www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/
200 OK 16 kB URL HTTP/1.1 www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7586)
Hash 109bcf2d001bddd73af36ef9daf275c8
da49f3344b87fa2f6da77f19cb840c25d11a50b6
0595b3561aa4c3d55c8f04e95332a46edd7cfbfe007aa5b0ce1ecb8889ddaf7b
GET /videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/ HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 10:43:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=9rc9bgbj175u1ecp6jnunaoc59; path=/; domain=.videojav.com; SameSite=Lax
second_643539=true; expires=Sat, 04-Feb-2023 10:52:43 GMT; Max-Age=0; path=/
kt_qparams=id%3D32667579%26dir%3Db3ab2f49e889e1dc340aaf3097b75d39; expires=Sun, 05-Feb-2023 10:52:44 GMT; Max-Age=86400; path=/; domain=.videojav.com; SameSite=Lax
kt_ips=91.90.42.154; expires=Sun, 05-Feb-2023 10:52:44 GMT; Max-Age=86400; path=/; domain=.videojav.com; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CImgbIlQXQ5OiQ8WxT%2FN%2BD5UIxJ7Xz1FL1UFAUfk9WMP5KDcEQ4C8AMMnJH7Hxp4LpdEsDsc7QxdqQwJbAEIpBEi6Nfyl9tyED5Zuw5nvwJSkFkn6Zd72bg5ERYqRfGAvKsD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7942ceebda60b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13247
Expires: Sat, 04 Feb 2023 14:24:44 GMT
Date: Sat, 04 Feb 2023 10:43:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13720
Expires: Sat, 04 Feb 2023 14:32:37 GMT
Date: Sat, 04 Feb 2023 10:43:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12252
Expires: Sat, 04 Feb 2023 14:08:09 GMT
Date: Sat, 04 Feb 2023 10:43:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 10:43:37 GMT
content-type: application/json
age: 20
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +ZXZ8UkSozkefTGNqxdB3etScbKZmKcBBCUrjOL79oVKQCaMIOQ8oRkQepZ0rykD3El38rXQfiA=
x-amz-request-id: 6P1HVP5MBTBTCT41
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 09:52:47 GMT
age: 3070
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 10:43:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.videojav.com/vpaid/videojs_5.vast.vpaid.min.js?v=1.2
200 OK 32 kB URL HTTP/1.1 www.videojav.com/vpaid/videojs_5.vast.vpaid.min.js?v=1.2
IP
File type ASCII text, with very long lines (32057)
Hash 560633af767972e3920012cbf83c148b
7f4848825c8237cdac326b8ee74ef20fe1531c83
cc2f218efee95ea1599ff2c3879cc93bcf23e974210aef7f56694fa83861e9fa
GET /vpaid/videojs_5.vast.vpaid.min.js?v=1.2 HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/
Cookie: PHPSESSID=9rc9bgbj175u1ecp6jnunaoc59; kt_qparams=id%3D32667579%26dir%3Db3ab2f49e889e1dc340aaf3097b75d39; kt_ips=91.90.42.154
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 10:43:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Apr 2020 08:50:06 GMT
Vary: Accept-Encoding
ETag: W/"5ea69cbe-19ebe"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 11813875
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLV48TUbaKjJuSdoYwnhpph%2BlcdytfOLRzhNHmQXoatvs5%2B8W3WS71T%2BnAFRSu1s2sq3LauKOn3uZ1tYDF2QlSs80gpueSh7hxr3Nz46fJBbSqgFkWOLsSGjl%2FxTJaneNCVv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7942ceee7d4bb505-OSL
alt-svc: h2=":443"; ma=60
www.videojav.com/vpaid/videojs.vast.vpaid.min.css
200 OK 773 B URL HTTP/1.1 www.videojav.com/vpaid/videojs.vast.vpaid.min.css
IP
File type ASCII text, with very long lines (1935)
Hash 6845152df80dd7d9aeb046f4e4a31772
5cd1f9eb1e2d19f7b0f46ccecf12d658a62ad324
937976cc423649a6506d474e36ee37a9c6dae07ec617296369f106a32159813e
GET /vpaid/videojs.vast.vpaid.min.css HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/
Cookie: PHPSESSID=9rc9bgbj175u1ecp6jnunaoc59; kt_qparams=id%3D32667579%26dir%3Db3ab2f49e889e1dc340aaf3097b75d39; kt_ips=91.90.42.154
