmb/317/707-teen-anna.jpg
IP 62.138.6.129:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d9b4f6d8ece599a2da96d11e0b82ef7d
9da3349d01d6f7596c7330a85ced863269981c19
400dff2a430b0650cfc134e20d0d70b50bc5c33c719f82fdcae34cf621250380
GET /tmb/317/707-teen-anna.jpg HTTP/1.1
Host: sopornmovies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 17 Jan 2023 12:17:21 GMT
Content-Type: image/jpeg
Content-Length: 11437
Last-Modified: Mon, 16 Mar 2020 13:35:07 GMT
Connection: keep-alive
ETag: "5e6f808b-2cad"
Expires: Fri, 20 Jan 2023 12:17:21 GMT
Cache-Control: max-age=259200
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b4b7a42e903a17c6060c70447f1b5f1e
b1f52a3f43d78bb578e4596e7432a2cc15946e09
4ee5468762587ff85c078c32c9299ebf935c45e01526527667a1f60e1400f15b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:22 GMT
Last-Modified: Tue, 17 Jan 2023 11:13:15 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ecce7fdd81e92b16b2b0c8bed2ec7e0
877528aca3f3fd8559a17f175eacbf3c84d0522d
d5d97f5f53ae95de66ef85f7401f381a0f5127ac6b04ed062e2115055e00ee38
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D5D97F5F53AE95DE66EF85F7401F381A0F5127AC6B04ED062E2115055E00EE38"
Last-Modified: Mon, 16 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1117
Expires: Tue, 17 Jan 2023 12:35:59 GMT
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
www.xxxthaihd.com/wp-content/uploads/2019/05/xxx-1788.jpg
172.67.212.102200 OK 8.6 kB URL HTTP/2 www.xxxthaihd.com/wp-content/uploads/2019/05/xxx-1788.jpg
IP 172.67.212.102:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x160, components 3\012- data
Hash c5342196901f46e7a5bc9cc57a2a6dc4
7f1caf1e631481a851d8e85f2a2aaf0434f1f13d
59aab567852facc076ba034b717d2612e7d240104593d186df86368e4ac1e1cc
GET /wp-content/uploads/2019/05/xxx-1788.jpg HTTP/1.1
Host: www.xxxthaihd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 8622
last-modified: Fri, 06 Mar 2020 06:03:11 GMT
etag: "5e61e79f-21ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3376422
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5be8kxdEi7KOjlTpkywo9LcieKHburqQd8QnjYoM5q%2B7h10Yx9qIcuBqD%2BsXmgoOAQJjgq%2Fvns6dZxWtS4vbgu7ZbLUuobq62PcVPcMOxaUgWT%2BTnE6ezrv7XWQsj1PsOwiQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af07014c83b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.javwind.com/contents/videos_screenshots/21000/21179/preview.jpg
188.114.96.1200 OK 47 kB URL HTTP/2 www.javwind.com/contents/videos_screenshots/21000/21179/preview.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.21.103", baseline, precision 8, 640x360, components 3\012- data
Hash 831440f9c61b77e157170988a2177a3f
adc7df1529edb4275f15d212a4fb2f3b77f699aa
3c4a878cbae55224a1117160fac3ec0e4c4e54792f3ad9e547be49faec81428a
GET /contents/videos_screenshots/21000/21179/preview.jpg HTTP/1.1
Host: www.javwind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 46972
etag: "62e43545-b77c"
expires: Wed, 18 Jan 2023 00:30:00 GMT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
cache-control: max-age=14400
x-served-by: www.javwind.com
cf-cache-status: HIT
age: 42384
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOvjq7qLoKQpXy2IO3DytqFpUD%2FAVspb6h4znhVEzj8%2FsoypNqvTGs4kKbi61gGSxGQeTKtQwNq72IW0Or0H1ZpMcjkFhTW52akVX9CXJcry8Hip0R9ZXVGZ%2BFReeHe07Vo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af07016e8ab527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdne-pics.youjizz.com/0/5/d/3/a/05d3af1f5d9766938e23208e919ab45d1574061363-722.jpg
64.210.135.114200 OK 17 kB URL HTTP/1.1 cdne-pics.youjizz.com/0/5/d/3/a/05d3af1f5d9766938e23208e919ab45d1574061363-722.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 232x231, segment length 16, comment: "Lavc58.106.100", baseline, precision 8, 308x232, components 3\012- data
Hash 18ebc0d8400a0743baa01cfbc1d562aa
3ee2c7cce8d4fc654837e55e9dab0406d0ac993e
a1e462722238eb0d43360c9b3e07fed8b1fedf2cdc45d4214258d6e65b377fdc
GET /0/5/d/3/a/05d3af1f5d9766938e23208e919ab45d1574061363-722.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 16609
last-modified: Thu, 30 Dec 2021 10:22:15 GMT
etag: "40e1-5d45a6dae6d03"
cache-control: max-age=86401
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
Accept-Ranges: bytes
x-cdn-diag: ams5-6249-2-31753-h-0-0---;6141-27-43629----0-0-0
cdne-pics.youjizz.com/5/d/8/5d88c17cb0872206b12b42896060857e1631867521-1920-1080-3276-h264.mp4-9.jpg
64.210.135.114200 OK 20 kB URL HTTP/1.1 cdne-pics.youjizz.com/5/d/8/5d88c17cb0872206b12b42896060857e1631867521-1920-1080-3276-h264.mp4-9.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 308x232, components 3\012- data
Hash f0613dd55343ecfb96a14e88ff90d9f2
33c21fa6b118a3d3d21a298b18a86719ba4c3bf8
9ec43001e90454fdb49646f96d3e6709a7981c810fd27c4aeaad797022d068fa
GET /5/d/8/5d88c17cb0872206b12b42896060857e1631867521-1920-1080-3276-h264.mp4-9.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 20202
last-modified: Fri, 17 Sep 2021 08:40:19 GMT
etag: "4eea-5cc2ce1a597f3"
expires: Mon, 31 Oct 2022 04:06:17 GMT
cache-control: max-age=10619714
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
Accept-Ranges: bytes
x-cdn-diag: ams5-6249-3-31793-h-0-0---;6141-24-43629----0-0-1
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 02d4b5ebdfcd1014be7c406d8714443f
293d9d8ac991a258d14330f0736546059f8199a8
028967bd5d60ada544ce13ca1c4b3cdd275cf13ceb5788ecf5b75f6c17b64aa9
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=837
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 02d4b5ebdfcd1014be7c406d8714443f
293d9d8ac991a258d14330f0736546059f8199a8
028967bd5d60ada544ce13ca1c4b3cdd275cf13ceb5788ecf5b75f6c17b64aa9
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=859
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
X-N: S
cdne-pics.youjizz.com/b/d/9/bd9b07133a2b0b964688a8e8d6af5a571634623688-1920-1080-2648-h264.mp4-9.jpg
64.210.135.114200 OK 28 kB URL HTTP/1.1 cdne-pics.youjizz.com/b/d/9/bd9b07133a2b0b964688a8e8d6af5a571634623688-1920-1080-2648-h264.mp4-9.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 308x232, components 3\012- data
Hash f5e65638030ed9968536889c6be421a1
a9e8154607556736b24bb05e8856f4caa0e5e62e
27ad48b214645274fc09976e76b16c97d87395bf8f5502c09713ed25c11c9d43
GET /b/d/9/bd9b07133a2b0b964688a8e8d6af5a571634623688-1920-1080-2648-h264.mp4-9.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 27918
last-modified: Tue, 19 Oct 2021 06:12:03 GMT
etag: "6d0e-5ceae8a4ba31d"
expires: Sat, 05 Nov 2022 18:19:03 GMT
cache-control: max-age=10573630
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
Accept-Ranges: bytes
x-cdn-diag: ams5-7846-3-2795-h-0-0---;6141-25-43629----0-0-1
img2.xiangbinjun.com/new/2019-12-10/Heyzo-2132.jpg
54.230.111.89200 OK 46 kB URL HTTP/1.1 img2.xiangbinjun.com/new/2019-12-10/Heyzo-2132.jpg
IP 54.230.111.89:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash ff0998b823dd8431a97367799b451e83
8da0b2ee39a1b3ae0d903d5306c692502da57687
18e76f2c7d544e6d06321c14a913c445053b9f751ad925b7ace919c6018655ee
GET /new/2019-12-10/Heyzo-2132.jpg HTTP/1.1
Host: img2.xiangbinjun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 45640
Connection: keep-alive
Server: X
Date: Mon, 16 Jan 2023 22:12:52 GMT
Last-Modified: Sat, 23 Nov 2019 07:43:55 GMT
ETag: "5dd8e33b-b248"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YpWnuPJA1IoX3Q6PNarZ-RwdqOJ3qsAoweUCyY4O2ZcFWFEFRL_dYA==
Age: 50670
Vary: Accept-Encoding, Origin
img2.xiangbinjun.com/upload/vod/2019-11-04/157286564614.jpg
54.230.111.89200 OK 614 kB URL HTTP/1.1 img2.xiangbinjun.com/upload/vod/2019-11-04/157286564614.jpg
IP 54.230.111.89:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2017:01:23 09:34:05], baseline, precision 8, 960x540, components 3\012- data
Size 614 kB (613651 bytes)
Hash 2279f384c444400cbc5a8a6ef5fe6562
7b80ad900f0c099f55b9c38e4ca1452237cf706c
0c2feabd1a6a2d41476a0136890849546de6f5cd7b01db400f7b2fb5969917e6
GET /upload/vod/2019-11-04/157286564614.jpg HTTP/1.1
Host: img2.xiangbinjun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 613651
Connection: keep-alive
Server: X
Last-Modified: Mon, 04 Nov 2019 11:41:52 GMT
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 09:00:22 GMT
ETag: "5dc00e80-95d13"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eY0va2El-LWhxOJ3Mr0EtL-YQQqbfO8SujBknp31f2CoYHRwgHwcYg==
Age: 11840
Vary: Accept-Encoding, Origin
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash cbcbb4fc744537a290700040602265cd
2a8e9b6b60027820caada8dafd53a77e93f4bcfc
3ed950ce9ea3bc463b648a4f61d0d7bb6a9565f1c7a9eb3eb13bcf90b93f19bf
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=491
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
X-N: S
cdn.onlyindianporn.tv/000/316/316993/316993.webp
188.114.96.1200 OK 6.2 kB URL HTTP/2 cdn.onlyindianporn.tv/000/316/316993/316993.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x214, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11b55bd2fc696ab4a64cdd1b935074bc
895699cc043b8f03d33618c526e741e42b052821
a65e364a2043784557673300d947a4de0bf43a3bb012aac93789ccbbac576c05
GET /000/316/316993/316993.webp HTTP/1.1
Host: cdn.onlyindianporn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: application/octet-stream
content-length: 6162
etag: 11b55bd2fc696ab4a64cdd1b935074bc
last-modified: Wed, 26 Oct 2022 11:07:14 GMT
x-timestamp: 1666782433.82682
x-trans-id: tx218d54367d3f4cc487af6-00635917c8
x-openstack-request-id: tx218d54367d3f4cc487af6-00635917c8
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=31536000
expires: Thu, 19 Jan 2023 09:42:02 GMT
x-proxy-cache: HIT
cf-cache-status: HIT
age: 9320
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92YKKBfax8j1DqIA9PGmPWzf3nUOc9mjMAv%2BIIwttK1xhpEuJswap8yihlHOnH8acumAhUhSmt1hIWL2MwlaLdUb6l%2FKSytXH%2FpHaGckiXooufb5uJWXcK6pF4D47tjR32RAuik7j%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0702ffa6b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.xxxthaihd.com/wp-content/uploads/2018/01/Hello-Kitty-%E0%B8%AA%E0%B8%B2%E0%B8%A7%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2-%E0%B9%82%E0%B8%8A%E0%B8%A7%E0%B9%8C%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%81%E0%B9%80%E0%B8%9A%E0%B9%87%E0%B8%94.jpg
172.67.212.102200 OK 11 kB URL HTTP/2 www.xxxthaihd.com/wp-content/uploads/2018/01/Hello-Kitty-%E0%B8%AA%E0%B8%B2%E0%B8%A7%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2-%E0%B9%82%E0%B8%8A%E0%B8%A7%E0%B9%8C%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%81%E0%B9%80%E0%B8%9A%E0%B9%87%E0%B8%94.jpg
IP 172.67.212.102:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x160, components 3\012- data
Hash 238384a6a07ca456f9de16fc61b01cd4
d7eef2c500d333c8aa5219992e0ba8ff3b964300
767a7c2dee43e13f04e2c3318f096202ee7f0d5532ef83ffd3443ee3596d397a
GET /wp-content/uploads/2018/01/Hello-Kitty-%E0%B8%AA%E0%B8%B2%E0%B8%A7%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2-%E0%B9%82%E0%B8%8A%E0%B8%A7%E0%B9%8C%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%81%E0%B9%80%E0%B8%9A%E0%B9%87%E0%B8%94.jpg HTTP/1.1
Host: www.xxxthaihd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 11353
last-modified: Fri, 06 Mar 2020 06:01:50 GMT
etag: "5e61e74e-2c59"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3379429
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrxD8MB511M4aL%2BrhJvSwtG2c69dDmoGOxTqoC5lL0897deYfo6rFEduNeIpqo%2FIiRatim2uJg36USuUpS56CgbLWIFYMUFR5vnmVEDGpK6HxpfmWNGR0dafJv1Do8DCwpllbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0702ff10b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.javtheater.com/wp-content/uploads/2020/01/7kfkvcmyas08.jpg
188.114.96.1200 OK 195 kB URL HTTP/2 img.javtheater.com/wp-content/uploads/2020/01/7kfkvcmyas08.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x531, components 3\012- data
Size 195 kB (194977 bytes)
Hash a45b912fc1176b7ea7e5e2d429c4735e
4b676f290661689371f771776efdaf5e46382246
ca29f44f7464a89f2a8d93684957d8bf5c946d3800d0720d189cc382feb9e0a9
GET /wp-content/uploads/2020/01/7kfkvcmyas08.jpg HTTP/1.1
Host: img.javtheater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 194977
cache-control: public, max-age=604800
expires: Mon, 23 Jan 2023 02:05:03 GMT
etag: "2f9a1-5f3b319f-12c05a1;;;"
last-modified: Tue, 18 Aug 2020 01:40:47 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 123139
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhBQ02MByscMtjYxspZ%2BIiuJnEl6HaEbrBH0ihPHT%2FpXKPLT40G7yznGgAfiOQQkIefKbHu8M4iekIzJ60rfif%2Bxiqjr9G8wSHMhx2l0vbVgyaFHI8ku%2FIlrq9M0MCpj%2FCyhZzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af07031be0b511-OSL
X-Firefox-Spdy: h2
fanat.men/media/videos/tmb/000/000/495/1.jpg
185.162.11.18200 OK 19 kB URL HTTP/1.1 fanat.men/media/videos/tmb/000/000/495/1.jpg
IP 185.162.11.18:0
ASN #207728 EUROHOSTER Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash 2feebfcd25632904900c294c755d5847
276c4e00869b766d667201144346c875dedf601a
4aba208f2d58d9de1dc821067429e8d768a1c05884dd3cd1867a06a67cb4889a
GET /media/videos/tmb/000/000/495/1.jpg HTTP/1.1
Host: fanat.men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 19168
Last-Modified: Fri, 25 Mar 2022 23:27:12 GMT
Connection: keep-alive
ETag: "623e4fd0-4ae0"
Expires: Wed, 18 Jan 2023 12:17:22 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
xvideosporno.blog.br/wp-content/uploads/enche-minha-bucetinha-de-porra.jpg
104.26.11.106200 OK 49 kB URL HTTP/2 xvideosporno.blog.br/wp-content/uploads/enche-minha-bucetinha-de-porra.jpg
IP 104.26.11.106:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8f4be3be424c430efcec8175b3e12a6c
928bae7b98965a4c38231f7a20822b090523c867
b4e61d597763fd9f05f36efdf33f3fe8160d87c30d8012af4bad368de2f6efff
GET /wp-content/uploads/enche-minha-bucetinha-de-porra.jpg HTTP/1.1
Host: xvideosporno.blog.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/webp
content-length: 49232
access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
age: 916399
cache-control: max-age=315360000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=87879
content-disposition: inline; filename="enche-minha-bucetinha-de-porra.webp"
etag: "5f60da8e-15747"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 15 Sep 2020 15:15:26 GMT
vary: Accept
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhDKH1sVW02QDfUk6VWm95ApdRUgbWtCu5oLtOwGZ3PudiVINJcY8%2FZm8cfvLAqlMKcZKH44YLxkYUJgQk07QTCf3aR9cmN2xOwEKqmYDnbeZIOSTMC1MUaj%2FvVjN1Os8kivyEUf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af07034beafac4-OSL
X-Firefox-Spdy: h2
cdne-pics.youjizz.com/f/4/e/f4e740468edb717e798ae7ede658aa381597939930-1280-720-1284-h264.mp4-9.jpg
64.210.135.114200 OK 29 kB URL HTTP/1.1 cdne-pics.youjizz.com/f/4/e/f4e740468edb717e798ae7ede658aa381597939930-1280-720-1284-h264.mp4-9.jpg
IP 64.210.135.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 308x232, components 3\012- data
Hash f5796dee6615e1eb646acc037c8bfee5
65fe225708b1ce26d0da43b2577bb2547cf13bd6
327b6bcdcbc7d52c6fccfd5ace30a4fb07e76a52a300797b5471245de8cee763
GET /f/4/e/f4e740468edb717e798ae7ede658aa381597939930-1280-720-1284-h264.mp4-9.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 28791
last-modified: Thu, 20 Aug 2020 16:27:22 GMT
etag: "7077-5ad519843b99b"
expires: Tue, 01 Nov 2022 16:34:59 GMT
cache-control: max-age=10745502
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
Accept-Ranges: bytes
x-cdn-diag: ams5-7619-1-50735-h-0-0---;6141-25-43629----0-0-0
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash f0b648429f05aacfaf85df6cb92b2073
3c916f86f30c870ad42c5bc6702dc322d919bf6f
1da42f8d0e1504ea8b8d7f137b13dbeb8678eaf42d5a5a3977e963d82b06e7d6
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
X-N: S
moav.com/contents/videos_screenshots/18000/18295/preview.jpg
104.21.235.193200 OK 60 kB URL HTTP/2 moav.com/contents/videos_screenshots/18000/18295/preview.jpg
IP 104.21.235.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.13.100", baseline, precision 8, 720x1280, components 3\012- data
Hash a96344b35749fd9ad3056242e49c7068
73630fcc3f6f7cc9fe1d7ed6f6d0549cbdb6d699
a5d11141e4c487f4a7091cd60aeb1ad0733798d4c37b1fd495831061e04fa3af
GET /contents/videos_screenshots/18000/18295/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 59666
last-modified: Fri, 25 Mar 2022 23:14:48 GMT
etag: "623e4ce8-e912"
expires: Fri, 20 Jan 2023 03:04:56 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2365946
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrdoMN4rBy5wegAFK7Qk6P5792vic79lBnaouxxuWGpRgbKSN0Tj4bm%2FCfG6lrOIIrYdmkmhKkdNI8iW1%2Bvo%2Fx0UbcBVwCAOYQhq5yW%2FgTe8Nicpke7YAMJHEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af070339ea7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-14/12/hdzer42ikao1208hdzer42ikao505910.jpg
45.89.208.114200 OK 6.7 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-14/12/hdzer42ikao1208hdzer42ikao505910.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 22fbfd9d97d096593ade568e44b488a5
187593a141ffddda32a3a8f777c022d2b7d00095
2771dddb43e568693ddc20f5c49a4f5580d905310262d840e9a814d53ee707a8
GET /upload/vod/2020/04-14/12/hdzer42ikao1208hdzer42ikao505910.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 6703
Last-Modified: Wed, 09 Nov 2022 11:42:15 GMT
Connection: keep-alive
ETag: "636b9217-1a2f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
151.101.194.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.194.133:0
Hash 6ea9a8355ef47baf0f0ca9e81a354bac
5bb8fe0585cc761bb6d728996465b264bf3815d8
449220b753a114476ddde8248299f43a3b42b89e917d9f0f9b81bdf357851d37