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 10:43:57 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Apr 2020 08:50:06 GMT
Vary: Accept-Encoding
ETag: W/"5ea69cbe-7c7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 14936060
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0n9jXyAG9%2FXDkIWqHwh%2FsSE9Hm1uRYSr6LTrsm0PWU33DL4F41%2BDhEVO6S55qqEoBNWE6SEvrHtljTp%2BOJ9EG73Kfmdd6P7odNpA9eDb6A3nD6l1XNoiiBWbUD%2B1ODxRipTq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7942ceeeba8ab517-OSL
alt-svc: h2=":443"; ma=60
hegdcrxavrtk.cdnvideo3.com/XEXvawa.js
200 OK 84 kB URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/XEXvawa.js
IP
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Hash 8cf8af2a886fef7c1658dd2cf9ba0441
e79b96c39cf9ffa5370f02ed12d43e18f9e17e7f
7a96917bed9a5b151a94dabe65d451a714053f6bc313b48bac535b96bb3eed72
GET /XEXvawa.js HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 11:45:01 GMT
ETag: W/"63dba23d-47ec6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Vary: Accept-Encoding, Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 3a4d5aad46ae3a82da414d69565389aa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: _wxgcqM3pUR7BJMiy7jxaBIoI7SIGZrKyqf-i8YZIpwaax6-gAY5Zw==
Age: 144
Content-Encoding: gzip
hegdcrxavrtk.cdnvideo3.com/8sq5gA5.js
200 OK 52 kB URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/8sq5gA5.js
IP
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65472), with no line terminators
Hash 4b5b61e0860975731f4e96c1bc4edffa
3162851aac08bb174dd954d3314f58f76dafec4c
2baf6123217cb85eea50bd1844bbba4bfe0712834919569871ea78f138df2b84
GET /8sq5gA5.js HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 11:45:01 GMT
ETag: W/"63dba23d-2a581"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Vary: Accept-Encoding, Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 990c1aa70667fe4e8f93d88ac8400fc4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: Ek6UgNfuohJEdD8FpCc2lxiYjWT3ahdh_TSWLB6BxXJGhVRHtnpIWg==
Age: 206
Content-Encoding: gzip
hegdcrxavrtk.cdnvideo3.com/HKrbJwa.js
200 OK 0 B URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/HKrbJwa.js
IP
ASN #24940 Hetzner Online GmbH
GET /HKrbJwa.js HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 11:45:01 GMT
ETag: W/"63dba23d-47ec6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Vary: Accept-Encoding, Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 3a4d5aad46ae3a82da414d69565389aa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: _wxgcqM3pUR7BJMiy7jxaBIoI7SIGZrKyqf-i8YZIpwaax6-gAY5Zw==
Age: 144
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 278 B IP
Hash d37675bb1e8089529f27c610e8657397
3ea8e80d216d32067084fa7358ec217f94e516ee
7e94d232f2bdaaa0ad33ec4736796d0143ec27b6fe7288e351b7ee9984a994b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1437
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:57 GMT
Last-Modified: Sat, 04 Feb 2023 10:20:00 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash d37675bb1e8089529f27c610e8657397
3ea8e80d216d32067084fa7358ec217f94e516ee
7e94d232f2bdaaa0ad33ec4736796d0143ec27b6fe7288e351b7ee9984a994b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1759
Cache-Control: max-age=98909
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Etag: "63dd0f6c-116"
Expires: Sun, 05 Feb 2023 14:12:27 GMT
Last-Modified: Fri, 03 Feb 2023 13:43:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash d37675bb1e8089529f27c610e8657397
3ea8e80d216d32067084fa7358ec217f94e516ee
7e94d232f2bdaaa0ad33ec4736796d0143ec27b6fe7288e351b7ee9984a994b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1438
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Last-Modified: Sat, 04 Feb 2023 10:20:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js