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 21 Jan 2023 09:04:41 GMT
ETag: "5bb8fe0585cc761bb6d728996465b264bf3815d8"
Last-Modified: Tue, 17 Jan 2023 09:04:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 12:17:22 GMT
Age: 4304
X-Served-By: cache-qpg1249-QPG, cache-bma1677-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 36, 1
X-Timer: S1673957843.545939,VS0,VE1
moav.com/contents/videos_screenshots/38000/38363/preview.jpg
104.21.235.193200 OK 121 kB URL HTTP/2 moav.com/contents/videos_screenshots/38000/38363/preview.jpg
IP 104.21.235.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 1344x1080, components 3\012- data
Size 121 kB (120653 bytes)
Hash 3d13e0a71143091d324b7db98534f0b0
fde68ed6ab3ba9f78823afbdc0321b0e90cbf6cf
e5e4bd53dc85d34a15d625b17e18ed0b6522de8706de66d067c9f1cba4535907
GET /contents/videos_screenshots/38000/38363/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 120653
last-modified: Thu, 29 Sep 2022 00:48:22 GMT
etag: "6334eb56-1d74d"
expires: Fri, 20 Jan 2023 10:12:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2340309
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHLuDfu4OBFE49IKXy4PXbz6FMWFHRvuU0hRIg2BNMnE3nSy38B9DBjkTJ6qth1bjal5s7t1xhyVMponmta5gQpBQQUJMCEqQKiLS8HY5CEM2x9ho58GB4SHdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af070339f07767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
moav.com/contents/videos_screenshots/18000/18499/preview.jpg
104.21.235.193200 OK 141 kB URL HTTP/2 moav.com/contents/videos_screenshots/18000/18499/preview.jpg
IP 104.21.235.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.13.100", baseline, precision 8, 1280x720, components 3\012- data
Size 141 kB (140638 bytes)
Hash 323cb3e78fc17e7c6350eb1fae9d650d
88c9e0bb61122cc0f7abb79320c4ec6ecba4a683
00fcef2c03b0c4ce80faaca931eb66039d00054e3a68a7523865e971a6bc6ef0
GET /contents/videos_screenshots/18000/18499/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 140638
last-modified: Fri, 25 Mar 2022 22:40:45 GMT
etag: "623e44ed-2255e"
expires: Fri, 20 Jan 2023 10:57:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2337608
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viPZtN3GC5t5hQYlS4zudAHMel4zd8rTFFkp8phNJzwNESHAE0E93bf7S019mbglq5dzkI80vzFFgGjoTN5x%2FL4ZslbyE0q2sw%2F2soPTRzlMN7qny1gLXN1qag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af07035a1f7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
subo228.com/20221111/i1iE9p3F/1.jpg
107.167.21.106200 OK 19 kB URL HTTP/1.1 subo228.com/20221111/i1iE9p3F/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x239, components 3\012- data
Hash 594a653960357b618ba97245f9138f00
1dcf7fcce7d8ff75e3f44c85088a136fa2e832e3
072eeb07c95ffe830d1f4a77283ae07d2604b73179ac8c9cf9e2ec305841a830
GET /20221111/i1iE9p3F/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 18577
Last-Modified: Thu, 12 Jan 2023 14:28:00 GMT
Connection: keep-alive
ETag: "63c018f0-4891"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
subo228.com/20230113/F0oModza/1.jpg
107.167.21.106200 OK 36 kB URL HTTP/1.1 subo228.com/20230113/F0oModza/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 426x239, components 3\012- data
Hash 394e9a71c7cdcf42663d53d21ef26bbb
866667a12b53fe28da73cf3b63cdf0ef3a3ec0c7
ea19e9a353cb2d5dfe29bdee5b1d00d332308a662fb983a7dee10339c3548072
GET /20230113/F0oModza/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 36499
Last-Modified: Sat, 14 Jan 2023 05:03:52 GMT
Connection: keep-alive
ETag: "63c237b8-8e93"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
xiusebf6.com/20221210/gW6BByx7/1.jpg
23.224.225.66200 OK 6.1 kB URL HTTP/1.1 xiusebf6.com/20221210/gW6BByx7/1.jpg
IP 23.224.225.66:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash cb750bc939f310c8f357d7231507ee4f
001d3bcc2f19fad966ddee2a4ae98091c55ed7c5
93c8ef7eaf547fddc5ad985df5accea09cfb9e4030bd78e683e47e289660b639
GET /20221210/gW6BByx7/1.jpg HTTP/1.1
Host: xiusebf6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 6092
Last-Modified: Mon, 16 Jan 2023 05:13:04 GMT
Connection: keep-alive
ETag: "63c4dce0-17cc"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash f0b648429f05aacfaf85df6cb92b2073
3c916f86f30c870ad42c5bc6702dc322d919bf6f
1da42f8d0e1504ea8b8d7f137b13dbeb8678eaf42d5a5a3977e963d82b06e7d6
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 5452383d159352f73072395e6266ba7f
ff7a52159ca110285d27a46fd83658fb2bc027f5
5c1c701c1917d2de5e481e4eed4e3ee426888065850fbd0657836b30b46e3f0f
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=892
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
X-N: S
www.clporn.com/thumbs/35/981-.jpg
104.21.49.124200 OK 14 kB URL HTTP/2 www.clporn.com/thumbs/35/981-.jpg
IP 104.21.49.124:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x208, components 3\012- data
Hash 67b17b55fb803c7b2b92e82729472704
5f89ed908ed9af4d1d6d92fdb2c983df4b6daad7
8a19aaddf324ae9fceec3b427c83527153c6897a1c2268ec86a1e90c9d2ed5b8
GET /thumbs/35/981-.jpg HTTP/1.1
Host: www.clporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 13918
last-modified: Tue, 07 Jul 2020 13:04:15 GMT
etag: "5f0472cf-365e"
expires: Fri, 17 Nov 2023 10:01:26 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 5278556
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4KM73zDomgo1l%2BSjWs8%2FQ5bFMqLRXgM7GoVNG1iM0yu2SFuXZ3fn41wERgo5ocMeFz%2FpU2mCGksIXVyyaDVuePf%2FQx%2BEA16hMA0D6U4zmVNgdSg65jz0CWZWSHzIVfyjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0704e8c90b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash f0b648429f05aacfaf85df6cb92b2073
3c916f86f30c870ad42c5bc6702dc322d919bf6f
1da42f8d0e1504ea8b8d7f137b13dbeb8678eaf42d5a5a3977e963d82b06e7d6
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
X-N: S
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1b87ed8ef98b8884ab53fb704be2ba08
04d12cbdebcf41be83562dd8ea9435daa29147e2
0c9ce492c1caf022d6f81b5d5c6767ad466251709312a788a85f40bdc199da5f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1692
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:22 GMT
Last-Modified: Tue, 17 Jan 2023 11:49:10 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.russiaporno.net/types/videohub/images/245220.jpg
104.21.235.186200 OK 7.7 kB URL HTTP/2 www.russiaporno.net/types/videohub/images/245220.jpg
IP 104.21.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Lavc52.10.0", baseline, precision 8, 180x135, components 3\012- data
Hash 53d355bda34cb61fbe648ffeec5f65a2
87e903dbde3f6cac03cb7dbe03114b619d878f7f
a9f0cfc1b6bcc71f70321ff71299665a78bd66fd5e9d1b30519c2e2d44e0048c
GET /types/videohub/images/245220.jpg HTTP/1.1
Host: www.russiaporno.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 7659
last-modified: Sun, 21 Jun 2015 14:29:56 GMT
etag: "5586ca64-1deb"
expires: Tue, 24 Jan 2023 02:14:44 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2023358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hi9W%2BlA1EprPKhI1hpEE368GjMa4wJsallOYx0wTW2DbVwZF5ic95Q8AouSBn80qA%2FGdNYEXQt2btTIFUuq%2BzUr8dSjTRdkXiXvM9CnoOb4qzcvaVtlthruQPK1Ld%2F3wV18h8Jkf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af07052b65dd1b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68e244c40e8504a32b528b040c549bca
a8b84a960221910d0a997e2d302177fc190997bc
a33f172be1f8289d8418cb88494725e62ce43c3f5b3c038b6b3fbeca2ee23df7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A33F172BE1F8289D8418CB88494725E62CE43C3F5B3C038B6B3FBECA2EE23DF7"
Last-Modified: Tue, 17 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13656
Expires: Tue, 17 Jan 2023 16:04:58 GMT
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
www.212avporn.com/wp-content/uploads/2018/04/a000-3.jpg
172.67.160.61200 OK 15 kB URL HTTP/2 www.212avporn.com/wp-content/uploads/2018/04/a000-3.jpg
IP 172.67.160.61:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 0d5ee5e15974d82683301233bd8e720d
b6f39d9c2b74e8812753cdfd05106ac8f9e88079
a676578816b9d2373514ae6d7090d02295bcc380b7ef506cb6652f45e4899b23
GET /wp-content/uploads/2018/04/a000-3.jpg HTTP/1.1
Host: www.212avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 14907
last-modified: Fri, 06 Mar 2020 06:41:04 GMT
etag: "5e61f080-3a3b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3378900
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6Pfpq3jwgbsVrnLwl%2BHX96ew358tGzihCKcNFne6LBi6rgb%2FB6GtaiY7FGKNdWaI92NiZMMwiJW2xpu2%2F6LdHKXEwVNfmaR7lrz2K390ldHOFkwvx1xoBkXhGoKpEJKuUtf9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; preload
server: cloudflare
cf-ray: 78af07054e0eb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash f4588e3f6ce1fe7a04ed3e8f10da8d2f
f013d21ed0fd35325d49077335b47998a0a169a4
004562888f05d49935b41b72c208e6797f5b2c725beb612e44a9abc2c4beeb85
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=711
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
X-N: S
fmlb.netlbtu.com/upload/vod/2019/11-08/03/u5wmujdu3ba0326u5wmujdu3ba044961.jpg
45.89.208.114200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/03/u5wmujdu3ba0326u5wmujdu3ba044961.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2a245e35fa66d9bf35947919b79e729c
56d0d313c73a2c097977d5a0a03e714b8c312090
6e42efc1544e345524f10044009d781993096ca49ad067e8a5dc99161c30dc2a
GET /upload/vod/2019/11-08/03/u5wmujdu3ba0326u5wmujdu3ba044961.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 10337
Last-Modified: Wed, 09 Nov 2022 11:43:01 GMT
Connection: keep-alive
ETag: "636b9245-2861"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b4b7a42e903a17c6060c70447f1b5f1e
b1f52a3f43d78bb578e4596e7432a2cc15946e09
4ee5468762587ff85c078c32c9299ebf935c45e01526527667a1f60e1400f15b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:22 GMT
Last-Modified: Tue, 17 Jan 2023 11:13:15 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 38b38ba697a64cc32048f851bb0ef084
2a9b33df11cd08d7fccf2a2dcc17b206aef437c9
b3f641a7e73ca219f9b49316b1355465fea5b5568afd4a1ffcc8335f33c548da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3F641A7E73CA219F9B49316B1355465FEA5B5568AFD4A1FFCC8335F33C548DA"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7236
Expires: Tue, 17 Jan 2023 14:17:58 GMT
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
hentaifreak.org/wp-content/uploads/machi-gurumi-no-wana-hakudaku-ni-mamireta-shitai-episode-3.jpg
172.67.156.97200 OK 60 kB URL HTTP/2 hentaifreak.org/wp-content/uploads/machi-gurumi-no-wana-hakudaku-ni-mamireta-shitai-episode-3.jpg
IP 172.67.156.97:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash aef16f706b59506dcb2dfa26c4cd2875
989dca8f45a8f70acd2b588b41a9efa72e6554d4
f7bd4b4aa251028908d9078e6a9f948cd7a513a9d4763973d73522c193857299
GET /wp-content/uploads/machi-gurumi-no-wana-hakudaku-ni-mamireta-shitai-episode-3.jpg HTTP/1.1
Host: hentaifreak.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 59479
last-modified: Mon, 16 May 2022 08:32:32 GMT
etag: "62820c20-e857"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4727
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVsFO16f5I0%2F3nsJ0WSHWeNUAzPCL6w6vriK6e6FEezXOHC5nR%2BR9hJp6gZK3pXPbjCOl%2B3vt30B7BbtxWNjxo%2F2Qddp287P3S4onMm148uSnk1m8mcQ%2FTP8d4IfmIuLIjc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af07058f98b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.latinporn.tv/img/470/7462/70105-1-001.jpg
87.98.225.181200 OK 11 kB URL HTTP/2 www.latinporn.tv/img/470/7462/70105-1-001.jpg
IP 87.98.225.181:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 8x9, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 270x180, components 3\012- data
Hash fb84e86d71b91eca2c83e79d86c388e1
2fb14213bf6fbb35e0a0fc9cb525e1cd73bd1b12
0673fb46cf4b2e442b689c7c87269956e2082f857049a251119550eeff6b237f
GET /img/470/7462/70105-1-001.jpg HTTP/1.1
Host: www.latinporn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.1
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 10618
last-modified: Fri, 23 Feb 2018 06:06:26 GMT
etag: "5a8faf62-297a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ecce7fdd81e92b16b2b0c8bed2ec7e0
877528aca3f3fd8559a17f175eacbf3c84d0522d
d5d97f5f53ae95de66ef85f7401f381a0f5127ac6b04ed062e2115055e00ee38
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D5D97F5F53AE95DE66EF85F7401F381A0F5127AC6B04ED062E2115055E00EE38"
Last-Modified: Mon, 16 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4178
Expires: Tue, 17 Jan 2023 13:27:00 GMT
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
jsjs.gazo.space/index.php?js=very
172.64.99.28200 OK 55 kB URL HTTP/2 jsjs.gazo.space/index.php?js=very
IP 172.64.99.28:0
File type ASCII text, with no line terminators
Hash ecd0df17ffb7df0881ceeb19f6a7565e
f324f455944e55ba958b9864bcdf3127ffc763d7
81e19533a1fa66c0fafa4f81c926de814411743b47d384f54372a63c8eb78e9f
Analyzer Verdict Alert fortinet Phishing
GET /index.php?js=very HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsjsgazospacmh--NO-rm2400cb003771024ac465b46/index.php?js=very
55nloadrate: 0.43125
cache-control: max-age=360000, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yx%2Fn5SthEbdJGJmXRN033Q4R6UFEtFRqw5fN%2FDh9OEJjfJ9%2FNq40EdCcLfpxsou3tKvHUvAMrqAS42hVPUFDrpte7qqP2%2BfOzR26ys1k%2FJtcpXtZ73YMI12dblozmcMb9ik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af06f0bb4872f1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.dlsite.com/chobit/contents/2205/3les6gnc4nc4kkwssso84c0ok/3les6gnc4nc4kkwssso84c0ok_thumb.jpg?w=1000&h=1000
163.171.235.42200 OK 93 kB URL HTTP/2 media.dlsite.com/chobit/contents/2205/3les6gnc4nc4kkwssso84c0ok/3les6gnc4nc4kkwssso84c0ok_thumb.jpg?w=1000&h=1000
IP 163.171.235.42:0
ASN #54994 QUANTILNETWORKS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 1000x561, components 3\012- data
Hash 7988ca05e11768087f87cd7e93cbbfc1
c54067a78fcfe6c3d48673154d8dd81dbf4cc6e1
95bb2a1476aa3c3c7529feebd8f7f1290ad09d00e8b42108425c7f9c293b6f69
GET /chobit/contents/2205/3les6gnc4nc4kkwssso84c0ok/3les6gnc4nc4kkwssso84c0ok_thumb.jpg?w=1000&h=1000 HTTP/1.1
Host: media.dlsite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 93182
date: Thu, 24 Nov 2022 08:07:06 GMT
x-amz-id-2: nuVUH2PFmirRZAMXQWOn7+oe5JXzz7gI3fIDpLv8Wvge6dOS4CkzY13eojdWNwvUAk59nuiU4/0=
x-amz-request-id: 0T68XXCHCF405HK1
last-modified: Tue, 03 May 2022 10:04:03 GMT
etag: W/"f7ffc0f241861bba877abf7d9fbf9ca3"
x-cache-status: HIT
x-qtl-request-id: e5a4b7770137c6defdf471375e26620a
x-via: 2.0 eu-pl-waw0-cache-0001 [HIT]
cache-control: max-age=3600
age: 4680616
server: QTL_Cache/1.2.14
accept-ranges: bytes
X-Firefox-Spdy: h2
xiusebf6.com/20221210/Tp317Kdt/1.jpg
23.224.225.66200 OK 36 kB URL HTTP/1.1 xiusebf6.com/20221210/Tp317Kdt/1.jpg
IP 23.224.225.66:0
Hash 2913196bbcc573dba5969742a0e3a536
f64f94a20bf9170fee28230c476790486e9a4b37
738edc64bc9b82dac675c73d21ab5de328cfd5875678e1951fe238ed1877890f
GET /20221210/Tp317Kdt/1.jpg HTTP/1.1
Host: xiusebf6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 8784
Last-Modified: Mon, 16 Jan 2023 05:13:04 GMT
Connection: keep-alive
ETag: "63c4dce0-2250"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pics.dmm.com/digital/video/5330imbd00166/5330imbd00166pl.jpg
103.254.145.148200 OK 138 kB URL HTTP/1.1 pics.dmm.com/digital/video/5330imbd00166/5330imbd00166pl.jpg
IP 103.254.145.148:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x437, components 3\012- data
Size 138 kB (137761 bytes)
Hash 788738ccfdb0d3ae9b4c855ce9e49ab5
ed347fb012735dadf76a762d1c9127946bf1715e
adad87d1adcc1751cf6dd8ba48b7f3fb6d6a05f0624bc3a7ca45c28fcd77111c
GET /digital/video/5330imbd00166/5330imbd00166pl.jpg HTTP/1.1
Host: pics.dmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 17 Jan 2023 12:17:21 GMT
Content-Type: image/jpeg
Content-Length: 137761
Connection: keep-alive
Last-Modified: Fri, 10 Apr 2015 04:51:45 GMT
ETag: "552756e1-21a21"
X-Pics-Origin: digital-master
X-Cache-Status: HIT
Set-Cookie: app_uid=Z/6RlGPGkdEr2V4ZKmxRAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.com; path=/
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 01cd09f66a5af49114f5b6d3f58e0903
f06c419f32635fedf712cf1f2e15f6acb66f1735
18c470930463c2280ac4a18f247108faa4a31aebc5ee8adbef99e6966d30ea61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18C470930463C2280AC4A18F247108FAA4A31AEBC5EE8ADBEF99E6966D30EA61"
Last-Modified: Mon, 16 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1135
Expires: Tue, 17 Jan 2023 12:36:17 GMT
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
m.pornhd.vip/javtube/gqueen/tomomi.kai/326/5.jpg
198.255.76.99200 OK 47 kB URL HTTP/2 m.pornhd.vip/javtube/gqueen/tomomi.kai/326/5.jpg
IP 198.255.76.99:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x393, components 3\012- data
Hash 585e2cf6f21add36c2e6cde1cd28d212
daa0009202e9bd9be8f89b7e1bb228691409232f
3e7c5f0bef176608f8e55db332539607ba145bafa55284cdbbdec6078042ff86
GET /javtube/gqueen/tomomi.kai/326/5.jpg HTTP/1.1
Host: m.pornhd.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 46650
last-modified: Fri, 09 Sep 2011 11:48:16 GMT
etag: "4e69fd00-b63a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
xiusebf6.com/20221210/EKahXp01/1.jpg
23.224.225.66200 OK 5.7 kB URL HTTP/1.1 xiusebf6.com/20221210/EKahXp01/1.jpg
IP 23.224.225.66:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 189x142, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2215395b6e5a7102cdea0c60135bebef
0782de96747b124448a0c1042417d6840ed10341
a737751172445467c7fa1a67b6909e4ecf907f85e6f67a5d7918d0a82a9d7d37
GET /20221210/EKahXp01/1.jpg HTTP/1.1
Host: xiusebf6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 5692
Last-Modified: Mon, 16 Jan 2023 05:51:07 GMT
Connection: keep-alive
ETag: "63c4e5cb-163c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
subo228.com/20230101/1IIqJFEv/1.jpg
107.167.21.106200 OK 22 kB URL HTTP/1.1 subo228.com/20230101/1IIqJFEv/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x239, components 3\012- data
Hash f6b23a476673000baf511df9385f1ad9
df7984b7ca93f0cc0820199c4584d8ca5c030a1b
af1d00244be4b8090152a6662b3c30059c0d3b0379c6115c01ceea5ab5c397b9
GET /20230101/1IIqJFEv/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 22529
Last-Modified: Thu, 12 Jan 2023 14:28:00 GMT
Connection: keep-alive
ETag: "63c018f0-5801"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.r2m01.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 143.204.48.16:0
Hash c65a013cda8d005f003dc7ce01a5c6c1
6f1029ed134855ba03805db3f16c655b436bbdde
3f3d4d9a6e105197ce623b47517cb81444a71428d9dfd5d43ca5ca1af4d0b453
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 17 Jan 2023 12:17:22 GMT
Etag: "63c51edf-1d7"
Server: ECS (dcb/7F5F)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5-5Pd4gqLTLzLuiaZq4ZOksM45tPrqWzR8RiA5-7CgwEi01DJpUtbA==
subo228.com/20221215/5eUPr0Fd/1.jpg
107.167.21.106200 OK 26 kB URL HTTP/1.1 subo228.com/20221215/5eUPr0Fd/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x240, components 3\012- data
Hash 9f4217fc72d0ba7a9aeccc81d7df43a9
3ef8a24e15ecf0fd4215aec9fac17e2e6ddffedd
1b2ad1a67130c886e28139557d0566e383b53dc221eddb89af1d689cd87d9e14
GET /20221215/5eUPr0Fd/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 25755
Last-Modified: Thu, 12 Jan 2023 14:28:00 GMT
Connection: keep-alive
ETag: "63c018f0-649b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img2.xiangbinjun.com/new/2020-05-21/pacopacomama-053019_102.jpg
54.230.111.89200 OK 126 kB URL HTTP/1.1 img2.xiangbinjun.com/new/2020-05-21/pacopacomama-053019_102.jpg
IP 54.230.111.89:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 960x540, components 3\012- data
Size 126 kB (126049 bytes)
Hash 21f76f9004b4085031e3c99d5c304ba1
35bcc536ec9b3d7333c4a9477d8669ccdae1ee2f
383fd47db36506f2a6603f218a950b46b54e34f3758a515ef29e77f29189527d
GET /new/2020-05-21/pacopacomama-053019_102.jpg HTTP/1.1
Host: img2.xiangbinjun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 126049
Connection: keep-alive
Server: X
Last-Modified: Sun, 26 Jul 2020 15:06:21 GMT
Accept-Ranges: bytes
Date: Mon, 16 Jan 2023 22:41:29 GMT
ETag: "5f1d9bed-1ec61"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RpvumGwK2PHPY7ykpL9xEi485mgVINWxXCBQoCZeB11FZ8IvJ4TswQ==
Age: 49022
Vary: Accept-Encoding, Origin
xiusebf5.com/20221114/bokp0aPQ/1.jpg
23.224.225.156200 OK 9.5 kB URL HTTP/1.1 xiusebf5.com/20221114/bokp0aPQ/1.jpg
IP 23.224.225.156:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 89f5160c73e9bacd42995e026aee8dff
a573c34ff11c1fd630c9c8667d7bfcb5487812c6
24d519414432ca37c5656631598e2e6fa1f205fc6e513fd8a5d5a5b35fb8d8b4
GET /20221114/bokp0aPQ/1.jpg HTTP/1.1
Host: xiusebf5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: application/octet-stream
Content-Length: 9486
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 19:48:20 GMT
ETag: "63729b84-250e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Accept-Ranges: bytes
Content-Disposition: attachment; filename="1.jpg"
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash b82f642ede98f5f6809088b0ea48730a
137e9f4268861ce0d21a28e2dd8dfeb83fa857c5
91b6a846b3759440bec974142175b167878130a26a0607e6a0199f9625ee856c
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=380
Date: Tue, 17 Jan 2023 12:17:22 GMT
Connection: keep-alive
X-N: S
xiusebf6.com/20221210/bogKdgbQ/1.jpg
23.224.225.66200 OK 8.8 kB URL HTTP/1.1 xiusebf6.com/20221210/bogKdgbQ/1.jpg
IP 23.224.225.66:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 30001x-25614, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 7a0f0e4211b9fb8dd0d831f1f0c1aa59
034de7ec75b5c8f80e681ce92d6679bae3668fa4
4f31cad1d237e96540b3690538373098269cca95386b67943ed80d70efa9776e
GET /20221210/bogKdgbQ/1.jpg HTTP/1.1
Host: xiusebf6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 8767
Last-Modified: Mon, 16 Jan 2023 05:49:27 GMT
Connection: keep-alive
ETag: "63c4e567-223f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
xiusebf6.com/20221210/J2SRSfdQ/1.jpg
23.224.225.66200 OK 8.5 kB URL HTTP/1.1 xiusebf6.com/20221210/J2SRSfdQ/1.jpg
IP 23.224.225.66:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash c0db60df613d48c10fb73ee9a24aa17c
721be12521aa46b801b4a7989981a537fe58f450
4645c1b40f04c7584e4de2143d4c6099619577fbb8742f33de7e6e84b960d240
GET /20221210/J2SRSfdQ/1.jpg HTTP/1.1
Host: xiusebf6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 8504
Last-Modified: Mon, 16 Jan 2023 05:42:06 GMT
Connection: keep-alive
ETag: "63c4e3ae-2138"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220305/6441B619E3667AF2/6441B619E3667AF2.jpg
5.180.83.13200 OK 4.3 kB URL HTTP/1.1 pt1.putaozy.info/20220305/6441B619E3667AF2/6441B619E3667AF2.jpg
IP 5.180.83.13:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash cff7bfb15d283d2ca79a9c831befd44f
8c017bdbdf8ba7a31333a73927d984d4c8ddcd85
3fa002f5fbc4facd24f71cba31f3963ef800f941e0b27a59b228958a2f5bd688
GET /20220305/6441B619E3667AF2/6441B619E3667AF2.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 4334
Last-Modified: Tue, 17 Jan 2023 10:11:21 GMT
Connection: keep-alive
ETag: "63c67449-10ee"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pornogids.net/contents/videos_screenshots/410000/410762/preview.jpg
104.21.234.7200 OK 26 kB URL HTTP/2 pornogids.net/contents/videos_screenshots/410000/410762/preview.jpg
IP 104.21.234.7:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 572x324, components 3\012- data
Hash 460c7d4872ca68e5cd4c9ce6bce7725d
e551a310b3e4dc5f6990f4859e02904dbeaf4563
aace70416218cf59713e82d1f2aabac7aef1685b7d2c06c61160d5358b055bf5
GET /contents/videos_screenshots/410000/410762/preview.jpg HTTP/1.1
Host: pornogids.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 25810
cf-bgj: h2pri
etag: "607179c6-64d2"
last-modified: Sat, 10 Apr 2021 10:11:18 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vh9Caz%2F1PRaOOJvXvV6MwonNfu54F9c1XvmAmMXSyCvL8aCJxLMNcOIUNX%2BwqxIxL7D5Yqi%2F1n77M08VpKkURO8EqXR%2FRLSkqrDP80WwMSnRFgSh15I3sEueIkjfubdl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af07060d1e2403-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pics.dmm.com/digital/video/5330imbd00022/5330imbd00022pl.jpg
103.254.145.148200 OK 146 kB URL HTTP/1.1 pics.dmm.com/digital/video/5330imbd00022/5330imbd00022pl.jpg
IP 103.254.145.148:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x437, components 3\012- data
Size 146 kB (146533 bytes)
Hash 8e2e1926fe8d7f2f0c3921f92c60bb22
16bf8b8b23cb16c3526318e90086c813f82bd852
8e44a3436b2d4b21e440b292aa3920dc0e9e264f7a7229f6872d86fdc142e695
GET /digital/video/5330imbd00022/5330imbd00022pl.jpg HTTP/1.1
Host: pics.dmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: image/jpeg
Content-Length: 146533
Connection: keep-alive
Last-Modified: Mon, 23 Mar 2015 02:19:22 GMT
ETag: "550f782a-23c65"
X-Pics-Origin: digital-master
X-Cache-Status: HIT
Set-Cookie: app_uid=Z/6RlGPGkdIsDF4cRDnsAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.com; path=/
Accept-Ranges: bytes
ruporno365.cc/video/foto/mini/305_2.png
172.67.198.46200 OK 18 kB URL HTTP/2 ruporno365.cc/video/foto/mini/305_2.png
IP 172.67.198.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 450x310, components 3\012- data
Hash c5c1df575f623670577c8e962754cfa0
f2de32adba7620d5702b45b3f439b67791a1a9cb
8e75981000039b36c1bc8dcfdbeeac4a9ebc11fcdbee369fead4204b62bb4344
GET /video/foto/mini/305_2.png HTTP/1.1
Host: ruporno365.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/png
content-length: 17939
last-modified: Fri, 29 Jan 2021 18:07:34 GMT
etag: "60144ee6-4613"
expires: Tue, 17 Jan 2023 12:17:52 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49mDj5KuNAwJsnef87x3HvUISwoemsAd1ioVSKhb0E%2BVkHsh1s7bhOR0XzNiaHyd4w6IjRDTQq12BgTADPz%2FSU60OpV35QOYwf%2FTQyn2UgHmlWA19uixpXiQqbtbWPpk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0704f95fb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xiusebf6.com/20221210/vo3WzV0F/1.jpg
23.224.225.66429 Too Many Requests 589 B URL HTTP/1.1 xiusebf6.com/20221210/vo3WzV0F/1.jpg
IP 23.224.225.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c6bce144d1d9a0dcc88e7d06b647214f
ef591df5cf1b8ae731d40c18ee03728d2161bfcf
33007b596189f396819e405ff32edae56430a98816213f4c6cf4161089c186e3
GET /20221210/vo3WzV0F/1.jpg HTTP/1.1
Host: xiusebf6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 589
Connection: keep-alive
ocsps.ssl.com/
34.237.184.165200 OK 1.8 kB IP 34.237.184.165:0
Hash 6d2208df4106fc2808106b9bc16ad6da
50d51a85691dc9f06d637b27b66ce71efccd9a3d
99e1c7b07bfd1290d0daa59d56704a33e37fdf9dcbf73e4230116b592011b17d
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:17:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Mon, 23 Jan 2023 20:56:53 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "50d51a85691dc9f06d637b27b66ce71efccd9a3d"
Last-Modified: Mon, 16 Jan 2023 20:56:54 GMT
X-Proxy-Cache: HIT
img.russkie.tv/ruxp/img/3/3668.jpg
188.114.96.1200 OK 16 kB URL HTTP/2 img.russkie.tv/ruxp/img/3/3668.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x224, components 3\012- data
Hash 824b4ec29c40cdbb7bded2c4ffb752a6
254a78575a174bf55fe162d640d0c5f6e1af414c
b1d0151d8f59ce64c289dc44ac8c806feee212845bce1d6949d4bbea542b6a1f
GET /ruxp/img/3/3668.jpg HTTP/1.1
Host: img.russkie.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 16546
last-modified: Wed, 23 Dec 2020 01:05:44 GMT
etag: "5fe297e8-40a2"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 38
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAhQ88964uhAAkv8lHiwaP4gsoJNwN8Dr5l8XpgOlI67Jz0QUZdzYobfSXmIUTi49qzt%2FOz%2FJpd9fqt0th%2FIEHWEyiVJWExHN3abP5bvS288GDsxKisxBSzZzH63opSjPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af07073e28b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.heavy-r.com/scr/ea/c7/ff/eac7ff302da9e08_4.jpg
37.48.81.1200 OK 4.4 kB URL HTTP/1.1 static.heavy-r.com/scr/ea/c7/ff/eac7ff302da9e08_4.jpg
IP 37.48.81.1:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 160x120, components 3\012- data
Hash 1d7cac59d49f6d5c2f4fc3c2085b396c
7641e59496a336d432b4659cebd6dfc8f1cd3332
581ed3a4ea1ce531b5698f9189fbb712ba192bee781610016bd677f3bed5ebda
GET /scr/ea/c7/ff/eac7ff302da9e08_4.jpg HTTP/1.1
Host: static.heavy-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Expires: Wed, 17 Jan 2024 12:17:23 GMT
Cache-Control: max-age=31536000
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "2914090144"
Last-Modified: Wed, 31 Oct 2012 17:01:54 GMT
Content-Length: 4446
Date: Tue, 17 Jan 2023 12:17:23 GMT
Server: lighttpd/1.4.28
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b25b30c1ea4cf5e5fe7b5b69daf94665
3dd2fc8fa56ef357b0dbd6d397d06a32f13403fe
56ead42c3386b95539e4326e2dbb2f8373558e5a70f656c7429c31d8145a6d90
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "56EAD42C3386B95539E4326E2DBB2F8373558E5A70F656C7429C31D8145A6D90"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3942
Expires: Tue, 17 Jan 2023 13:23:05 GMT
Date: Tue, 17 Jan 2023 12:17:23 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9893379e14b4b7b064b93853c3aee897
6c00f381f285ac42f4b068388d9aad2301f182b5
7aef71c10932155557b46178e201b0760854ce65c371851086f6c6eed5c898a5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 14:44:43 GMT
Expires: Sat, 21 Jan 2023 14:44:42 GMT
Etag: "6c00f381f285ac42f4b068388d9aad2301f182b5"
Cache-Control: max-age=353838,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78af07061f0a0b3d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6ad47778e3c5a51c85bd2bf6d7f471c8
2486a54359b02cf11774b2cdea3050bd18144339
515ee341f208acf1246444a0525711113b7943714d9a73d47f4fe77126aab9eb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 02:30:26 GMT
Expires: Tue, 24 Jan 2023 02:30:25 GMT
Etag: "2486a54359b02cf11774b2cdea3050bd18144339"
Cache-Control: max-age=568981,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78af07061daafab8-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9893379e14b4b7b064b93853c3aee897
6c00f381f285ac42f4b068388d9aad2301f182b5
7aef71c10932155557b46178e201b0760854ce65c371851086f6c6eed5c898a5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 14:44:43 GMT
Expires: Sat, 21 Jan 2023 14:44:42 GMT
Etag: "6c00f381f285ac42f4b068388d9aad2301f182b5"
Cache-Control: max-age=353838,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78af07061dadfab8-OSL
sycdn.pic-726-baidu.com/upload/vod/20201019-1/59cecf37fb53ee1be4a9c6d8c2c2e68d.jpg
104.22.29.157200 OK 67 kB URL HTTP/2 sycdn.pic-726-baidu.com/upload/vod/20201019-1/59cecf37fb53ee1be4a9c6d8c2c2e68d.jpg
IP 104.22.29.157:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aa4ebcbb09e8e7aca26958bd23c5cfc3
5a880611c85007161f5ce84991e5fb2cf6fe6140
30880e67729fd790d7e30b9260548118342ddce397ecce3c5ab135a61017ed6c
GET /upload/vod/20201019-1/59cecf37fb53ee1be4a9c6d8c2c2e68d.jpg HTTP/1.1
Host: sycdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/webp
content-length: 66714
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=83458
content-disposition: inline; filename="59cecf37fb53ee1be4a9c6d8c2c2e68d.webp"
etag: "5f8ca6ef-14602"
expires: Sat, 11 Feb 2023 17:23:40 GMT
last-modified: Sun, 18 Oct 2020 20:34:55 GMT
strict-transport-security: max-age=31536000
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 413623
accept-ranges: bytes
server: cloudflare
cf-ray: 78af07077830b4ff-OSL
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/amateur/ankk015/ankk015jp.jpg
103.254.145.160200 OK 34 kB URL HTTP/2 pics.dmm.co.jp/digital/amateur/ankk015/ankk015jp.jpg
IP 103.254.145.160:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash 7ccc7e748d883135e37e6765c0c4cd1f
4eb0cbe4d4630e0fc125327222eb422c66535b04
1f036b90676e0e39d052e646ea78dd21b9915add309d2a4d91e96575d3a3c589
GET /digital/amateur/ankk015/ankk015jp.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 34453
last-modified: Fri, 09 Sep 2022 08:13:54 GMT
etag: "631af5c2-8695"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoGPGkdJxvwaN0zimAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
248avporn.com/wp-content/uploads/2020/07/9.jpg
188.114.97.1200 OK 7.3 kB URL HTTP/2 248avporn.com/wp-content/uploads/2020/07/9.jpg
IP 188.114.97.1:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x240, components 3\012- data
Hash 460ee864548e82712f09eb7a03ff8943
51b565718b53cea2f30665fb1eaead72cb89dc36
b23157cb2eb333ee1984bcddb06744ffdfea4644ffec9cd57d355031e1034679
GET /wp-content/uploads/2020/07/9.jpg HTTP/1.1
Host: 248avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 7268
last-modified: Tue, 07 Jul 2020 11:41:28 GMT
etag: "5f045f68-1c64"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000
access-control-allow-origin: *
test: /wp-content/uploads/2020/07/9.jpg
x-fc-nginx-serving-static: Yes
x-fc-nginx-reason: /wp-content/uploads/2020/07/9.jpg
x-fc-nginx-file: /var/www/248avporn.com/htdocs/wp-content/cache/all//wp-content/uploads/2020/07/9.jpg/index.html
cf-cache-status: HIT
age: 3752113
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fm6tVZh6NkuY6TuIioQLzVvfSXp0ttGoIz1RHTKq23eQ%2F5iTyBu1vMPWMJcUFcq%2BqxYQXFOZOQMyy8kYQV97CUN%2BFXK8RtNodJcalZkbusTSlev%2FCPxp1dPxZgFgORQ3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af070799fcb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cda005cfe3f94a73cf3fa985fc62ec1e
77ef009d6baf9388208f1c37f9c6718838388968
92556d9169d9df0f6348a54898aab2a83023203f7f6be001402ca3b6c1606400
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92556D9169D9DF0F6348A54898AAB2A83023203F7F6BE001402CA3B6C1606400"
Last-Modified: Sun, 15 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9514
Expires: Tue, 17 Jan 2023 14:55:57 GMT
Date: Tue, 17 Jan 2023 12:17:23 GMT
Connection: keep-alive
hentaiprn.b-cdn.net/wp-content/uploads/2020/11/Hajimete-no-Orusuban-Episode-1.jpg
194.242.11.186200 OK 50 kB URL HTTP/2 hentaiprn.b-cdn.net/wp-content/uploads/2020/11/Hajimete-no-Orusuban-Episode-1.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 745x419, components 3\012- data
Hash e2e53cb5187fc4c5fc5c003e746bce21
9e41d1afec2ef9deba4b448cd940b344fdd56b12
1ff77bfce3e37057790a00c5045a2f4e2fdbbf4f627e89837caa768256199a19
GET /wp-content/uploads/2020/11/Hajimete-no-Orusuban-Episode-1.jpg HTTP/1.1
Host: hentaiprn.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 50000
server: BunnyCDN-NO1-830
cdn-pullzone: 961623
cdn-uid: e010e020-dd00-441b-8c13-e1874b59f38e
cdn-requestcountrycode: NO
alt-svc: h3=":443", h3-29=":443"
cache-control: max-age=31536000
etag: "60533e5b-c350"
last-modified: Thu, 18 Mar 2021 11:49:47 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW8X%2FfUCYG91X5OuAh6hRtQry5MB3LcEaOCyRyBH21pT29E%2FEszKwZOVdohbwaN9DhmnEwdpfp8T01sEkxRV1z%2BnKfEXFIJEheVrg2iHwdiCGXENgsQNz1lkAZI4MaD4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 78a23d30ee9e0afe-OSL
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/15/2023 23:02:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 104fc3dc3722d5a79258d4ad54730f82
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9893379e14b4b7b064b93853c3aee897
6c00f381f285ac42f4b068388d9aad2301f182b5
7aef71c10932155557b46178e201b0760854ce65c371851086f6c6eed5c898a5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 14:44:43 GMT