200 OK 1.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js
IP
Hash 25262966b8186937356da73b4437077e
119334d19971c98dbb41ed0a074df6f9ee76414c
550053ac2111a284edfc27b8c6ed672dea9d9ae72e389e555620e1ab53e3fd78
GET /ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 1675
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04020-18dd"
last-modified: Mon, 04 May 2020 16:17:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14143977
expires: Thu, 25 Jan 2024 10:43:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Fm%2F%2B9o%2BXnVljjwmCcyQe870%2BIxEtzoogXcR%2BH2tC3VXJDFIif0%2FG4xZZC0DsE8kzhoD1JXVl%2B%2B%2FmSA0F%2F6W6H6vfaF8tmVrahrxy7ejJmbwFooVS5MFTcsalys%2FNq3scN0IcDPU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7942ceefc86ffac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css
200 OK 256 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css
IP
Hash 098110bd3ec60e725e6ac659dec292f3
2079d41c25bec276e4dcd4dcbc3c2cdd5c8cad25
13a4726b6560cb70580a6535e9b165bf3c0a447ea054c844043668d1e2ef5e6e
GET /ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: text/css; charset=utf-8
content-length: 256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04020-36a"
last-modified: Mon, 04 May 2020 16:17:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 733689
expires: Thu, 25 Jan 2024 10:43:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4CHTfRhy9vQXpKKGdgyoH6kLjlyKfOzQ6Ei2YGdg5fu%2F2EQODiLaq1PhgbSZMc69xmn9BBE8G6MSTQMCN2fjqg06JuE8IViXOjUcGJhsoRBvhe7Zua7kEaTpKY15Mtnkogk6DRm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7942ceefd87bfac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1nubxdgom3wqt.cloudfront.net/?xbund=958521
200 OK 54 kB URL HTTP/1.1 d1nubxdgom3wqt.cloudfront.net/?xbund=958521
IP
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash 8099c94c4f5ba0a86b361b1f4a37c04b
d28ef1991f29752a7f57fc0d8d322a38b74e0dd1
cb448943e89ea99963af36740c791c4aa8a3d1acbaadc804d6cd6a5cdb818ce7
GET /?xbund=958521 HTTP/1.1
Host: d1nubxdgom3wqt.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Content-Length: 54054
Connection: keep-alive
Date: Sat, 04 Feb 2023 10:43:58 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mpQST3nHY77xS9OzzFwQGIjhRdzG1RRhFnjTAskmFmU_KfyyukoCBA==
cdn.jsdelivr.net/npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css
200 OK 373 B URL HTTP/2 cdn.jsdelivr.net/npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css
IP
File type ASCII text, with very long lines (449)
Hash 713a835376f717af04161e5edb84afd5
c98e5c3b2ed59274a3a53d4c0f5e77a826c7c64a
df0337185e5b8cec5027e548fd4d3b7230ffb0f9783ba4cd2dd72058a3ec2c86
GET /npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.1.2
x-jsd-version-type: version
etag: W/"299-rLWKZXMtTX2vbGY6rnhXUEYaKx8"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 10:43:58 GMT
age: 5629837
x-served-by: cache-fra-eddf8230050-FRA, cache-bma1683-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 373
X-Firefox-Spdy: h2
vjs.zencdn.net/7.5.5/video-js.css
200 OK 10 kB URL HTTP/2 vjs.zencdn.net/7.5.5/video-js.css
IP
File type ASCII text, with very long lines (5636)
Hash 63ef1aa5ef8f1bb4fcb8019a9ad157cd
9cbb2b320cce447d40e3af5118042587263158d5
d5b5c765198056aece9fbee1b43a9873a8a6e0fe6a954f48d001bc030e106146
GET /7.5.5/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 13 Jun 2019 18:18:21 GMT
etag: "29daa9b197765c0111b16939ce1264a9"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Sat, 04 Feb 2023 10:43:58 GMT
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 2488
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10533
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