Expires: Sat, 21 Jan 2023 14:44:42 GMT
Etag: "6c00f381f285ac42f4b068388d9aad2301f182b5"
Cache-Control: max-age=353838,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78af070658c1fabc-OSL
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ab53b4b5765dde3967c5dcc2ce4ff278
8b68f0faa49644994806389a44e468aea39371a7
63f8a19ccc568c44f80949706eed78ea7d162d6a5b102d0826b9e10bdc0a65fd
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 09:21:07 GMT
Expires: Mon, 23 Jan 2023 09:21:06 GMT
Etag: "8b68f0faa49644994806389a44e468aea39371a7"
Cache-Control: max-age=601390,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1638
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af0707b889b4fd-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d0f8115d660928f569f8b14f2c93e62
0b2ca060f41b74ca6c4766939274c8953834bfe8
0a4fbcdebb65e7eda2fc970665bf0f523314967e85fb18443f6d17b638dfcad5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A4FBCDEBB65E7EDA2FC970665BF0F523314967E85FB18443F6D17B638DFCAD5"
Last-Modified: Tue, 17 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6779
Expires: Tue, 17 Jan 2023 14:10:22 GMT
Date: Tue, 17 Jan 2023 12:17:23 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
151.101.194.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.194.133:0
Hash 39b8d3e0e57b319a6f9fd87f1db67c9e
0f1afa51b7f4b16bf452c1e9601c7458eeb02c40
58e85c44c9a54c5ba52c40be01dff585882191709d23e27a10da04564dfd7395
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 21 Jan 2023 11:16:40 GMT
ETag: "0f1afa51b7f4b16bf452c1e9601c7458eeb02c40"
Last-Modified: Tue, 17 Jan 2023 11:16:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 12:17:23 GMT
Age: 40
X-Served-By: cache-qpg1268-QPG, cache-bma1677-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
X-Timer: S1673957843.177980,VS0,VE1
xnxx.com.se/thumbs/183135.jpg
188.114.96.1200 OK 9.0 kB URL HTTP/2 xnxx.com.se/thumbs/183135.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 8949f141cea020e8ab5733fd2a8c7f9c
57563d11b2bb95c348efe7ec8ef8d86f1e055113
796ca0112946f5e8bbd2fd8cc34df68d5b218f478af35d50aaa0fb67a3333544
GET /thumbs/183135.jpg HTTP/1.1
Host: xnxx.com.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 8968
cache-control: max-age=31536000, immutable
cf-cache-status: HIT
age: 743546
last-modified: Sun, 08 Jan 2023 21:44:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwuWXDMkt938VRW1JGbL0er3Q8zaPT4KPMVWH%2B%2FCpsUHCDRt0QtI3hFG4CbLesh4G%2B3R2WVOm3jh717V%2F5YKxvPSSW2v74JcGzaGFRWGMEeFmAYaaFfTMV9zQi0n8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0708097b1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ab53b4b5765dde3967c5dcc2ce4ff278
8b68f0faa49644994806389a44e468aea39371a7
63f8a19ccc568c44f80949706eed78ea7d162d6a5b102d0826b9e10bdc0a65fd
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 09:21:07 GMT
Expires: Mon, 23 Jan 2023 09:21:06 GMT
Etag: "8b68f0faa49644994806389a44e468aea39371a7"
Cache-Control: max-age=601390,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1638
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af0707f908b4fd-OSL
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ceec0a0ed873dbd172d79278f1e3147
296f6b54df31be90e91571e308f7b31737e289d4
60b5d3133501397c7377d307b4118ea81c36a77c8c6334bf7f597d7f72a14598
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "60B5D3133501397C7377D307B4118EA81C36A77C8C6334BF7F597D7F72A14598"
Last-Modified: Tue, 17 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8989
Expires: Tue, 17 Jan 2023 14:47:12 GMT
Date: Tue, 17 Jan 2023 12:17:23 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/10/rop1syn5zpl.jpg
45.89.209.74200 OK 13 kB URL HTTP/1.1 fmtu.netfhtu.com/upload/vod/2022/10/rop1syn5zpl.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash bd1934626b1e75409b0d8e3b1fc7e89a
e8a4214456ffa07acbcbc19018b1117dee08d152
eec49b4245859db2b70eba890eb95d08893dd9ab6cc049c3495cb56a9f1b5add
GET /upload/vod/2022/10/rop1syn5zpl.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 20:15:57 GMT
Content-Type: image/jpeg
Content-Length: 13432
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 10:02:18 GMT
ETag: "634690aa-3478"
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 8ae89472ccf61aecec8413b68e28955b
98ca05eb309dc61a5ee3571e0e08213c3e8ecbf7
e48fbf26138a81b04403ca7dee0f1bd5249de9d9d20779d6bd0f8ecafdcafefa
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=229
Date: Tue, 17 Jan 2023 12:17:23 GMT
Connection: keep-alive
X-N: S
icdn05.4kpornvideos.tv/36757/1837828_1.jpg
45.133.44.2200 OK 11 kB URL HTTP/2 icdn05.4kpornvideos.tv/36757/1837828_1.jpg
IP 45.133.44.2:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash 3cb25bda35da60123be1aec0dc292ed3
55f4a97abebc1ab39e16186ce4c4c17300ff93db
95f3b0486da8496c3570a9279e5f881bad2f2af4a4297c0d0ae3fcba3a734c45
GET /36757/1837828_1.jpg HTTP/1.1
Host: icdn05.4kpornvideos.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 11019
server: nginx/1.22.0
x-object-meta-mtime: 1598706674
etag: 3cb25bda35da60123be1aec0dc292ed3
last-modified: Sun, 06 Nov 2022 12:22:33 GMT
x-timestamp: 1667737352.00229
x-trans-id: tx05e821fed2c94f6dad276-00637741fe
x-openstack-request-id: tx05e821fed2c94f6dad276-00637741fe
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=2592000
expires: Thu, 16 Feb 2023 12:17:23 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
media.crazyshit.com/content/2019/01/6c8b0184.jpg
45.133.44.3200 OK 321 kB URL HTTP/2 media.crazyshit.com/content/2019/01/6c8b0184.jpg
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 720x540, components 3\012- data
Size 321 kB (320942 bytes)
Hash 9f842d934b9bca7af2b3374999124fd8
e2c78dc536715b9823c71b95a759d42ab1506f1e
047350947c2558a3638a2424e42f46cb0716f5c306d7e86495a3a2de8c914d4d
GET /content/2019/01/6c8b0184.jpg HTTP/1.1
Host: media.crazyshit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:22 GMT
content-type: image/jpeg
content-length: 320942
server: nginx/1.16.1
last-modified: Mon, 05 Apr 2021 10:31:03 GMT
etag: 9f842d934b9bca7af2b3374999124fd8
x-timestamp: 1617618662.26619
x-object-meta-mtime: 1548833459.353372773
x-trans-id: txa34eb9c03cb74953a925c-00629ca10e
x-openstack-request-id: txa34eb9c03cb74953a925c-00629ca10e
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Thu, 19 Jan 2023 12:17:22 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.ukuapi.com/upload/vod/20220711-1/4399356ace93e347e91e14522112c11d.jpg
188.114.96.1200 OK 22 kB URL HTTP/2 img.ukuapi.com/upload/vod/20220711-1/4399356ace93e347e91e14522112c11d.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 200x300, components 3\012- data
Hash 126bc6e793ede62d6c84b763a826808c
dc169345bd5580ae8bba8cf0f9d7292b5ab539fd
3036d39e17c7deadd15136fdd00b69c86a42e81816266b7aaf2cd2da4b1482e5
GET /upload/vod/20220711-1/4399356ace93e347e91e14522112c11d.jpg HTTP/1.1
Host: img.ukuapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 21949
cache-control: max-age=31536000
cf-bgj: h2pri
etag: "62cbe707-55bd"
expires: Fri, 27 Jan 2023 05:11:49 GMT
last-modified: Mon, 11 Jul 2022 09:01:59 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1753534
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lGNcTYZC4uFXAnY%2B4lyUXlygAEXjQGhZmT6Hhmxg22Q4FcLYigl7t%2BCYkZkBhKmjSeg2ynH3JQXPRMsA3204Mb%2FiDMUjZDelm9RacEmck8XU5cXH6QdIEVn7CqnVo%2BHzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af070878eb1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.effedupmovies.com/wp-content/uploads/2022/09/princess2014.jpg
188.114.96.1403 Forbidden 36 kB URL HTTP/2 www.effedupmovies.com/wp-content/uploads/2022/09/princess2014.jpg
IP 188.114.96.1:0
Hash c0831ecf57d861e16c0e001859e26549
b74a5e09a0f3a6e0781165ea3cb2baafe8ab42ea
bb0963cdab74c2066a6a2f1415eb0f7d6db94f67e5169fbf71e00d106a3cf6d0
GET /wp-content/uploads/2022/09/princess2014.jpg HTTP/1.1
Host: www.effedupmovies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:17:21 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8T84DMa2ZvnRaxFpfcb0o%2Bw%2FBG9fUf6EJCOEHAQlRn3sopIAUEM6IOWtJ788VZPu6PoVCbpJ%2BDuCUQZGP1RyalQjbX029dWsnc84eHsnz8VgLn32dyPbm1fcbJnJfmLvp425LHwpqJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af06fcfe110b41-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
248avporn.com/wp-content/uploads/2019/03/6.jpg
188.114.97.1200 OK 13 kB URL HTTP/2 248avporn.com/wp-content/uploads/2019/03/6.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 7143bdfc9f6a0f56efd192be1e17b5fc
5f59f1333bf494eda0626acdccc7f4a613c8cc18
30010cffb81f2b9879464056f59c747747f9e2dafa750972ad5151606b2f5c98
GET /wp-content/uploads/2019/03/6.jpg HTTP/1.1
Host: 248avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 12585
last-modified: Sun, 17 Mar 2019 09:27:29 GMT
etag: "5c8e1301-3129"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000
access-control-allow-origin: *
test: /wp-content/uploads/2019/03/6.jpg
x-fc-nginx-serving-static: Yes
x-fc-nginx-reason: /wp-content/uploads/2019/03/6.jpg
x-fc-nginx-file: /var/www/248avporn.com/htdocs/wp-content/cache/all//wp-content/uploads/2019/03/6.jpg/index.html
cf-cache-status: HIT
age: 2950237
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=se8hjuzO6OVN6L3QsKUb6DLq7r8d4kyUBMzhJ5a6Ijx3ZdDqSK%2FIDSMti4gV4EkUtl2pnzBcd3QZK5qlpvD0kjtloOGHl8ch%2FpujBMrk9NVohFdmGwo%2BrsXG8N8myo3q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af07087b47b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.mycdn.me/videoPreview?id=778934094579&type=38&idx=13&tkn=C8pVGB42jLc6qASqTPdl4kvEcCE&fn=external_8
217.20.155.57200 OK 16 kB URL HTTP/2 i.mycdn.me/videoPreview?id=778934094579&type=38&idx=13&tkn=C8pVGB42jLc6qASqTPdl4kvEcCE&fn=external_8
IP 217.20.155.57:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 720x405, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 15400d27ee2497f99b90df0006c832b3
1a8d29abf493b83c95b0ab0f056ee67a69aebb38
dd27d02d1b09921484e3afe960034640abef6495d4badf6069bb0ed75f119a63
GET /videoPreview?id=778934094579&type=38&idx=13&tkn=C8pVGB42jLc6qASqTPdl4kvEcCE&fn=external_8 HTTP/1.1
Host: i.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/webp
content-length: 16054
accept-ranges: bytes
last-modified: Fri, 18 Nov 2022 12:17:23 GMT
expires: Sat, 14 Oct 2023 12:17:23 GMT
cache-control: private, max-age=100000000
etag: "686897696a7c876b7e"
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ec82dce5eb2047951e179698a64d55e7
455372337c9c016fef9ab734feccd58b839c2809
822bebf97490cddc2085621d62bd36d2c541a34d3cd2a3cd7d985ece93b595c5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1601
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:23 GMT
Etag: "63c5e284-117"
Last-Modified: Tue, 17 Jan 2023 11:50:42 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71231fb141b2ceded00f1a6761ab8c68
98b4a547058fdaf3db22366c3aac62bbc55d07c4
fa2c640c32e68f7202da05d1c82c58af1bd5f8b3685946a1ef96e65e8861ecf4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FA2C640C32E68F7202DA05D1C82C58AF1BD5F8B3685946A1EF96E65E8861ECF4"
Last-Modified: Mon, 16 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6495
Expires: Tue, 17 Jan 2023 14:05:38 GMT
Date: Tue, 17 Jan 2023 12:17:23 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 9b13dbbbb85a5a764dacbada3bebe1f3
54e34cf69141ee36bb565f12c5b9f68ceec730d9
7ae93318f1d6cc2a9c8ee97bf765d72f4470b3e23f76f808ee21b6947cb74691
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=668
Date: Tue, 17 Jan 2023 12:17:23 GMT
Connection: keep-alive
X-N: S
cdn5-thumbs.motherlessmedia.com/thumbs/A9DD3CF.jpg
185.107.92.224200 OK 33 kB URL HTTP/1.1 cdn5-thumbs.motherlessmedia.com/thumbs/A9DD3CF.jpg
IP 185.107.92.224:0
ASN #43350 NForce Entertainment B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 2000x2001, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash cc6e02a2f4de9d369065893ff3f16eef
f5d5dc678aa4622fc9c9542026a2a98e7da05b71
6c70616a6ac3218a7a16dcf08569fdd247a3c62cf813f5029c89af785bb7cddf
GET /thumbs/A9DD3CF.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 33206
last-modified: Fri, 05 Oct 2018 18:31:41 GMT
etag: "1c91da463-81b6-5777f7b97e23c"
expires: Wed, 17 May 2023 05:44:57 GMT
cache-control: max-age=10504937
x-cache: HIT
x-whom: srv6066
accept-ranges: bytes
www.w3schools.com/w3css/4/w3.css
192.229.133.221200 OK 5.3 kB URL HTTP/2 www.w3schools.com/w3css/4/w3.css
IP 192.229.133.221:0
File type Unicode text, UTF-8 (with BOM) text
Hash 6d0a451eb63184900df530b0cbd529fc
0cca25c0b9df83b80568cabb62ac9bc3015ca245
6ebb884282b536e5b69a644d96632d8978fa506e4be054fbaea1f180cd3eedd9
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 14377
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Tue, 17 Jan 2023 12:17:23 GMT
etag: "089db8db329d91:0+gzip"
last-modified: Mon, 16 Jan 2023 14:05:14 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2
broimg.net/images/2234/92/992/_61a0fc0cef535.jpeg
172.67.192.192200 OK 44 kB URL HTTP/2 broimg.net/images/2234/92/992/_61a0fc0cef535.jpeg
IP 172.67.192.192:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 500x376, components 3\012- data
Hash 38fee649cc3fc63c0236c1e09a9b47ee
ca5f589774dc25f4a803d448a2d82510ea57f220
dd92c65f346702559840ef6fa2e8fbee2aafe81fb5895696a9e009e04cc122bc
GET /images/2234/92/992/_61a0fc0cef535.jpeg HTTP/1.1
Host: broimg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 44154
last-modified: Fri, 26 Nov 2021 15:23:56 GMT
etag: "61a0fc0c-ac7a"
expires: Sat, 21 Jan 2023 14:52:38 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2237085
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2F42jPf27zc%2Bt5FZucxP8aBEPFP7BOVC56CIuNRKZc3Bt%2Bsz7nZoTS0Ewmkf%2FzWllCOEkh4UcrHT%2FquqapTlcQTdtCve2XhdygJYf0EmiJ6shmo7AOV%2BjzqJDj5m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0708dae6b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.manyse.com/img/SSIS-539.jpg
94.130.33.133200 OK 136 kB URL HTTP/2 img.manyse.com/img/SSIS-539.jpg
IP 94.130.33.133:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 136 kB (135635 bytes)
Hash cf50795769987679a3ca8da61b8839c2
c3f8ab1e20d8b46c15bf7910f09ec531cfe6ba5d
02924c7d98b1b288a89060157e8c75d3ae92ced28565652dd1bb3134fece7891
GET /img/SSIS-539.jpg HTTP/1.1
Host: img.manyse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 135635
last-modified: Sat, 14 Jan 2023 20:35:20 GMT
etag: "63c31208-211d3"
expires: Thu, 16 Feb 2023 12:17:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
subo228.com/20221217/XJMwB3ox/1.jpg
107.167.21.106200 OK 20 kB URL HTTP/1.1 subo228.com/20221217/XJMwB3ox/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x239, components 3\012- data
Hash 648264142f9430e16a764a1e077fcb4a
73446d724257bb8dc4f812e1388b24902253d3ff
336c95ca8d5606fa5eb82fac211eed7ee17c8712e724c604654f82cee6753dd6
GET /20221217/XJMwB3ox/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:23 GMT
Content-Type: image/jpeg
Content-Length: 19878
Last-Modified: Thu, 12 Jan 2023 14:28:00 GMT
Connection: keep-alive
ETag: "63c018f0-4da6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
cdn5-thumbs.motherlessmedia.com/thumbs/0B8FA1D.jpg
185.107.92.224200 OK 36 kB URL HTTP/1.1 cdn5-thumbs.motherlessmedia.com/thumbs/0B8FA1D.jpg
IP 185.107.92.224:0
ASN #43350 NForce Entertainment B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x480, components 3\012- data
Hash 57b3f1561baedc2962f1421edf352b16
dd4ff1098ca5b5bea0d495dec9b71966fcc14894
75fcf77612c30e4f4b1800ad632bee60dae0277fc3ef54295c1a2989d892c3fa
GET /thumbs/0B8FA1D.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 35819
last-modified: Thu, 28 Jan 2021 02:46:28 GMT
etag: "1c95f85e2-8beb-5b9ece4ff8a30"
expires: Sat, 20 May 2023 22:39:03 GMT
cache-control: max-age=10751455
x-cache: HIT
x-whom: srv6142
accept-ranges: bytes
pornolomka2.com/uploads/posts/2022-08/medium/1660147587_00-09-05.jpg
91.194.110.16200 OK 86 kB URL HTTP/2 pornolomka2.com/uploads/posts/2022-08/medium/1660147587_00-09-05.jpg
IP 91.194.110.16:0
ASN #213166 UA-Hosting SIA
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 450x253, components 3\012- data
Hash 8a53c9adaf7cf44c56a4e3947457213c
c4ac39f341d2320c72f43a8e500c48c838d4cfad
be9cc783d34e3332e75e033a9a2fca04af81e30665db82f8d5ce28a6e9b0fbb9
GET /uploads/posts/2022-08/medium/1660147587_00-09-05.jpg HTTP/1.1
Host: pornolomka2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.10.3
date: Tue, 17 Jan 2023 12:16:15 GMT
content-type: image/jpeg
content-length: 85892
last-modified: Wed, 10 Aug 2022 16:04:59 GMT
etag: "62f3d72b-14f84"
expires: Tue, 24 Jan 2023 12:16:15 GMT
cache-control: max-age=604800
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn5-thumbs.motherlessmedia.com/thumbs/1E148B2.jpg
185.107.92.224200 OK 19 kB URL HTTP/1.1 cdn5-thumbs.motherlessmedia.com/thumbs/1E148B2.jpg
IP 185.107.92.224:0
ASN #43350 NForce Entertainment B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 2000x2001, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 092d780e7221fb98e620daadba77d37c
df937c06f0a95a3fec7741a4e65a00c01f39a7e1
1e0e77ac076dfe3305ec1b7e9407ce6ffef8d00de33564cc097dbae9f4de76bc
GET /thumbs/1E148B2.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 18882
last-modified: Tue, 02 Oct 2018 15:27:44 GMT
etag: "1c5a81d1f-49c2-577409038461e"
expires: Tue, 16 May 2023 03:56:33 GMT
cache-control: max-age=10415784
x-cache: HIT
x-whom: srv6087
accept-ranges: bytes
lbfm.lbpictupian.com/upload/vod/2022/08-01/12/u2ytg1mmms41240u2ytg1mmms40111881.jpg
172.67.28.138200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/08-01/12/u2ytg1mmms41240u2ytg1mmms40111881.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 08e8c1aaaaed65ab5e8f05518c0014b3
51dc4a481152cdfb0d508b3176cf8747bc922091
49d0bc70f49fe8b29ecbb1af8f36954442c287d2ce35cfb8ecfcb7ff95950edf
GET /upload/vod/2022/08-01/12/u2ytg1mmms41240u2ytg1mmms40111881.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/webp
content-length: 7182
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8577
content-disposition: inline; filename="u2ytg1mmms41240u2ytg1mmms40111881.webp"
etag: "62e75921-2181"
last-modified: Mon, 01 Aug 2022 04:40:01 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1886
accept-ranges: bytes
server: cloudflare
cf-ray: 78af0709682db523-OSL
X-Firefox-Spdy: h2
18av.moe/wp-content/uploads/2022/12/3.jpg
104.21.235.154200 OK 18 kB URL HTTP/2 18av.moe/wp-content/uploads/2022/12/3.jpg
IP 104.21.235.154:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.18.100", baseline, precision 8, 960x540, components 3\012- data
Hash 7b98acffd00c870d689018d146bbbe17
6b21f8db43dc954deaaebd9dca96b0209ff45dd3
6913388be311ee5cc277336b2986b680a1101cd587ca438d6d246f830a09f8ff
GET /wp-content/uploads/2022/12/3.jpg HTTP/1.1
Host: 18av.moe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 18046
cf-ray: 78af07097b898889-LHR
accept-ranges: bytes
age: 2138
cache-control: public, max-age=14400
last-modified: Tue, 06 Dec 2022 07:21:49 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZ5x09D9xq2ECfvxaomudVKS3gnpqV0AiZvXTZJi1mLiHI%2FU7LHHzcdXz1D9L69opx02GgNnzu7tTUxGj8XSD5DAJOGYrNCIXosGs8TluYjZAbKCDCXUf6MF0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
subo228.com/20221128/5vfnCItQ/1.jpg
107.167.21.106200 OK 39 kB URL HTTP/1.1 subo228.com/20221128/5vfnCItQ/1.jpg
IP 107.167.21.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 426x239, components 3\012- data
Hash e42c140ec960c57071c00af06bbd4648
446c17b1187848ae995dbb4b82c58342cc5abe7a
42ed0c2dd5b74276783c824605494e144252e2a70a0fe61f1e23d6674f36fc9d
GET /20221128/5vfnCItQ/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:23 GMT
Content-Type: image/jpeg
Content-Length: 39421
Last-Modified: Thu, 12 Jan 2023 14:27:59 GMT
Connection: keep-alive
ETag: "63c018ef-99fd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ceec0a0ed873dbd172d79278f1e3147
296f6b54df31be90e91571e308f7b31737e289d4
60b5d3133501397c7377d307b4118ea81c36a77c8c6334bf7f597d7f72a14598
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "60B5D3133501397C7377D307B4118EA81C36A77C8C6334BF7F597D7F72A14598"
Last-Modified: Tue, 17 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8989
Expires: Tue, 17 Jan 2023 14:47:12 GMT
Date: Tue, 17 Jan 2023 12:17:23 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 53cc572d8471bece5f7aac979326aced
0560c0c0478c1260c45695a9b6282dfa101b8bdd
3e672aacc197748cb99ccca475086a77b88f2584a4f3376d3062839fc8b5d231
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E672AACC197748CB99CCCA475086A77B88F2584A4F3376D3062839FC8B5D231"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4666
Expires: Tue, 17 Jan 2023 13:35:09 GMT
Date: Tue, 17 Jan 2023 12:17:23 GMT
Connection: keep-alive
ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
172.247.77.90200 OK 8.3 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1398ecfa82fd9e61cf23d5b188ddf6f9
cea6edcf5e5afd770231e955cbec58cb9962e5ba
1c5f11dc1c7aba7008a1896d807bb27b2ef6995e825772ac6472a970d219bb03
GET /upload/vod/2019-11-15/157377151010.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:18:32 GMT
Content-Type: image/jpeg
Content-Length: 8279
Last-Modified: Wed, 16 Nov 2022 05:01:28 GMT
Connection: keep-alive
ETag: "63746ea8-2057"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.66se15.com/favicon.ico
104.21.88.19200 OK 1.7 kB URL HTTP/2 www.66se15.com/favicon.ico
IP 104.21.88.19:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 5407aa9e372be0ec9b52b9b1b0f9292b
ef88adc4ba210c9d33ea68b65755029f512afa4f
a305bafe5c00973c6089010c7e884a4cb1c358109f6764fee7d54209c5034a62
GET /favicon.ico HTTP/1.1
Host: www.66se15.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/x-icon
last-modified: Wed, 08 Sep 2021 04:24:56 GMT
etag: W/"61383b18-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vArZB%2BsXCLbCDOutUEcQfEnfg16g0QmlV%2BwqcrMCzd0X71oVPKlwzXzNn73xRobJwVcrV%2BO7v20wMf65pnjDlstsbgIZZTGBjebpM1uROPaMV6YtfVDzgqcfKfcIRYtQrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0709ed7cb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn6.pornking.fun/picture/original/nUE0pUZ6Yl9cLl1_qP1foF5-nTAxov5wo_0iLF9MnxS5GacIAH5KFGIMZyHmGacWAR1HDKuBER1-GyEwrR56Dz1BETf0G0qMY3ZbqmbmZwNfnQbkBQNcYTcjMJpiZQRkYmDjZv8_ZQViZGV-ZUt3ZwNhZGNhnaOaXFfbXSOipz5YnJ5aYzM1ovysZGV-ZUt3ZwNgZGNhnaOa/(PornKing.fun)_tiny-teen-asian-fully-fucked-by-japan.jpg
104.167.223.228200 OK 11 kB URL HTTP/2 cdn6.pornking.fun/picture/original/nUE0pUZ6Yl9cLl1_qP1foF5-nTAxov5wo_0iLF9MnxS5GacIAH5KFGIMZyHmGacWAR1HDKuBER1-GyEwrR56Dz1BETf0G0qMY3ZbqmbmZwNfnQbkBQNcYTcjMJpiZQRkYmDjZv8_ZQViZGV-ZUt3ZwNhZGNhnaOaXFfbXSOipz5YnJ5aYzM1ovysZGV-ZUt3ZwNgZGNhnaOa/(PornKing.fun)_tiny-teen-asian-fully-fucked-by-japan.jpg
IP 104.167.223.228:0
ASN #399045 DEDIOUTLET-NETWORKS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 5241e9c568320f487d122ec0b6770d8b
50902ef0a355b0fe98ee96465a8d213fe8762c5d
042cf285b57a1d3c3ae8d5a3867b66215424d498eb01c911818f38d147a9dcf1
GET /picture/original/nUE0pUZ6Yl9cLl1_qP1foF5-nTAxov5wo_0iLF9MnxS5GacIAH5KFGIMZyHmGacWAR1HDKuBER1-GyEwrR56Dz1BETf0G0qMY3ZbqmbmZwNfnQbkBQNcYTcjMJpiZQRkYmDjZv8_ZQViZGV-ZUt3ZwNhZGNhnaOaXFfbXSOipz5YnJ5aYzM1ovysZGV-ZUt3ZwNgZGNhnaOa/(PornKing.fun)_tiny-teen-asian-fully-fucked-by-japan.jpg HTTP/1.1
Host: cdn6.pornking.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 11038
accept-ranges: bytes
last-modified: Tue, 17 Jan 2023 12:17:23 GMT
cache-control: max-age=8640000
expires: Thu, 27 Apr 2023 12:17:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ba8b8452a17c77bf4c5669aeadc4e5bc
11ab3d234767176b4218d0579c9f282ac85e568e
a86edb167c5a21403f36fcb051a4a0a64cd4cfd72a4bd42fd0e815b080652c77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4514
Cache-Control: max-age=120501
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:23 GMT
Etag: "63c5b3e6-1d7"
Expires: Wed, 18 Jan 2023 21:45:44 GMT
Last-Modified: Mon, 16 Jan 2023 20:30:30 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 471
www.qinav.com/favicon.ico
172.67.206.141404 Not Found 7.2 kB URL HTTP/2 www.qinav.com/favicon.ico
IP 172.67.206.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (326), with CRLF, LF line terminators
Hash 8ed49d07b9d64ed1b0fcd7c93d271eb5
f8b6f5f0e6453c0c0484149cb6ea34d43fdf9eb7
4e6b2bc43053284a241c42eee3ef67334d26ca0b3f440b7dd6c99c66a998aa27
GET /favicon.ico HTTP/1.1
Host: www.qinav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/5.4.16
cache-control: max-age=14400
cf-cache-status: HIT
age: 103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFYGyaJA99yC4VduDozWsVkrviJ0xck24scB5zaHwn3Hyitk0Zjo%2F9uKDhe2NnVsJ6k%2BhQBiFfnkc%2BcksIKklIp5cN4Yvc%2Bvsf3%2F9XHj1cf36kEtXoSlUC8YZVG%2BeeCq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af070a1e43b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 53cc572d8471bece5f7aac979326aced
0560c0c0478c1260c45695a9b6282dfa101b8bdd
3e672aacc197748cb99ccca475086a77b88f2584a4f3376d3062839fc8b5d231
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E672AACC197748CB99CCCA475086A77B88F2584A4F3376D3062839FC8B5D231"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4666
Expires: Tue, 17 Jan 2023 13:35:09 GMT
Date: Tue, 17 Jan 2023 12:17:23 GMT
Connection: keep-alive
douga100ka.net/sam/3928.jpg
150.95.59.29200 OK 18 kB URL HTTP/2 douga100ka.net/sam/3928.jpg
IP 150.95.59.29:0
ASN #7506 GMO Internet,Inc
File type JPEG image data, JFIF standard 1.00, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x240, components 3\012- data
Hash a1b2893721765f01d762df80ab7f95e3
e8f710264f82a1af8b5cf4fd5f8e8858bc43ecc2
a1fe564db9062f61c1978a63c6bea371c2ebd95c2a98071498ccb6e2191a9d45
GET /sam/3928.jpg HTTP/1.1
Host: douga100ka.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 24 Jan 2023 12:17:23 GMT
content-type: image/jpeg
last-modified: Thu, 25 Jul 2019 15:00:00 GMT
accept-ranges: bytes
content-length: 18135
date: Tue, 17 Jan 2023 12:17:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ak21727.com/20220126/063N1qQG/1.jpg
64.32.7.75200 OK 12 kB URL HTTP/1.1 ak21727.com/20220126/063N1qQG/1.jpg
IP 64.32.7.75:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density -2874x-2941, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x569, components 3\012- data
Hash f1c81d8070e919175e3a64b96f605ab5
72680f2831974de1ec292b4a499309da8364e2ea
3b9eb7821d5f20849b863cfebd75abdeeead7a66d0fe1a30b6546b6c38b47015
GET /20220126/063N1qQG/1.jpg HTTP/1.1
Host: ak21727.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 17 Jan 2023 12:17:23 GMT
Content-Type: application/octet-stream
Content-Length: 12278
Connection: keep-alive
Last-Modified: Thu, 24 Mar 2022 21:04:03 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "623cdcc3-2ff6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Accept-Ranges: bytes
twitter.com/favicon.ico
104.244.42.1200 OK 1.2 kB IP 104.244.42.1:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 630d203cdeba06df4c0e289c8c8094f6
eee14e8a36b0512c12ba26c0516b4553618dea36
bbce71345828a27c5572637dbe88a3dd1e065266066600c8a841985588bf2902
GET /favicon.ico HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 UTC
perf: 7626143928
server: tsa_o
set-cookie: guest_id=v1%3A167395784363472416; Max-Age=34214400; Expires=Sat, 17 Feb 2024 12:17:23 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0
content-length: 1150
x-transaction-id: 5accf05cdae78c0e
strict-transport-security: max-age=631138519
x-response-time: 102
x-connection-hash: 5cf895f953feafb53d9a5cd98a6e9994e2bab02342ae710dfce1117990adb4c5
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/mum00248/mum00248jp-3.jpg
103.254.145.160200 OK 69 kB URL HTTP/2 pics.dmm.co.jp/digital/video/mum00248/mum00248jp-3.jpg
IP 103.254.145.160:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 533x800, components 3\012- data
Hash 7fb627b4acb853f339e646f31e707ac1
6f7092dffec79ea4de0fcb54dcbe342eba0c8f19
14e872551fe837098a2adc731c2141b40c7f235d1e0ba4e53240c02c3e4005e4
GET /digital/video/mum00248/mum00248jp-3.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/jpeg
content-length: 68828
last-modified: Fri, 29 Jul 2016 06:37:36 GMT
etag: "579af9b0-10cdc"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoGPGkdNxvwaN0zlQAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
www.appav.site/favicon.ico
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 www.appav.site/favicon.ico
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.appav.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 12:17:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 17 Jan 2023 13:17:23 GMT
Location: https://www.appav.site/favicon.ico
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMlllnvAVKEtJGxY7TXMd8B0vUXUM8dAm%2F0hSihyJ%2FOG0tOcCRIhcqVzlY3M3HC083AZ4qvbYuy7M8zKBaeVkKgtG2I63crMH%2FIdUJbNRZ7yi8FlU3fwT666%2Bpoma6Gq9g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af070bbaebfac0-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 077bd2a9a6a8eb00f80f2f41e4f7436c
c41d6fff03c83a28dcf402179296767cd7f0af7a
e11c2b51288c8f34284e9482491ef25e0b6d8ed46419cc71f599ac6755a21c3f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E11C2B51288C8F34284E9482491EF25E0B6D8ED46419CC71F599AC6755A21C3F"
Last-Modified: Sun, 15 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4813
Expires: Tue, 17 Jan 2023 13:37:36 GMT
Date: Tue, 17 Jan 2023 12:17:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 420 B IP 93.184.220.29:0
Hash aca31336fce8b56845f43b407ce54229
cad0d390036720f80f37d0298f70f9185c352ff1
036a9d385effc0b99ae5e93ba827ff5533fb87492b0db24a9876317e2247f776
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1647
Cache-Control: max-age=106160
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:23 GMT
Etag: "63c58714-117"
Expires: Wed, 18 Jan 2023 17:46:43 GMT
Last-Modified: Mon, 16 Jan 2023 17:19:16 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 279
sopornmovies.com/favicon.ico
62.138.6.129404 Not Found 344 B URL HTTP/1.1 sopornmovies.com/favicon.ico
IP 62.138.6.129:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 075421d8457fb9ed46d0deab96525601
ac16a39a4097924d506a202c97a6845144f4449c
7ffb6a18a1adaf1a9f46eee0d428968ff7efd36d18fbd9c9723ff51585832991
GET /favicon.ico HTTP/1.1
Host: sopornmovies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Tue, 17 Jan 2023 12:17:23 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 344
Connection: keep-alive
okashik.atype.jp/images/112-cpsky-046/1.jpg
39.110.226.221200 OK 82 kB URL HTTP/1.1 okashik.atype.jp/images/112-cpsky-046/1.jpg
IP 39.110.226.221:0
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Hash d5c6d514ee8918d73014e83f55327250
36c754342181f2e9726959ec7f4cd5bbb19dcd6a
10902a25bdcd8facfbd7914f313c0d6bbeb737ecd2fb82456d8983808dcef01d
GET /images/112-cpsky-046/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:22 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:00:17 GMT
ETag: "ea2b56-14165-5c43a08bcfc6d"
Accept-Ranges: bytes
Content-Length: 82277
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
okashik.atype.jp/images/112-cpsky-268/1.jpg
39.110.226.221200 OK 78 kB URL HTTP/1.1 okashik.atype.jp/images/112-cpsky-268/1.jpg
IP 39.110.226.221:0
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Hash 19f7a10d28f04778fc6fcfddd1cdd466
c49aa361931a9914cff59eb8c2ac30ee19f52af9
e474d898ffa3e4f90c5a19aae8a13b47fc507e74e3c49dfcafd5efe1eaa10c57
GET /images/112-cpsky-268/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:23 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:02:14 GMT
ETag: "ec0b7c-13173-5c43a0fb541dd"
Accept-Ranges: bytes
Content-Length: 78195
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb89b31348ed46d9bc65f85a998cbcc7
c63af9230352b8a8a1b59ae3aeac67085c79c943
040c8dd80f38e343d331ce7edbd717cdbffa227e75f93e78e37da67739420258
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "040C8DD80F38E343D331CE7EDBD717CDBFFA227E75F93E78E37DA67739420258"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13352
Expires: Tue, 17 Jan 2023 15:59:56 GMT
Date: Tue, 17 Jan 2023 12:17:24 GMT
Connection: keep-alive
av.dmm.monster/favicon.ico
188.114.96.1200 OK 4.6 kB URL HTTP/2 av.dmm.monster/favicon.ico
IP 188.114.96.1:0
Hash 570f5603c21ba299a21c6f27781ecf11
3c155f8f1e0fd583b64510f2ea0499e5e6f76a55
f6d78fcdd61748bc78244250d229a0af8d3270a8809d8b8360d8cd966315e39b
GET /favicon.ico HTTP/1.1
Host: av.dmm.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-av.dmm.monster127.0.0.1-myhost-av.dmm.monster127.0.0.1/favicon.ico
phost: av.dmm.monster
line1066: notjp-dmm-myhost-av.dmm.monster-filteron-
line2430: notjp-/favicon.ico-myhost-av.dmm.monster-filteron-
cache-control: public, max-age=14400
access-control-allow-origin: *
x-proxy-cache-5950: EXPIRED
xkey-5950: av.dmm.monster/favicon.ico--av.dmm.monster-av.dmm.monster-cacpdo0---yes
x-proxy-cache-gjp: HIT
xkey-g-jp: av.dmm.monster/favicon.ico--av.dmm.monster--my_zone
cf-cache-status: HIT
age: 644
last-modified: Tue, 17 Jan 2023 12:06:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLhamj3w0%2FtNwH4SN37jFaqWorTg%2FC%2FBoUkTbOxiIPwNsRyfI9xGXwgESPP6z2RvgGhmwA00ZqCoCd8yUIzPIEuiE1cYP5nxjLZIYeOnG7Z2KAYs8np%2BGq7q0zddqjWImw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af070c0959b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb89b31348ed46d9bc65f85a998cbcc7
c63af9230352b8a8a1b59ae3aeac67085c79c943
040c8dd80f38e343d331ce7edbd717cdbffa227e75f93e78e37da67739420258
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "040C8DD80F38E343D331CE7EDBD717CDBFFA227E75F93E78E37DA67739420258"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13352
Expires: Tue, 17 Jan 2023 15:59:56 GMT
Date: Tue, 17 Jan 2023 12:17:24 GMT
Connection: keep-alive
okashik.atype.jp/images/101-sbkd-0099/1.jpg
39.110.226.221200 OK 106 kB URL HTTP/1.1 okashik.atype.jp/images/101-sbkd-0099/1.jpg
IP 39.110.226.221:0
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Size 106 kB (105630 bytes)
Hash 5036a0348e056fe9c88ef3805ecf973b
2a9fd5e059f10ba2743106e048b928e403144a24
e01a74bf119f5fc667b787679077d34b8313a36466406f13ee4acb556ebc392d
GET /images/101-sbkd-0099/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:22 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:29:32 GMT
ETag: "e011c1-19c9e-5c4399ac271ee"
Accept-Ranges: bytes
Content-Length: 105630
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
fanat.men/favicon.ico
185.162.11.18200 OK 613 B IP 185.162.11.18:0
ASN #207728 EUROHOSTER Ltd.
File type PNG image data, 28 x 28, 8-bit colormap, non-interlaced\012- data
Hash b3f6f54b56f089f47cd4c0833192a0ca
c33d27c17d574c1d48d6109b9cdab8b264d858f9
05d88fba4d8c1d3663f9a2cdff093507669e44604a66867c2bfd413c57ae2f03
GET /favicon.ico HTTP/1.1
Host: fanat.men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:17:24 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 613
Connection: keep-alive
Last-Modified: Sat, 26 Mar 2022 01:16:58 GMT
ETag: "265-5db14d5f4d3ab"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Tue, 31 Jan 2023 12:17:24 GMT
okashik.atype.jp/favicon.ico
39.110.226.221200 OK 27 kB URL HTTP/1.1 okashik.atype.jp/favicon.ico
IP 39.110.226.221:0
ASN #2527 Sony Network Communications Inc.