200 OK 1.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
IP
File type ASCII text, with very long lines (1619)
Hash 0216b1edd2fa7ad9cfa258108fd95af4
39c12f744959428d391ab0593dcc69295e63fd18
ae34cfdf4075a9766062b578ca857f1b10e53ea9979d87769b37bc388daf1138
GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.2.1
x-jsd-version-type: version
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 10:43:58 GMT
age: 15590
x-served-by: cache-fra-eddf8230059-FRA, cache-bma1683-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1062
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 268130f091b44d74f9c6481ac8eb0098
3a53c546063a5c3d9cddcff5e5857d0607570a62
e82485399b3d0d2f353f385b83d4cd590aabdfa170d4a1399cacdbd29db57e5e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 994
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Last-Modified: Sat, 04 Feb 2023 10:27:24 GMT
Server: ECS (amb/6B8A)
X-Cache: HIT
Content-Length: 279
vjs.zencdn.net/7.5.5/video.js
200 OK 425 kB URL HTTP/2 vjs.zencdn.net/7.5.5/video.js
IP
File type ASCII text, with very long lines (320)
Size 425 kB (425400 bytes)
Hash 27d95d95415e0e0c9998b88556837a98
be3f6b4f9eabec23d020293080c0398ddeb1b282
acebe3bf6d9fea91719845f6e0ab65ca822188593d68c478276df7d18390498a
GET /7.5.5/video.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 13 Jun 2019 18:18:22 GMT
etag: "865887bf5b49dc505cb0268884734c12"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Sat, 04 Feb 2023 10:43:58 GMT
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 425400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 268130f091b44d74f9c6481ac8eb0098
3a53c546063a5c3d9cddcff5e5857d0607570a62
e82485399b3d0d2f353f385b83d4cd590aabdfa170d4a1399cacdbd29db57e5e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1759
Cache-Control: max-age=98909
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Etag: "63dd0f6c-116"
Expires: Sun, 05 Feb 2023 14:12:27 GMT
Last-Modified: Fri, 03 Feb 2023 13:43:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash d37675bb1e8089529f27c610e8657397
3ea8e80d216d32067084fa7358ec217f94e516ee
7e94d232f2bdaaa0ad33ec4736796d0143ec27b6fe7288e351b7ee9984a994b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Etag: "63dd0f6c-116"
Server: ECS (amb/6BC5)
Content-Length: 278
staggeredravehospitality.com/81/75/7d/81757de1aae7e6aa130b463b81c6956d.js
200 OK 21 kB URL HTTP/1.1 staggeredravehospitality.com/81/75/7d/81757de1aae7e6aa130b463b81c6956d.js
IP
File type HTML document, ASCII text, with very long lines (60181), with no line terminators
Hash 9cb6072f695f5bd953b50c30d2420464
6629a8f6a2cb850b07c9f1a116926c603d1fda3e
02739ba5b0a6ebc863397e9830f6d093651cf6ec8bd25f2e4f5edfdedeccd4e0
Analyzer Verdict Alert quad9 Sinkholed
GET /81/75/7d/81757de1aae7e6aa130b463b81c6956d.js HTTP/1.1
Host: staggeredravehospitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 10:43:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6da4a3dd63b99ff5488dc9f2c0ba7539
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 10:07:19 GMT
age: 2199
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
hegdcrxavrtk.cdnvideo3.com/api/spots/329627?p=1&s1=%subid1%&kw=
200 OK 3.5 kB URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/spots/329627?p=1&s1=%subid1%&kw=
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash c0aae96b103e6bf11335bb5460edab7b
b7e0cfd832ef847e4bb524c78952c278561688cd
219a760714f146d872bf307aa01ec76479b71fd38a79d8a5fcc6403d92059a72
GET /api/spots/329627?p=1&s1=%subid1%&kw= HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=geF8f7LIVNaRS8QQ9JGh; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
deavynuotbrohw.xyz/popunder.gif
301 Moved Permanently 0 B URL HTTP/1.1 deavynuotbrohw.xyz/popunder.gif