File type MS Windows icon resource - 1 icon, -106x-106, 8 bits/pixel\012- data
Hash c96307b54559ba5b66bf64349fffaeed
ed0cf0bb16c7920bd8d9d07ca64cdeb5bac869b0
00690fc9a758e373f131eb5748f95d55238b0b60dca77bbfdb9c04949db74f88
GET /favicon.ico HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:23 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:22:28 GMT
ETag: "dc0718-6906-5c439817e2b05"
Accept-Ranges: bytes
Content-Length: 26886
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
xn---jfgsoucom-xo3rt4olv7g07mz39a.jifangg-com.com/favicon.ico
104.21.10.153403 Forbidden 2.5 kB URL HTTP/2 xn---jfgsoucom-xo3rt4olv7g07mz39a.jifangg-com.com/favicon.ico
IP 104.21.10.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1001)
Hash e373653307dc816b8d27fdf241472b99
758fca6d6e3a41d7cc29c48e6e2b0f22f08b7cca
ea18c47d3c499ce2239986336af00df8c41f107cab22edd942359f6df100b67e
GET /favicon.ico HTTP/1.1
Host: xn---jfgsoucom-xo3rt4olv7g07mz39a.jifangg-com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8EQEbieZgoJHyRELwJRURc%2Bh5fZFy8u3AZKSt82LspOmPHLLDdYVmZqF0d6ApbrDXWrbb0k2UOauijIJbP%2BMmhKgiJb0EfdAqpx%2FGR2IqJSd0NWuNeQCBhI3ImCh69%2B4RThtkIVFsR5IF3kC36dQ4Ec4PK9uQWI0%2BIN3SyNWpAM0nXt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78af070dca33b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 16c252a18fcf01b80468265dfb033d62
a74f5cf7c198a6128abde2c0aabbd40e7e697d52
99af9c2994f706bf6bb51c319d04dbc1e93c0f08311aeb6c569b940e4ddbac7e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4006
Cache-Control: max-age=96639
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:24 GMT
Etag: "63c558ad-117"
Expires: Wed, 18 Jan 2023 15:08:03 GMT
Last-Modified: Mon, 16 Jan 2023 14:01:17 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
www.latinporn.tv/favicon.ico
87.98.225.181404 Not Found 46 kB URL HTTP/2 www.latinporn.tv/favicon.ico
IP 87.98.225.181:0
Hash e3e0f8a933d97588ac2f43c4dbe737c1
e2aeb82275947e77df6f1ec656b59e15b25ec5cb
39e468e2a503cfad74ffd8bdaf53e515d4f2330b652e6daedcb8913f69a9624b
GET /favicon.ico HTTP/1.1
Host: www.latinporn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.16.1
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: text/html; charset: utf-8;charset=UTF-8
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=ni0o254qbcd98dhiuglpouvqu5; path=/
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 73c2ed1e08967aa5dbb1722c4606b747
a33da73fb4e79ca662e49b7279297930e34b0a74
857b80b1a5d108df2ce004c5108de64e0602473a8bdc925021ebeae6bc211bca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1648
Cache-Control: max-age=106160
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:24 GMT
Etag: "63c58714-117"
Expires: Wed, 18 Jan 2023 17:46:44 GMT
Last-Modified: Mon, 16 Jan 2023 17:19:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
russkie.tv/favicon.ico
188.114.96.1301 Moved Permanently 0 B IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: russkie.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 12:17:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 17 Jan 2023 13:17:24 GMT
Location: https://russkie.tv/favicon.ico
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B6893unGsyg8Oxs8nAOGFwEiJwnNRETLju67suX1cbdlxZ6uk%2B6bA%2F43r0df64pDADcRFlwU%2BC0dYTcU7lIymiNvg8y7PRF1fCkKPxCLtcaMdLntlHHYnfUjQxg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af070f9b7a0af6-OSL
alt-svc: h2=":443"; ma=60
avztc.xyz/favicon.ico
91.195.240.12403 Forbidden 500 B IP 91.195.240.12:0
Hash ea7765b87d6e66afd968a06b63437914
d1a23ab7c65307cd63e6781c4b227ddf05091a2f
93920e7776a9814d0d12b84f48497e34b1bdb811b24a11be7524b4350d52c49c
GET /favicon.ico HTTP/1.1
Host: avztc.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-encoding: gzip
content-type: text/html
date: Tue, 17 Jan 2023 12:17:23 GMT
server: NginX
vary: Accept-Encoding
X-Firefox-Spdy: h2
file.freshidolppv.com/free/ppv/blu_ray/imbd_418/thum_b.jpg
115.166.150.29200 OK 268 kB URL HTTP/1.1 file.freshidolppv.com/free/ppv/blu_ray/imbd_418/thum_b.jpg
IP 115.166.150.29:0
ASN #10010 TOKAI Communications Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=880, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1583], baseline, precision 8, 592x444, components 3\012- data
Size 268 kB (267886 bytes)
Hash 9c2dc1f61e176729bfed706d466f0891
75fc150a9382f4338c0014defeb0f83b4c898d63
c4336135336f8f82919ca5a3db7211c51c1e1b8020f7967974f5380ab7fbbb07
GET /free/ppv/blu_ray/imbd_418/thum_b.jpg HTTP/1.1
Host: file.freshidolppv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:11:39 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.1.1k PHP/7.4.23
Last-Modified: Fri, 02 Dec 2016 06:00:51 GMT
ETag: "4166e-542a6a9016ac0"
Accept-Ranges: bytes
Content-Length: 267886
Keep-Alive: timeout=1, max=1000
Connection: Keep-Alive
Content-Type: image/jpeg
okashik.atype.jp/images/110-mlkp-002/1.jpg
39.110.226.221200 OK 125 kB URL HTTP/1.1 okashik.atype.jp/images/110-mlkp-002/1.jpg
IP 39.110.226.221:0
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 450x634, components 3\012- data
Size 125 kB (124590 bytes)
Hash 14adcd677107eab3505aab595545cdb2
00a5585a357a284a367d2787eea7c14376bb1d07
66affb20571f71b09e479df10e5ef0e2325729f589953163763871585e451ea3
GET /images/110-mlkp-002/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:23 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:54:46 GMT
ETag: "ea0b9c-1e6ae-5c439f501694d"
Accept-Ranges: bytes
Content-Length: 124590
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
248avporn.com/favicon.ico
188.114.97.1302 Found 138 B URL HTTP/1.1 248avporn.com/favicon.ico
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /favicon.ico HTTP/1.1
Host: 248avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 302 Found
Date: Tue, 17 Jan 2023 12:17:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://248avporn.com/favicon.ico
X-Powered-By: EasyEngine 3.7.5
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTOy%2BYaNBQvyP32nYRzEEFw6P9KIBsZDMUSWDbruH%2FMjFIHJxPZHDh3G9icOJGF4ww1H9r%2FvFFNYB9tQk8JaDXb2crw9gZuEvxRxhf%2FJZyrOYLh06uEZr5t7pg5BvU0e"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af070dcadab524-OSL
alt-svc: h2=":443"; ma=60
file.freshidolppv.com/free/ppv/blu_ray/imbd_317/thum_b.jpg
115.166.150.29200 OK 281 kB URL HTTP/1.1 file.freshidolppv.com/free/ppv/blu_ray/imbd_317/thum_b.jpg
IP 115.166.150.29:0
ASN #10010 TOKAI Communications Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=874, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1595], baseline, precision 8, 592x444, components 3\012- data
Size 281 kB (280725 bytes)
Hash af53114fa72afa1a4af8d7bc7a27aef4
a5f1a05d21de87b66f287b0e1a1e283d994d7ae2
6abb980f072873a92c552f88b2649fb3dfd5134346e1aaec731ce0a0f460ba74
GET /free/ppv/blu_ray/imbd_317/thum_b.jpg HTTP/1.1
Host: file.freshidolppv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:11:39 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.1.1k PHP/7.4.23
Last-Modified: Thu, 12 Jan 2017 06:31:58 GMT
ETag: "44895-545dfdfc7f380"
Accept-Ranges: bytes
Content-Length: 280725
Keep-Alive: timeout=1, max=1000
Connection: Keep-Alive
Content-Type: image/jpeg
www.appav.site/favicon.ico
188.114.96.1200 OK 3.4 kB URL HTTP/2 www.appav.site/favicon.ico
IP 188.114.96.1:0
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 08e145187e8d83b6cffd026897d8c8ba
528cee81910208e997ad22befd3baa536baaa7be
f7e506c7d3f564e47b3b8cec61b1abef094fd1fa3a47358abd497ff1fa019135
GET /favicon.ico HTTP/1.1
Host: www.appav.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9B7V1Eanh7EifuWTrQAjYRj4nmIt9xrkngkZMEwvbHJGJG9pK7UpzRWCebVq%2BzdVOrACmsgm6wHEzcq9FvaWHWhKtxjt%2FNma8UpSo3vSg0ALnVPg8ZApULqRw%2FVsx%2B04w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af070e8f3f0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pornolomka.com/favicon.ico
104.21.233.196301 Moved Permanently 185 B URL HTTP/1.1 pornolomka.com/favicon.ico
IP 104.21.233.196:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 55ddfe7044cf0f3a257edb0ddeb20fb5
8998d4bf7cf3fcda93986d8451ac35410a840cd8
3e11dd6b24715dd0503dcf35302d987848f748ec38c686b8a11e575a12b6b254
GET /favicon.ico HTTP/1.1
Host: pornolomka.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 12:17:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://pornolomka2.com/favicon.ico
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 795
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tpy1skySGiXOgBdzlcFaxik1xE%2FJICtbYyrvUm4aOPTK%2BfsRMQIqoFNudzdb1LAInfVGdozIa79AREc%2FMmn%2B5%2BEhS5rsz%2Fm22xCI2fuUfNnJm%2B3g1dPrH63t0NRnBsDtyA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af071068c9769b-LHR
r3.o.lencr.org/
95.101.11.115200 OK 2.3 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 93a6ce3ccf8e69548a19b362f6c3b370
0ad9265bcbcb03f71841b5ae3d2532e17945997c
e0d3548627979614fdcee91caca5de5689585f324074ba36da5072719467b972
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5ECBA537A119CE99F44BC3566918CA6963A693E7D267C8E7AD055842BD86FBA"
Last-Modified: Sun, 15 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9868
Expires: Tue, 17 Jan 2023 15:01:52 GMT
Date: Tue, 17 Jan 2023 12:17:24 GMT
Connection: keep-alive
file.freshidolppv.com/free/ppv/blu_ray/impm_003/thum_b.jpg
115.166.150.29200 OK 288 kB URL HTTP/1.1 file.freshidolppv.com/free/ppv/blu_ray/impm_003/thum_b.jpg
IP 115.166.150.29:0
ASN #10010 TOKAI Communications Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=820, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1500], baseline, precision 8, 592x444, components 3\012- data
Size 288 kB (288489 bytes)
Hash ab7eabb452db812bbf9e9004afab25dc
878093a87f67204ced24fcce8cc67177cb8e08f7
6cef14bafbe8a961b3b51c3c80c66fdfad25a5bb2a7a82afdfb4d5c67ebe9090
GET /free/ppv/blu_ray/impm_003/thum_b.jpg HTTP/1.1
Host: file.freshidolppv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:11:39 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.1.1k PHP/7.4.23
Last-Modified: Fri, 14 Oct 2016 12:30:21 GMT
ETag: "466e9-53ed263bdf140"
Accept-Ranges: bytes
Content-Length: 288489
Keep-Alive: timeout=1, max=1000
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a85a1fae2c084137284f4a983ca55a67
a52a66712cb7f17b732ca74db253ce62cab64eff
055dce813a5849fe2583f5495faf7712fac63e7b5a8c4e52c9b230d71692854f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 22:54:15 GMT
Expires: Sat, 21 Jan 2023 22:54:14 GMT
Etag: "a52a66712cb7f17b732ca74db253ce62cab64eff"
Cache-Control: max-age=383209,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78af0710aec0fab8-OSL
pornolomka2.com/favicon.ico
91.194.110.16404 Not Found 169 B URL HTTP/2 pornolomka2.com/favicon.ico
IP 91.194.110.16:0
ASN #213166 UA-Hosting SIA
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 75498ccdf6d1ca96d29735566023829a
2951272e362fdf3d79488531406a383f96cf6332
dd2943d2f8c69925d2c6248e82f232d5c75efca81b0b16d580773e2d890133b6
GET /favicon.ico HTTP/1.1
Host: pornolomka2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.10.3
date: Tue, 17 Jan 2023 12:16:17 GMT
content-type: text/html
content-length: 169
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3aceeb8d3ffebcd2a5b3ddd6496ed4b9
d5381071c364bb7f5a3fc4f51e2fdfd87df93b86
5eb3b9de5141af0eded9a56e4526b5475bf93871aac537a09024d6f52b24c66b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EB3B9DE5141AF0EDED9A56E4526B5475BF93871AAC537A09024D6F52B24C66B"
Last-Modified: Tue, 17 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1355
Expires: Tue, 17 Jan 2023 12:39:59 GMT
Date: Tue, 17 Jan 2023 12:17:24 GMT
Connection: keep-alive
okashik.atype.jp/images/2117-ohi-025/1.jpg
39.110.226.221200 OK 404 kB URL HTTP/1.1 okashik.atype.jp/images/2117-ohi-025/1.jpg
IP 39.110.226.221:0
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2012:10:26 10:10:30], baseline, precision 8, 450x634, components 3\012- data
Size 404 kB (403847 bytes)
Hash 6821b13ab7ad5bcb982cfdf7f98ddbd6
7de9cd96b3bf66fc8f23f239115138a727a5db60
bcc03f3d066f9f83a705a3f30faff1a7e500c1ecf4fed54d7da2f7bdeef44ca7
GET /images/2117-ohi-025/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:22 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:10:02 GMT
ETag: "ee0f89-62987-5c43a2b96d885"
Accept-Ranges: bytes
Content-Length: 403847
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
www.liaoai3.xyz/favicon.ico
104.160.171.60404 Not Found 4.8 kB URL HTTP/1.1 www.liaoai3.xyz/favicon.ico
IP 104.160.171.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (320), with CRLF, LF line terminators
Hash b753da43f4f08ee3ac1b0119c4908870
9759a06e875c2dab28750823d53e65f272bfda91
97675abf1f087157ee2eb3aafa40f4e31022eb1db2af3096e714cfe578a109ef
GET /favicon.ico HTTP/1.1
Host: www.liaoai3.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 17 Jan 2023 12:17:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=r1k90dunmlmplr4001qj6h7af0; path=/
kt_referer=http%3A%2F%2Fav.co-vid.win%2F; expires=Wed, 18-Jan-2023 12:17:24 GMT; Max-Age=86400; path=/; domain=.liaoai3.xyz
kt_ips=91.90.42.154; expires=Wed, 18-Jan-2023 12:17:24 GMT; Max-Age=86400; path=/; domain=.liaoai3.xyz
Content-Encoding: gzip
www.youjizz.com/favicon.ico
66.254.114.242200 OK 4.3 kB URL HTTP/1.1 www.youjizz.com/favicon.ico
IP 66.254.114.242:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash cd65da5df2a2cfd472a198524ec61296
e51ea1800eec5985026a37498f4aa7044c757d04
321ac040acb1c782abf632960125319b8925361510e13b1a9dfd904a9e733515
GET /favicon.ico HTTP/1.1
Host: www.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Tue, 25 Feb 2020 06:57:19 GMT
etag: "5e54c54f-10be"
accept-ranges: bytes
set-cookie: RNLBSERVERID=ded6725; path=/
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63C691D4-42FE72F201BB0C7B-123C479
manymv.com/favicon.ico
104.21.82.199200 OK 3.5 kB IP 104.21.82.199:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 118c9726e2c57617746c95e440489c2f
9df42b477f32e186a62a7ffa9dd2ea9418747294
a5a03ddc2c635eb21b2925087795c7fac957846d7ae5c0a5a252dcef83faf579
GET /favicon.ico HTTP/1.1
Host: manymv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/x-icon
last-modified: Mon, 03 Jan 2022 19:58:34 GMT
etag: W/"61d3556a-3c2e"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIXC9oywj3ivsuM9fI7kOd66yhOQvxGiXzb5yV1N1w5oNGvJ7Mq3%2Bgnu%2FNpJIhWHLpa3stuuUdXUNZsIvKNoNIY%2FJYjvA7iM23RXklxeyriXn%2BJLqIE69SJxjMu%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af071168a6b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
18j.tv/
188.114.97.1301 Moved Permanently 0 B IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 18j.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://av.co-vid.win/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 12:17:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 17 Jan 2023 13:17:24 GMT
Location: https://18j.tv/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVXqLlEljL%2Fo1F1doBBuHmNGD0MlnqgJyoEH3GNi%2F4wOCiqpetzEIc8UaUsH6hWUQ%2F5kw3OE0OBeZkrv89%2FWPNNuUHD4f9oYJcVGRbOuRft7tiG7E%2FAQ78M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af0711cf55b4e8-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 16c252a18fcf01b80468265dfb033d62
a74f5cf7c198a6128abde2c0aabbd40e7e697d52
99af9c2994f706bf6bb51c319d04dbc1e93c0f08311aeb6c569b940e4ddbac7e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 439
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 12:17:24 GMT
Etag: "63c558ad-117"
Last-Modified: Tue, 17 Jan 2023 12:10:05 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 279
javtheater.com/favicon.ico
107.150.52.90200 OK 139 B URL HTTP/2 javtheater.com/favicon.ico
IP 107.150.52.90:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7a440e1718985958b98f48fee3f60b38
f33512710c4d705704569b0351e29096545b77b0
838814135e4965275ba26a5551fe1faadd30dbd05914e1232e5d5e1103d49fee
GET /favicon.ico HTTP/1.1
Host: javtheater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 24 Jan 2023 12:17:24 GMT
etag: "47e-5f3b4c0b-120137d;br"
last-modified: Tue, 18 Aug 2020 03:33:31 GMT
content-type: image/x-icon
content-length: 139
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 17 Jan 2023 12:17:24 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
douga100ka.jp/favicon.ico
153.122.40.239200 OK 12 kB URL HTTP/1.1 douga100ka.jp/favicon.ico
IP 153.122.40.239:0
ASN #131921 GMO GlobalSign Holdings K.K.
File type MS Windows icon resource - 3 icons, 48x48, 24 bits/pixel, 32x32, 24 bits/pixel\012- data
Hash 27845c577fdf36a2feaf3f367e1974db
d4875913015d68825c5b6a21b3478cdee6692aed
532904c817159bfb463e2fc71d5f9706a5d681e00412728c3106b6231005de55
GET /favicon.ico HTTP/1.1
Host: douga100ka.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:24 GMT
Server: Apache
Last-Modified: Tue, 29 Sep 2020 21:37:24 GMT
ETag: "2eee-5b07a96ad6d00"
Accept-Ranges: bytes
Content-Length: 12014
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
www.dmm.co.jp/favicon.ico
54.230.216.186301 Moved Permanently 198 B URL HTTP/2 www.dmm.co.jp/favicon.ico
IP 54.230.216.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4b4e14e78cc1cfeaff2be86686a7872d
45a095fc2374b08181d51e199e08955232fa2414
3c656afd70b573701e1cdd886340dd79bff1834c6f47ab8daed47f04c03a4e6f
GET /favicon.ico HTTP/1.1
Host: www.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
content-length: 198
location: https://p.dmm.co.jp/p/favicon.ico
date: Tue, 17 Jan 2023 12:17:24 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2dNOLytwzaZYCrDwP0zRAD4D-VBm5SwuW0nTkDYI6rjZ-XCPXh6PgA==
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4f44bd2db7e76cdde5d2aed2e254470a
efcd51af7ef317e190b91bc69a84a067c8762cf2
5dfd70fdf7b93629f74fda53bdedf6c5cfbae8d708fe1b204a5f339feec5508e
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 07:16:31 GMT
Expires: Sun, 22 Jan 2023 07:16:30 GMT
Etag: "efcd51af7ef317e190b91bc69a84a067c8762cf2"
Cache-Control: max-age=603609,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78af0710fd40b4fd-OSL
gravure-movie.com/favicon.ico
180.222.185.14200 OK 1.2 kB URL HTTP/1.1 gravure-movie.com/favicon.ico
IP 180.222.185.14:0
ASN #131921 GMO GlobalSign Holdings K.K.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash ec49973c1991bf39fcdb53260467f39f
7e47e857f6b5bb34dc8aea01d6f422e2d0ddbc65
3550474f9a466ace7857064d81db50a25ba7c81de043bc9df8289bd90e32e411
GET /favicon.ico HTTP/1.1
Host: gravure-movie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:17:24 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 12 Feb 2020 11:14:00 GMT
Connection: keep-alive
ETag: "5e43ddf8-47e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ok.ru/favicon.ico
217.20.155.13200 OK 5.4 kB IP 217.20.155.13:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash fe4399b5a784050303dce07f4362998f
171723eed7d7b60739e679194ba07df03abf94f5
1167db0ee08ba5dfb2a2b01416263fcaf86c10e09bef78890c2bc29a88404387
GET /favicon.ico HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/x-icon;charset=UTF-8
content-length: 5430
accept-ranges: bytes
etag: W/"5430-1673861378000"
last-modified: Mon, 16 Jan 2023 09:29:38 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0b8fa313ca7e9d517fa096d059a1b8f2
cc58e094eb10a0d5ff9983c31f4576c05459da01
2d6c1f6e824b385fa2a7441d5d891c3f1d8c6a9b0939ccd36966b323eb80f6a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2D6C1F6E824B385FA2A7441D5D891C3F1D8C6A9B0939CCD36966B323EB80F6A7"
Last-Modified: Mon, 16 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7182
Expires: Tue, 17 Jan 2023 14:17:06 GMT
Date: Tue, 17 Jan 2023 12:17:24 GMT
Connection: keep-alive
81821hm.com/favicon.ico
23.225.79.67301 Moved Permanently 166 B IP 23.225.79.67:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /favicon.ico HTTP/1.1
Host: 81821hm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: openresty
date: Tue, 17 Jan 2023 12:17:15 GMT
content-type: text/html
content-length: 166
location: https://81821hm.com/
access-control-allow-origin: *
X-Firefox-Spdy: h2
motherless.com/favicon.ico
185.107.81.234200 OK 1.2 kB URL HTTP/1.1 motherless.com/favicon.ico
IP 185.107.81.234:0
ASN #43350 NForce Entertainment B.V.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 71fed71dccb91a13bdf68a6444f25ce4
38da7202842147ecda5521d50f094a54d1381f2c
18f6675d329e6cb3bb7d7d1e546a1c68c5cc599f1b3ae98c2abbd21a53dc42c2
GET /favicon.ico HTTP/1.1
Host: motherless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:17:24 GMT
Content-Type: image/x-icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Mon, 12 Aug 2019 11:39:08 GMT
ETag: "5d514fdc-47e"
X-Server-W: web02
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Status: HIT
Accept-Ranges: bytes
hentaiprn.com/wp-content/uploads/2021/07/favicon-32x32-1.png
188.114.96.1200 OK 244 B URL HTTP/2 hentaiprn.com/wp-content/uploads/2021/07/favicon-32x32-1.png
IP 188.114.96.1:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash aa6ca0c5b76e474eca3b61c9ad3c2fc9
b76e48a1e89b985ff2de5595a5191f5a464bc785
38a46369902d2e2aeb89599c0b45399d707017cb08b118cef6bcfa707bf5d7cd
GET /wp-content/uploads/2021/07/favicon-32x32-1.png HTTP/1.1
Host: hentaiprn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/png
content-length: 244
last-modified: Thu, 15 Jul 2021 14:24:54 GMT
etag: "60f04536-f4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3443
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG%2BdBVlM6lVgPyRiEwEy3c7WB2UqRm6B9AeLFfZpJLHzlbv0FrONtr9L9i6FvAjdG8j2sfy9H2aiGVqu97p1Iu60HmyZytBKvB9L%2FuYaiAEBO7%2BoguSKYjGV470RTJGq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0713299ab503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecdabc99e26e7e3428741c12bc861368
0fc35fd26bbee9b39778fbb09cc2c30b915bdda1
79ce3452cf71f3b96c0af9794278664fa23bdbb64b728c0761d79328da83ba86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79CE3452CF71F3B96C0AF9794278664FA23BDBB64B728C0761D79328DA83BA86"
Last-Modified: Mon, 16 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18260
Expires: Tue, 17 Jan 2023 17:21:45 GMT
Date: Tue, 17 Jan 2023 12:17:25 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 98074c5510f87ff8bf5276e2b47a0ed3
b27692a9b09b8bc3812e934ce4e74bddccac1186
6f12a512268d9ae030c9508507ab76a82403de1ab673881eb4974226264098d2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 17 Jan 2023 12:17:25 GMT
Last-Modified: Tue, 17 Jan 2023 10:28:02 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jgcue-juEAqaPN3brbtBUJspUnRKCbzgerYVMjhtdo2VcQxqaXtFwg==
Age: 6563
erosakuchan.blogterest.net/favicon.ico
209.58.177.64200 OK 4.3 kB URL HTTP/1.1 erosakuchan.blogterest.net/favicon.ico
IP 209.58.177.64:0
ASN #59253 Leaseweb Asia Pacific pte. ltd.
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash fb91f30211964b611bf39955e0938076
b0fb1b9af61280950dfee4bbcc8a077466751203
4472d39e6d2ec3fffc6b274160e858e3f0e9292f9e26f2aa1f801a8879c6a5a1
GET /favicon.ico HTTP/1.1
Host: erosakuchan.blogterest.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:17:24 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: close
Last-Modified: Wed, 04 Apr 2018 05:49:31 GMT
ETag: "5ac4676b-10be"
Expires: Wed, 01 Feb 2023 09:36:47 GMT
Cache-Control: max-age=2592000
X-Cache-Status: HIT
Accept-Ranges: bytes
81821hm.com/
23.225.79.67302 Found 142 B IP 23.225.79.67:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET / HTTP/1.1
Host: 81821hm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 17 Jan 2023 12:17:15 GMT
content-type: text/html
content-length: 142
location: https://tpswvvfbjq.tvkfszwqcwus8kd5piqq5jw5maupubdihq.buzz:8443/
access-control-allow-origin: *
X-Firefox-Spdy: h2
pornmaster.fun/favicon.ico
104.167.223.182301 Moved Permanently 162 B URL HTTP/2 pornmaster.fun/favicon.ico
IP 104.167.223.182:0
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: pornmaster.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html
content-length: 162
location: https://pornking.fun/favicon.ico
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.qiqu9.xyz/favicon.ico
104.160.171.62200 OK 4.3 kB URL HTTP/1.1 www.qiqu9.xyz/favicon.ico
IP 104.160.171.62:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash ce94747bb0dea683fd420d4764ac487d
e874006f6da2ce8f3fabbfea5b8ed85aa69e6d06
aafd5ce83fcd211faadd4cda72da4f98b1a471004c718b0e65a5da1e879b0886
GET /favicon.ico HTTP/1.1
Host: www.qiqu9.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 12:17:25 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Sun, 02 Oct 2022 05:49:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6339266b-10be"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
chobit.cc/favicon.ico
18.182.74.98200 OK 3.6 kB IP 18.182.74.98:0
File type MS Windows icon resource - 2 icons, 16x16, 8 bits/pixel, 32x32, 8 bits/pixel\012- data
Hash 9f7550d9fea6d0fd5ff7312b17e1b129
3fcfd7f9266c272b1290a1c5e7a1e3b3e74a8e99
03c4ec4d05e9212894f646d4a8fbc64181fb88d59063e5363ef69618ef0a51ab
GET /favicon.ico HTTP/1.1
Host: chobit.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-control: no-cache="set-cookie"
Content-Type: image/vnd.microsoft.icon
Date: Tue, 17 Jan 2023 12:17:25 GMT
ETag: "83323b-e36-5ef97dfa843c0"
Last-Modified: Mon, 12 Dec 2022 02:00:55 GMT
Server: Apache
Set-Cookie: AWSELB=9F29EB6D0A842AE3BAE0A81984C9B62851A2FD5311E41FE41AD63A3B1E3196BCB275BD53F16C2AEA674F9F24FFACB0CCED16274A16C2E533A9E66A2033DA156E5439F0A26A;PATH=/;MAX-AGE=7200
AWSELBCORS=9F29EB6D0A842AE3BAE0A81984C9B62851A2FD5311E41FE41AD63A3B1E3196BCB275BD53F16C2AEA674F9F24FFACB0CCED16274A16C2E533A9E66A2033DA156E5439F0A26A;PATH=/;MAX-AGE=7200;SECURE;SAMESITE=None
Strict-Transport-Security: max-age=31536000; preload
Content-Length: 3638
Connection: keep-alive
freshidolppv.com/favicon.ico
115.166.150.102200 OK 198 B URL HTTP/1.1 freshidolppv.com/favicon.ico
IP 115.166.150.102:0
ASN #10010 TOKAI Communications Corporation
File type MS Windows icon resource - 1 icon, 16x16, 2 colors\012- data
Hash 06e70acdaaaefb36d0ffc2430eb027c7
ab4c5db92ce717dbe508b6d28040c8cbf8c6046e
091609b2797219d669da9f1b11bde92dbab166550977169eade317e1189b6c19
GET /favicon.ico HTTP/1.1
Host: freshidolppv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 12:17:25 GMT
Server: Apache/2.2.31 (Unix) PHP/5.3.29 mod_ssl/2.2.31 OpenSSL/1.0.0-fips mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Tue, 27 Jul 2021 07:46:00 GMT
ETag: "42c7299-c6-5c8160fa64a93"
Accept-Ranges: bytes
Content-Length: 198
Keep-Alive: timeout=1, max=1000
Connection: Keep-Alive
Content-Type: image/x-icon
pornking.fun/favicon.ico
104.167.223.182301 Moved Permanently 162 B IP 104.167.223.182:0
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: pornking.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html
content-length: 162
location: https://pornking.fun/
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
p.dmm.co.jp/p/favicon.ico
103.254.145.160200 OK 15 kB URL HTTP/2 p.dmm.co.jp/p/favicon.ico
IP 103.254.145.160:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 585b7660a8d46df20f3a0f838b58e11a
c4b5148fad8e310257812bf99be815a8dd145af5
9cb6d660bbc93c9ff4b0b2a0e0253b5b5c5e102d35cbd8644e4690a3c6b00f69
GET /p/favicon.ico HTTP/1.1
Host: p.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: image/x-icon
content-length: 15086
last-modified: Tue, 31 Jul 2018 10:18:36 GMT
etag: "5b60377c-3aee"
x-cache-status: HIT
set-cookie: app_uid=Z/6RoGPGkdVxvwaN0zwkAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pornking.fun/
104.167.223.182301 Moved Permanently 162 B IP 104.167.223.182:0
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: pornking.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html
content-length: 162
location: https://pornking.fun/hd/
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
img-egc.xvideos.com/videos/thumbsll/e3/80/90/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d.9.jpg
195.181.166.14404 Not Found 173 B URL HTTP/1.1 img-egc.xvideos.com/videos/thumbsll/e3/80/90/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d.9.jpg
IP 195.181.166.14:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3674c9f9d4cb3aeda8a1dabcf83e21ce
e464bbf96e99f833d457531275b5f4e94d5f633d
d0defd1c3d57c0cc21ccf2602e742ba72684282cebaae43539b5b6c6d97ac5b7
GET /videos/thumbsll/e3/80/90/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d.9.jpg HTTP/1.1
Host: img-egc.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 12:17:27 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: sameorigin
Cache-Control: max-age=10368000, public
Access-Control-Allow-Origin: *
X-Accel-Expires: @1679589151
X-77-NZT: A8O1pg1bMOP/as4bAJySISPaGVT/TngsAI/0OtjIRTnR
X-77-NZT-Ray: ffffffff493ea854d791c663ccc1e109
X-77-Cache: HIT
Server: CDN77-Turbo
X-Cache-LB: HIT, HIT
X-Age-LB: 2914382, 1822314
X-77-POP: stockholmSE
Content-Encoding: gzip
rz.nakadashi.pw/v/s://avztc.xyz/index.php/vod/play/id/69067/sid/1/nid/1.html/title/myhash/3
172.64.128.21200 OK 174 B URL HTTP/2 rz.nakadashi.pw/v/s://avztc.xyz/index.php/vod/play/id/69067/sid/1/nid/1.html/title/myhash/3
IP 172.64.128.21:0
Hash 6ff99b65e33421b157780cdb9fa37eda
c180720a313c961d77a75cd7ac521becfaef28a0
bd2c3c99fe81956937ccf9bbdf35505cff6589378d3adcc6ec3a9b24406d1a9c
Analyzer Verdict Alert fortinet Phishing
GET /v/s://avztc.xyz/index.php/vod/play/id/69067/sid/1/nid/1.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://avztc.xyz/index.php/vod/play/id/69067/sid/1/nid/1.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/fa/65/a28058, lfm-1-131, lmd-131, lud-1738015, xfvlen-1720787, fsize-1995052, played-659
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://avztc.xyz/index.php/vod/play/id/69067/sid/1/nid/1.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://avztc.xyz/index.php/vod/play/id/69067/sid/1/nid/1.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 284784
last-modified: Sat, 14 Jan 2023 05:11:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8S3tiJOGIt85VOJoHx%2BARjKGgKC0lxOoWP9QRbQPEElQgUpG8UfPIPZY444Z5LeRLZF7VJ6Aa0QOXQiBSGjYGYJghRdRf49PcFL8%2FIuaavib%2BLxRXHvNztcoivg3gvp2HAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af07172c8472ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://027678.com/vodplay/34058.shtml/title/myhash/3
172.64.128.21200 OK 174 B URL HTTP/2 rz.nakadashi.pw/v/s://027678.com/vodplay/34058.shtml/title/myhash/3
IP 172.64.128.21:0
Hash 6ff99b65e33421b157780cdb9fa37eda
c180720a313c961d77a75cd7ac521becfaef28a0
bd2c3c99fe81956937ccf9bbdf35505cff6589378d3adcc6ec3a9b24406d1a9c
Analyzer Verdict Alert fortinet Phishing
GET /v/s://027678.com/vodplay/34058.shtml/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://027678.com/vodplay/34058.shtml/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/d9/c7/e7b534, lfm-1-669, lmd-670, lud-2360668, xfvlen-2360331, fsize-1400138, played-862
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://027678.com/vodplay/34058.shtml/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://027678.com/vodplay/34058.shtml/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 192219
last-modified: Sun, 15 Jan 2023 06:53:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Px89f3s%2BqEDn7P6E19Chi%2FBMmM7v6sf4wJ5VXunkLvmxx%2BFdk%2B%2Fn%2BnTMwYrkgcQo8BXfnbcyTfTXpAkfs03%2BAU%2Fdun%2F1Mkhvdab8q4c7McxeNWN70IwpjPLnnwRoNzVAgw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af07171c6e72ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-egc.xvideos.com/videos/thumbsll/e3/80/90/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d.3.jpg
195.181.166.14404 Not Found 173 B URL HTTP/1.1 img-egc.xvideos.com/videos/thumbsll/e3/80/90/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d.3.jpg
IP 195.181.166.14:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3674c9f9d4cb3aeda8a1dabcf83e21ce
e464bbf96e99f833d457531275b5f4e94d5f633d
d0defd1c3d57c0cc21ccf2602e742ba72684282cebaae43539b5b6c6d97ac5b7
GET /videos/thumbsll/e3/80/90/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d/e38090e6af8de5ad90e4b9b1e4bca6e38091e6b7abe4b9b1e6af8de4bab2e5bcbae58da0e584bfe5ad90e5a484e5ad90e8baabefbc81e7acac1e99b86e5858d.3.jpg HTTP/1.1
Host: img-egc.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.co-vid.win/
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 12:17:27 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: sameorigin
Cache-Control: max-age=10368000, public
Access-Control-Allow-Origin: *
X-Accel-Expires: @1679589152
X-77-NZT: A8O1pg31+YL/a84bANRmOBULte3/THgsAI/0OsiWUNPB
X-77-NZT-Ray: ffffffff4f37ac54d791c6635391fd09
X-77-Cache: HIT
Server: CDN77-Turbo
X-Cache-LB: HIT, HIT
X-Age-LB: 2914380, 1822315
X-77-POP: stockholmSE
Content-Encoding: gzip
rz.nakadashi.pw/v/s://027678.com/vodplay/30647.shtml/title/myhash/3
172.64.128.21200 OK 174 B URL HTTP/2 rz.nakadashi.pw/v/s://027678.com/vodplay/30647.shtml/title/myhash/3
IP 172.64.128.21:0
Hash 6ff99b65e33421b157780cdb9fa37eda
c180720a313c961d77a75cd7ac521becfaef28a0
bd2c3c99fe81956937ccf9bbdf35505cff6589378d3adcc6ec3a9b24406d1a9c
Analyzer Verdict Alert fortinet Phishing
GET /v/s://027678.com/vodplay/30647.shtml/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://027678.com/vodplay/30647.shtml/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/fd/19/5b5b34, lfm-1-9, lmd-9, lud-2293877, xfvlen-2149841, fsize-738381, played-114
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: EXPIRED
xkey-5950: rz./v/s://027678.com/vodplay/30647.shtml/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://027678.com/vodplay/30647.shtml/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 399462
last-modified: Thu, 12 Jan 2023 21:19:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW78ydts7Hzu9g29HChWNJa9BAJRJ9jbKCYoKlGP01OADVGpHSOW0H5QwQFVLZwb7R%2BENda3RrADfMMMcHXWbDowippZsC4VU8tWdmszA1QOiUTDz2ypCQTCQy96se2F8DY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af07172c8772ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
movie-ga.com/favicon.ico
188.114.96.1403 Forbidden 0 B IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: movie-ga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZ9qphGX5%2BZ0rZfTKG3zKFPMWS64wbrChFqaBQZDKmVch%2B4UAYDKsNnQWmR2pJXQ%2FEJQgNoCaLind%2BIm%2FoEleqT9TsGGKxDY8DvxcCIKkbUnX2FGC9BhBhjY0iTzp28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af070e8847b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
appav.site/favicon.ico
188.114.96.1200 OK 0 B IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: appav.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3671
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llOsunmEB5TuTRarixaXC9s8K9%2FAiOu4WZN54uxymlp2v%2FGQdKE%2FPIvf%2BcFMR0bOZnReTFX0XixvwuksQIBQ84TO0QlNnjqO5gVF4YLZx%2FX%2F%2B3XmB3eKazZLvCqT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af070e8d650b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.qinav.com/video/767066.html/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.qinav.com/video/767066.html/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.qinav.com/video/767066.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.qinav.com/video/767066.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/21/53/a7e635, lfm-1-18452, lmd-18452, lud-681253, xfvlen-2687036, fsize-909587, played-133
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.qinav.com/video/767066.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.qinav.com/video/767066.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 2378967
last-modified: Tue, 20 Dec 2022 23:27:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YElv5STyem%2Fngbbe%2BIP5g3PtGyk%2Bgg18ZDX6jrQcDf%2B7oW4v4tLTg3eoDRLN4xBmIQmaTL%2FY5l439PaH9WiAhLLVhgY1Qa5OLUEG2iByVytehEkNLh3AS3y9qQME%2BUucRIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af0716dc0772ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
crazyshit.com/favicon.ico
104.21.54.19200 OK 0 B URL HTTP/2 crazyshit.com/favicon.ico
IP 104.21.54.19:0
GET /favicon.ico HTTP/1.1
Host: crazyshit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/vnd.microsoft.icon
strict-transport-security: max-age=0
last-modified: Wed, 07 Apr 2021 12:54:46 GMT
etag: W/"47e-5bf616f7703a5"
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-max-age: 600
timing-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 701
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMhUBScz8WJLbIKfCE5xTLgeR%2FRpYPIoSNlT8M2YorzmbbxwAV4Jd2IQ6r5EC2wTuDNxkIsFF5phgMTWm%2FlRIgmC7X3tskbgqGaXs2Dsq7uXZcK2Xb5xCJyt%2F8SfJTAa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0710ced0fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cinepornogratis.com/favicon.ico
104.26.9.215404 Not Found 0 B URL HTTP/2 cinepornogratis.com/favicon.ico
IP 104.26.9.215:0
GET /favicon.ico HTTP/1.1
Host: cinepornogratis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=14400, must-revalidate
protected: by MS22122902
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15768000;
cf-cache-status: HIT
age: 5442
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smKYTWuSLGg%2Bqbiao8QddTYksMBiEGirvB1V2JzW4T9VDaMV0IVwnSVDNyB%2FQqun%2F844mmv%2FMdtXr3BDDr%2FYPEkIw7JURT02UkRRCKNFvwumxJwaNzVwBqy7hkgAOAZxv%2FTTyMI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0709ed03b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.liaoai.xyz/favicon.ico
188.114.96.1301 Moved Permanently 0 B URL HTTP/2 www.liaoai.xyz/favicon.ico
IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: www.liaoai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 17 Jan 2023 12:17:24 GMT
location: http://www.liaoai1.xyz/favicon.ico
cache-control: max-age=3600
expires: Tue, 17 Jan 2023 13:17:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68TYOzFCjxvKzg5RjeUdDdBB6mJFqIS%2B%2F9M0s07%2FSV6pHobWZKTJedtyid9kFaz2gHINcCHsV3I7yTHHvMBCHDVzHiSYoDhMea4opa8PAZk%2B9j2If7UYw9KRjBodxrT%2BXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af070d3bae1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ifreshporn.com/favicon.ico
46.229.174.195404 Not Found 0 B URL HTTP/2 www.ifreshporn.com/favicon.ico
IP 46.229.174.195:0
ASN #39572 DataWeb Global Group B.V.
GET /favicon.ico HTTP/1.1
Host: www.ifreshporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: openresty
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
m.dianyingkang.com/favicon.ico
172.67.159.156200 OK 0 B URL HTTP/2 m.dianyingkang.com/favicon.ico
IP 172.67.159.156:0
GET /favicon.ico HTTP/1.1
Host: m.dianyingkang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT, MISS
expires: Mon, 16 Jan 2023 00:09:50 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 173254
last-modified: Sun, 15 Jan 2023 12:09:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbN068wvsk8dLn5qXt8r%2Bel6CgNUNOQ2eqU2baVDkrNCIkmfy418khWnYS%2B4juaEWClS1aqNaObTBYToVc2CbK1%2BPytAe8V3buAZujasWCMiyBMFiVeWkKhuMiNsjHfYveMVils%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af07113f8bb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://badouav.com/play/37564-1-1.html/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://badouav.com/play/37564-1-1.html/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://badouav.com/play/37564-1-1.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://badouav.com/play/37564-1-1.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo4/11/fe/914e35, lfm-1-1223, lmd-1224, lud-218032, xfvlen-1829025, fsize-1476098, played-3097
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://badouav.com/play/37564-1-1.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://badouav.com/play/37564-1-1.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 212463
last-modified: Sun, 15 Jan 2023 01:16:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiWwaZm%2BIQkaJYP28Veov8XrIjPW6bggxWiNjDitpCofSZ7a99wHP0D6a5GVUjteosolvZ18O71GfNrmMa4ywDYt%2BJfvkeY7g1YWxSBGNzJwmLCtetwoRS6ApNU%2F9t9R5qY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af0716dc0572ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js
IP 104.16.122.175:0
GET /videojs-flash@2.2.1/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:20 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"99ef-EigKzOQZJEjpPjsu+eGt9sbrqUo"
via: 1.1 fly.io
fly-request-id: 01G4XED00012H0FHS4H5YGBK8Y-fra
cf-cache-status: HIT
age: 19407168
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78af06f6bb3bb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
jfgdizhi.com/favicon.ico
104.21.19.187403 Forbidden 0 B IP 104.21.19.187:0
GET /favicon.ico HTTP/1.1
Host: jfgdizhi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khf5601SojBny2G29xdUKq%2FuQsXtf47IqVIBzVjG3HVYFkvrdt0NYSk0Xwc6UivEcRKi7ypkUOyR0JAY%2FHQbtSy78Ok01o1%2F%2Br0DQJWg6w2JV4Oh3eiu%2FfN5yI5i9LY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78af070cef00b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
027678.com/favicon.ico
188.114.96.1403 Forbidden 0 B IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: 027678.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6M%2FcKiJfqBT0nal8axOC8rFwnRJHLFzYZ6Co2XMLpdC7BX1%2BKixOxLmtAG2yivMAy2lYLpCOaLmJFdI7Cb%2B7iHhrVuo1m5ZF0XdLdRpNxcoq%2FjKr0WSWaW9ocqYp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0709dacdb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
18j.tv/
188.114.97.1403 Forbidden 0 B IP 188.114.97.1:0
GET / HTTP/1.1
Host: 18j.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wW0FGfGmSAzJokQP4duxyxdLX2VLrM18Vd1PsNK54npIOt02OYwAW1vrlDlosQOW3Hq3DsFcFw4FCFjGHdqnJGRQqFd%2B6ydK2vTCMoeOjUGysQ7QCHSVAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0712dde7b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/://www.taohuazx.xyz/play/34704-1-1.html/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/://www.taohuazx.xyz/play/34704-1-1.html/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/://www.taohuazx.xyz/play/34704-1-1.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/://www.taohuazx.xyz/play/34704-1-1.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/87/d2/7cf639, lfm-1-163, lmd-163, lud-817470, xfvlen-1589562, fsize-1918787, played-3002
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/://www.taohuazx.xyz/play/34704-1-1.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/://www.taohuazx.xyz/play/34704-1-1.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 399354
last-modified: Thu, 12 Jan 2023 21:21:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rt39zmM9EQxP5%2BMUUenKOm2w%2BAfXAMFMCPHThmIGdlN4kuS5SsRKW50Qm%2FLgXxA8BWyCEaHm3K3MeW8VrxGK1h%2Fbwbqu84k3cpEwCuc8E6%2FLETAwFpHzMGFT%2F05sYSb45bQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af0716dc0272ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://appav1.buzz/vodplay/408693-1-1.html/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://appav1.buzz/vodplay/408693-1-1.html/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://appav1.buzz/vodplay/408693-1-1.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://appav1.buzz/vodplay/408693-1-1.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/da/f2/335339, lfm-1-503, lmd-503, lud-269622, xfvlen-2553170, fsize-1006218, played-838
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://appav1.buzz/vodplay/408693-1-1.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://appav1.buzz/vodplay/408693-1-1.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 1828405
last-modified: Tue, 27 Dec 2022 08:24:00 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPvV0TD3zWDly9V8oq5qPF8xLJbTnPBn7SYxgy5ETCs2JR4Ni8BJdqpPM6pFzjJEE7uTmkuw6%2BPrXnfTAKYR4EFvz8OcLShQtmH3HN16EcmF4G2F8uKXerGXCMTFiPKYk90%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af0716dc0672ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.chuliany.xyz/videos/13036/31//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.chuliany.xyz/videos/13036/31//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.chuliany.xyz/videos/13036/31//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.chuliany.xyz/videos/13036/31//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo4/14/46/5d, lfm-10-82, lmd-82, lud-82, xfvlen-97937, fsize-482373, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://www.chuliany.xyz/videos/13036/31//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.chuliany.xyz/videos/13036/31//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 1757325
last-modified: Wed, 28 Dec 2022 04:08:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJuGTaTL5v%2FZQfgqUNtqYssCBJ1HiWcgSQyaBoh8Ap8bJffO64fhnPHsT1ekoO610UFx6l3tP%2FH4VqLFKxmqomZRXIT54EZRs1SOcKg1k%2FvkxsE9OgS8BHaoIyXnaX3qKJ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af07171c6a72ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fchuliany.xyz%2Fvideos%2F13027%2F3dafc8039b74a4928336a57cdb2136d3%2Ftitle%2F%25E3%2580%2590%25E6%25AF%258D%25E5%25AD%2590%25E4%25B9%25B1%25E4%25BC%25A6%25E3%2580%2591%25E6%25B7%25AB%25E4%25B9%25B1%25E6%25AF%258D%25E4%25BA%25B2%25E5%25BC%25BA%25E5%258D%25A0%25E5%2584%25BF%25E5%25AD%2590%25E5%25A4%2584%25E5%25AD%2590%25E8%25BA%25AB%25EF%25BC%2581-%25E5%2588%259D%25E6%2581%258B%25E4%25B9%258B%25E5%25A4%259C%2520%5B11%3A28x721p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A971720928854%3Ahid%3A251813899%3Az%3A0%3Ai%3A20230117121720%3Aet%3A1673957840%3Ac%3A1%3Arn%3A843725180%3Arqn%3A1%3Au%3A1673957840745750954%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A20%2C247%2C247%2C0%2C-4%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673957838604%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673957840%3At%3A%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fchuliany.xyz%2Fvideos%2F13027%2F3dafc8039b74a4928336a57cdb2136d3%2Ftitle%2F%25E3%2580%2590%25E6%25AF%258D%25E5%25AD%2590%25E4%25B9%25B1%25E4%25BC%25A6%25E3%2580%2591%25E6%25B7%25AB%25E4%25B9%25B1%25E6%25AF%258D%25E4%25BA%25B2%25E5%25BC%25BA%25E5%258D%25A0%25E5%2584%25BF%25E5%25AD%2590%25E5%25A4%2584%25E5%25AD%2590%25E8%25BA%25AB%25EF%25BC%2581-%25E5%2588%259D%25E6%2581%258B%25E4%25B9%258B%25E5%25A4%259C%2520%5B11%3A28x721p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A971720928854%3Ahid%3A251813899%3Az%3A0%3Ai%3A20230117121720%3Aet%3A1673957840%3Ac%3A1%3Arn%3A843725180%3Arqn%3A1%3Au%3A1673957840745750954%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A20%2C247%2C247%2C0%2C-4%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673957838604%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673957840%3At%3A%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
GET /watch/48140495?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fchuliany.xyz%2Fvideos%2F13027%2F3dafc8039b74a4928336a57cdb2136d3%2Ftitle%2F%25E3%2580%2590%25E6%25AF%258D%25E5%25AD%2590%25E4%25B9%25B1%25E4%25BC%25A6%25E3%2580%2591%25E6%25B7%25AB%25E4%25B9%25B1%25E6%25AF%258D%25E4%25BA%25B2%25E5%25BC%25BA%25E5%258D%25A0%25E5%2584%25BF%25E5%25AD%2590%25E5%25A4%2584%25E5%25AD%2590%25E8%25BA%25AB%25EF%25BC%2581-%25E5%2588%259D%25E6%2581%258B%25E4%25B9%258B%25E5%25A4%259C%2520%5B11%3A28x721p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A971720928854%3Ahid%3A251813899%3Az%3A0%3Ai%3A20230117121720%3Aet%3A1673957840%3Ac%3A1%3Arn%3A843725180%3Arqn%3A1%3Au%3A1673957840745750954%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A20%2C247%2C247%2C0%2C-4%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673957838604%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673957840%3At%3A%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fav.co-vid.win%2Fv%2Fs%3A%2Fchuliany.xyz%2Fvideos%2F13027%2F3dafc8039b74a4928336a57cdb2136d3%2Ftitle%2F%25E3%2580%2590%25E6%25AF%258D%25E5%25AD%2590%25E4%25B9%25B1%25E4%25BC%25A6%25E3%2580%2591%25E6%25B7%25AB%25E4%25B9%25B1%25E6%25AF%258D%25E4%25BA%25B2%25E5%25BC%25BA%25E5%258D%25A0%25E5%2584%25BF%25E5%25AD%2590%25E5%25A4%2584%25E5%25AD%2590%25E8%25BA%25AB%25EF%25BC%2581-%25E5%2588%259D%25E6%2581%258B%25E4%25B9%258B%25E5%25A4%259C%2520%5B11%3A28x721p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A971720928854%3Ahid%3A251813899%3Az%3A0%3Ai%3A20230117121720%3Aet%3A1673957840%3Ac%3A1%3Arn%3A843725180%3Arqn%3A1%3Au%3A1673957840745750954%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A20%2C247%2C247%2C0%2C-4%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673957838604%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673957840%3At%3A%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81-%E5%88%9D%E6%81%8B%E4%B9%8B%E5%A4%9C&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Tue, 17 Jan 2023 12:17:20 GMT
access-control-allow-origin: http://av.co-vid.win
set-cookie: yabs-sid=235978391673957840; Path=/; SameSite=None; Secure
i=76rc+A/yoRmO3/0a49XIzQwNbchXhgzYRZsZPR1lJgRI1a7zelbXW3kODDyT8YXRmkRJajr6f4+sDmi5AjATC5+FF+c=; Expires=Fri, 14-Jan-2033 12:17:17 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7937649291673957840; Expires=Wed, 17-Jan-2024 12:17:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7937649291673957840; Expires=Wed, 17-Jan-2024 12:17:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705493840.yc.1673957840#1705493840.yrts.1673957840#1705493840.yrtsi.1673957840; Expires=Wed, 17-Jan-2024 12:17:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 17-Jan-2023 12:17:20 GMT
last-modified: Tue, 17-Jan-2023 12:17:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.appav.xyz/favicon.ico
188.114.96.1200 OK 0 B URL HTTP/2 www.appav.xyz/favicon.ico
IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: www.appav.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIQJts%2BfYdlLIlRptKzOqyiZv4Nlp0qHJMJOc97T1dEEnY5V8%2FNumtsw%2Bz7XXt1%2FXT5XZ6%2FFNrhPQ9z%2BsnGFaB2MiwQA0KyjNKBN8XLY%2FfmCcxHcjh5z2tv1at9uiGR%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af07105f240b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
appav.buzz/favicon.ico
172.67.174.82200 OK 0 B IP 172.67.174.82:0
GET /favicon.ico HTTP/1.1
Host: appav.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2268
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdEG3JLsZqDFBXcV1tHEsy9gdEA%2FHdNJcpVV2O5if6F1rVmIhbACH7A7WXEY1dUPL%2F%2FebZW1k0HmJKh%2FXCaiTXMWKSXxzhlEi6fkmZyiF%2BEWPRcSC31hfotwFLjl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af070d0a6db4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4kpornvideos.tv/favicon.ico
104.18.16.4200 OK 0 B URL HTTP/2 4kpornvideos.tv/favicon.ico
IP 104.18.16.4:0
GET /favicon.ico HTTP/1.1
Host: 4kpornvideos.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/x-icon
last-modified: Mon, 05 Dec 2022 11:47:34 GMT
etag: W/"638dda56-47e"
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0710c828b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://hanyunb.com/vodplay/523953.shtml//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://hanyunb.com/vodplay/523953.shtml//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://hanyunb.com/vodplay/523953.shtml//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://hanyunb.com/vodplay/523953.shtml//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/df/4c/a4c037, lfm-1-568, lmd-568, lud-1922580, xfvlen-2466460, fsize-1301951, played-518
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://hanyunb.com/vodplay/523953.shtml//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://hanyunb.com/vodplay/523953.shtml//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 150860
last-modified: Sun, 15 Jan 2023 18:23:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bhkp3qSEXGQeB5McDGPHtcWgkf1%2Bx5cKIsQlMknnii%2F9%2B5dgXbuGNr5%2FbOnqyHqrnxwUDHBE%2BYITfq7hiwCFzE2MVHaLwJ4V4AHriNYdXQTw21WcQByJ4Sb8mVo1wIlbjVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af07170c5872ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jsjs.gazo.space/index.php?js=av4&advertisement&
172.64.99.28200 OK 0 B URL HTTP/2 jsjs.gazo.space/index.php?js=av4&advertisement&
IP 172.64.99.28:0
GET /index.php?js=av4&advertisement& HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsjsgazospacmh--GB-rm2400cb003771024ac465a9c/index.php?js=av4&advertisement&
55nloadrate: 0.44875
cache-control: public, max-age=7200, s-max-age=1800
vary: Accept-Encoding
cf-cache-status: HIT
age: 1569
last-modified: Tue, 17 Jan 2023 11:51:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5C41ocj6aGYtJnyxFoBljOFTQNY%2FYJ5JCfxoAcJjNSr7lt7i8HR4GlNSqaY4rMit8ZipTlgGZFjdwy7k42OOmSV4Xzx7bXtHzkEG7adtnfwp6uvbpeoxfAnolC50KsFvjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af06f0cb4e72f1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
188.114.96.1200 OK 0 B URL HTTP/2 cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
IP 188.114.96.1:0
GET /videojs-hotkeys/latest/videojs.hotkeys.min.js HTTP/1.1
Host: cdn.sc.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:20 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 02:39:12 GMT
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 6642
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtpasIhdNV7c6o0WhKUoXigMxmfqIOemk2NdObqf6kovAYnmTTeQm%2FVowFVtinTp8f0efNqTyHag2IX5jPDGFK0oGRNcyoY%2FBy358UuQJIrtY8PFOe5TI6SayYQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af06f6ab7eb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nztyy.live/favicon.ico
188.114.96.1200 OK 0 B IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: nztyy.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: text/html;charset=UTF-8
cache-control: max-age=14400
cf-cache-status: HIT
age: 6255
last-modified: Tue, 17 Jan 2023 10:33:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcxyaG3cFSOWyRIyvzyXPcd4R0ReGijZ9R11grMLd48lWCG%2BPOhrXoUJ3LV8cXA2Mj1nGHFnwYfxfvR9c%2B2l%2FcFeiAAK4oIRKY0Gm5e%2FEBW0%2BjmkGzcYLMIY8lI4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af070e8a1cb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://twitter.com/v75103042/status/1111509483082022912/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://twitter.com/v75103042/status/1111509483082022912/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://twitter.com/v75103042/status/1111509483082022912/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://twitter.com/v75103042/status/1111509483082022912/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/9c/e4/f0f152, lfm-1-42773, lmd-42773, lud-268416, xfvlen-2179492, fsize-1125592, played-468
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://twitter.com/v75103042/status/1111509483082022912/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://twitter.com/v75103042/status/1111509483082022912/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 427755
last-modified: Thu, 12 Jan 2023 13:28:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGKjeMwRc%2F6xlE9k9uC6SWcSy6OHab1RxmZFvhdbGXGroj8bLGmmji6VcJvr0rIldMZWjiWECXKQCD62iT%2BKOP%2B7nooHr3zKcwOAm3CS65sd4PeINxheUKDyFlwfLZR12%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af0716ec2172ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.66se15.com/video/?150281-0-0.html/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.66se15.com/video/?150281-0-0.html/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.66se15.com/video/?150281-0-0.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.66se15.com/video/?150281-0-0.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/0f/e5/23d341, lfm-1-78, lmd-79, lud-1781320, xfvlen-2287992, fsize-1045433, played-697
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.66se15.com/video/?150281-0-0.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.66se15.com/video/?150281-0-0.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 178646
last-modified: Sun, 15 Jan 2023 10:39:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EPCJ8ZVl4joIHt37PHqMk2qXMotk7dGDv2TGA4As2SH0OR%2BTgWVjSbhzIFO9PrXOlDu5k0Bg0oVeFjOC2k96X9MxYE0ntNFaf%2BOCTT%2F2B9JWN7BsTwlnYnFM7jBItCm6BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af07172c8b72ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.chuliany.xyz/videos/13246/dbae368bf47cab7fc01af550316d59c2//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.chuliany.xyz/videos/13246/dbae368bf47cab7fc01af550316d59c2//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.chuliany.xyz/videos/13246/dbae368bf47cab7fc01af550316d59c2//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.chuliany.xyz/videos/13246/dbae368bf47cab7fc01af550316d59c2//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/40/9d/405967, lfm-1-277, lmd-277, lud-107039, xfvlen-1998524, fsize-978143, played-2385
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: MISS
xkey-5950: rz./v/s://www.chuliany.xyz/videos/13246/dbae368bf47cab7fc01af550316d59c2//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.chuliany.xyz/videos/13246/dbae368bf47cab7fc01af550316d59c2//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 399354
last-modified: Thu, 12 Jan 2023 21:21:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azGlzpTkuBh9xC%2B3cdjhzgqZEbote9CZp%2BnPlzFUwH6G9tfNDELxGlA6m%2BGezwoSvP9W1f5k9K2xFlcY%2FuDHgNvlpxevqXcqEg%2BssBi0mh%2Bg%2B11s5fLdmiSlRNUCVvZihX4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af0716dbf972ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.heavy-r.com/favicon.ico
104.22.5.193200 OK 0 B URL HTTP/2 www.heavy-r.com/favicon.ico
IP 104.22.5.193:0
GET /favicon.ico HTTP/1.1
Host: www.heavy-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/vnd.microsoft.icon
etag: W/"4080963554"
last-modified: Mon, 11 Dec 2017 19:49:52 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1235
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0710cd8b0b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
xn--pro-9i9dx89g.com/favicon.ico
172.67.150.87403 Forbidden 0 B URL HTTP/2 xn--pro-9i9dx89g.com/favicon.ico
IP 172.67.150.87:0
GET /favicon.ico HTTP/1.1
Host: xn--pro-9i9dx89g.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaMuGdB5dpjYs%2FvARyfWXwC4LisW7xFJg%2FrMiI24rhNsw18D9vEMH5ctGSlW6qdFuWHC%2Bwt936DpiFz1Wy%2Fv7AE9SJ5yghyKWRiSUhS9VTYIzz1BNYjpyS9uqY9PSWdy1Wkt7dEUww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78af07104b4cb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.chuliany.xyz/videos/25352/dc4766bd493743478e3f936958f2d3ad//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.chuliany.xyz/videos/25352/dc4766bd493743478e3f936958f2d3ad//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.chuliany.xyz/videos/25352/dc4766bd493743478e3f936958f2d3ad//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.chuliany.xyz/videos/25352/dc4766bd493743478e3f936958f2d3ad//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo4/18/fd/cb, lfm-8-1430, lmd-1430, lud-1430, xfvlen-112127, fsize-279515, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.chuliany.xyz/videos/25352/dc4766bd493743478e3f936958f2d3ad//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.chuliany.xyz/videos/25352/dc4766bd493743478e3f936958f2d3ad//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 161961
last-modified: Sun, 15 Jan 2023 15:18:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YSAOiQmxIgKPPOXrpbT4Ea3pX6aDuzTm6JD6eWBvTdYrRCc%2BN2MlPGyBuc450qlp2GmF6%2Fxg4KJ36%2BlWU4eYdYGGgO8ha2Jz%2BjsXicjY4LuB5REU2ThZoVr7kauCO%2Fbd60%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af0716fc5272ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
69dv.com/favicon.ico
172.67.180.19200 OK 0 B IP 172.67.180.19:0
GET /favicon.ico HTTP/1.1
Host: 69dv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: image/x-icon
last-modified: Wed, 28 Mar 2018 12:44:39 GMT
etag: W/"5abb8e37-311a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZgDkT2zkamMz0a8br%2BBroTbKGLaLcEafvb4jmsExdyc18WUYxHqpLq5NOkThzdlk5%2FgZcUaCYJzYIseXFInsHXu9V0f2vdCHVdYKoGSdpqu2wJSlHVuOUQeEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af070e2e410b61-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.chuliany.xyz/videos/13303/7326ebc8757429357b95d6eaa59d4aa2///title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.chuliany.xyz/videos/13303/7326ebc8757429357b95d6eaa59d4aa2///title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://www.chuliany.xyz/videos/13303/7326ebc8757429357b95d6eaa59d4aa2///title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.chuliany.xyz/videos/13303/7326ebc8757429357b95d6eaa59d4aa2///title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo4/1a/bc/49, lfm-4-93, lmd-93, lud-93, xfvlen-312, fsize-40441, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.chuliany.xyz/videos/13303/7326ebc8757429357b95d6eaa59d4aa2///title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.chuliany.xyz/videos/13303/7326ebc8757429357b95d6eaa59d4aa2///title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 397937
last-modified: Thu, 12 Jan 2023 21:45:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJ032jSqfcfiUBlSd8bG2UaXgUHSUuI7vKVgekDwXxjWu04wofGdCLyG0OsguHd6HL7xDb3eS6Ve6tjnyjkdwjRnqTsJP%2B5X4X428MjrnMLGT6aHyVy9fY%2FfXPH2L9pU2sA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af0716dbff72ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://027678.com/vodplay/34059.shtml/title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://027678.com/vodplay/34059.shtml/title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://027678.com/vodplay/34059.shtml/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://027678.com/vodplay/34059.shtml/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/c8/af/b0fa34, lfm-1-1014, lmd-1014, lud-1908812, xfvlen-1798746, fsize-758816, played-748
cache-control: public, max-age=720000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://027678.com/vodplay/34059.shtml/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://027678.com/vodplay/34059.shtml/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 679315
last-modified: Mon, 09 Jan 2023 15:35:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZKeorIVYj91QiCkS%2BvLbTWqX7fIY559eyJArO81ypkQv1rbie2LREsOf0vAqafAzbxfxkcw6pcmZlSQqDyQ7viJj4ssYqX3UJqq%2B9o9DuQBADg0O0%2FbIaPEAIulbkWmL04%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af07171c7372ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pornking.fun/hd/
104.167.223.182200 OK 0 B IP 104.167.223.182:0
ASN #399045 DEDIOUTLET-NETWORKS
GET /hd/ HTTP/1.1
Host: pornking.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://av.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=604800
expires: Tue, 24 Jan 2023 12:17:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
aipaw2.xyz/favicon.ico
104.21.61.78301 Moved Permanently 0 B IP 104.21.61.78:0
GET /favicon.ico HTTP/1.1
Host: aipaw2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 17 Jan 2023 12:17:24 GMT
location: http://18j.tv
cache-control: max-age=3600
expires: Tue, 17 Jan 2023 13:17:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVc3LDhNKlFmNqIZw0J%2F6fIo7lggo4qjFN9ZcHJuzbPqAcYRQ1U93c7cIGbSIEt0nexVHua1Z38zk8boMG5Ppc3UMzqW9D2sFqSv9A%2BH0YPKwS3u3xNlWjwT%2FWJY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af07105be0b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xvideosporno.blog.br/favicon.ico
104.26.11.106200 OK 0 B URL HTTP/2 xvideosporno.blog.br/favicon.ico
IP 104.26.11.106:0
GET /favicon.ico HTTP/1.1
Host: xvideosporno.blog.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:23 GMT
content-type: image/x-icon
last-modified: Thu, 20 Feb 2020 07:14:14 GMT
vary: Accept-Encoding
etag: W/"5e4e31c6-25be"
age: 3373
x-cache: MISS
x-cache-hits: 0
cache-control: max-age=432000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usAczk1rCdFjKQ%2B6qUpSBNpsPtVZxyfkr%2B42HeSrsAc1kLA4vTrRcjSVhw9seJc1pm4k6Y%2FxJvGjAsw0Kg%2BJBA%2BxHXl1lOcg66x%2BoiFyY8xu9%2FCTF9HRvLtTeT4qPzaArABzZCPt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af070cab52fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
hentaiprn.com/favicon.ico
188.114.96.1302 Found 0 B URL HTTP/2 hentaiprn.com/favicon.ico
IP 188.114.96.1:0
GET /favicon.ico HTTP/1.1
Host: hentaiprn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 17 Jan 2023 12:17:24 GMT
content-type: text/html; charset=UTF-8
location: https://hentaiprn.com/wp-content/uploads/2021/07/favicon-32x32-1.png
cf-edge-cache: cache, platform=WordPress
link: <https://hentaiprn.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2yheoNCC2Cjg4x3jMpTBe2Vb4iG%2F03OBnjYPfsOex2CSSeMAdjQlnRAjbNxNpjY1GWdW2bKOgf80GM%2B007%2B0PakUAMsOKmsjre6tiBW996b86fuZZ50T0XuvHhlkAhH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78af0710ce4bb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://cinepornogratis.com/video/info-%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81%E7%AC%AC1%E9%9B%86%E5%85%8D//title/myhash/3
172.64.128.21200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://cinepornogratis.com/video/info-%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81%E7%AC%AC1%E9%9B%86%E5%85%8D//title/myhash/3
IP 172.64.128.21:0
Analyzer Verdict Alert fortinet Phishing
GET /v/s://cinepornogratis.com/video/info-%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81%E7%AC%AC1%E9%9B%86%E5%85%8D//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.co-vid.win
Connection: keep-alive
Referer: http://av.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 12:17:25 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://cinepornogratis.com/video/info-%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81%E7%AC%AC1%E9%9B%86%E5%85%8D//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/c2/59/693e100, lfm-1-498, lmd-498, lud-555778, xfvlen-2139640, fsize-523724, played-144
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://cinepornogratis.com/video/info-%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81%E7%AC%AC1%E9%9B%86%E5%85%8D//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://cinepornogratis.com/video/info-%E3%80%90%E6%AF%8D%E5%AD%90%E4%B9%B1%E4%BC%A6%E3%80%91%E6%B7%AB%E4%B9%B1%E6%AF%8D%E4%BA%B2%E5%BC%BA%E5%8D%A0%E5%84%BF%E5%AD%90%E5%A4%84%E5%AD%90%E8%BA%AB%EF%BC%81%E7%AC%AC1%E9%9B%86%E5%85%8D//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 1842352
last-modified: Tue, 27 Dec 2022 04:31:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dwuuyRdoUOo9%2FJYpwruTB9hjhfBXiCul56nds%2Bziy6Cy65ytz5bERbIZTinhoM2kb3lJ7Q5GNuWoZLvZ5ELHhALql%2BQTd4oPE5xzeIEK6vVLplK1IYfGlk98VZDIcknJeg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78af0716dc0472ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2