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /popunder.gif HTTP/1.1
Host: deavynuotbrohw.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 10:43:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Feb 2023 11:43:58 GMT
Location: https://deavynuotbrohw.xyz/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyfNErMmDzOyuIISNKa9bgqz8QNiv5U8I9NeqYz8%2F0B3SW0%2BCqHdZmWzvLxkaX%2FmCRx7w5wnLKQvuOZjE42xXeXpCf1%2FVB4nvGUQEjduL3KrhOsfKwaX%2BOEQUkwjhlmTXmhgDic%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7942cef288c3b500-OSL
alt-svc: h2=":443"; ma=60
www.videojav.com/css/plugins.css?v=1.2
200 OK 34 kB URL HTTP/2 www.videojav.com/css/plugins.css?v=1.2
IP
File type ASCII text, with very long lines (29529)
Hash adaa712763d34337c51c1e8b696fbca3
12c47dbe5007447e25aa5cb1620537e2810f7ee2
7ec809e6c71ace3a13ab026333caf23115be68eeac3cbc5c1724557cc5e65a8b
GET /css/plugins.css?v=1.2 HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: text/css
last-modified: Mon, 27 Apr 2020 09:02:47 GMT
vary: Accept-Encoding
etag: W/"5ea69fb7-c445"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 11128546
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIC%2FZKymhtGwLhmjD4QwFNfIvKpRsOYIbQWLdKlHuF6Gk%2Bj8itXk4cwPf772gqpr17ZKgQtZGF5RGdd%2F7rMjeYpV7qEQ0m6uLUQ6vxfKZ5GMSq1%2FvXsiFhxVPR%2FjHFGo5CLH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942ceefc92e0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 89a100ea773a6223d24ca5e2df477ef8
4d64028b8df107e2ee97314fd77c1508e1556d16
064ead0181ad64406bc6506f73730f522e9d4c35f1f304f3d6ca5e3ef4a342ab
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "064EAD0181AD64406BC6506F73730F522E9D4C35F1F304F3D6CA5E3EF4A342AB"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4661
Expires: Sat, 04 Feb 2023 12:01:39 GMT
Date: Sat, 04 Feb 2023 10:43:58 GMT
Connection: keep-alive
www.videojav.com/js/videojs.persistvolume.js?v=1.2
200 OK 1.7 kB URL HTTP/2 www.videojav.com/js/videojs.persistvolume.js?v=1.2
IP
Hash 9d74eaab3035b2a553d4a93c531df25e
1f3b018dd77a242caa688696866ebd217d1571d0
90a1f4840df9a7a89540ffcefa91c9b7531ba0933e2917ce337e221268d322d1
GET /js/videojs.persistvolume.js?v=1.2 HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Apr 2020 09:02:47 GMT
vary: Accept-Encoding
etag: W/"5ea69fb7-e5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 11813875
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3onuST2QXPHC434KbGJZ7zRLUbK1OQWSWKkF6cP%2BiNKAhGznK9Apb40RogoTHdWszbyi9xBQbSAnJpEber7UFMVYl0%2BRUF9aIltBZKxqUdIlhx6OAbC9v4Zk5W8cCA0AOjjR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942ceefe9430b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
syndication.exosrv.com/ads-iframe-display.php?idzone=3661159&type=300x250&p=http%3A//www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/&dt=1675507473637&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
200 OK 52 B URL HTTP/1.1 syndication.exosrv.com/ads-iframe-display.php?idzone=3661159&type=300x250&p=http%3A//www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/&dt=1675507473637&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document, ASCII text, with no line terminators
Hash c3743cf5e9e53705dc66056f1a34f6ec
740253d7fe753ab9b7d71e1832fd1af41c0677c1
c184a4ce5928e23f286176d3c76a8d5c12c67a8957554c92fb144b1cdd2fb17c
GET /ads-iframe-display.php?idzone=3661159&type=300x250&p=http%3A//www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/&dt=1675507473637&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22 HTTP/1.1
Host: syndication.exosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263de36ee837008.933466272295736318%22%3B%7D; expires=Mon, 03 Feb 2025 10:43:58 GMT; path=; domain=.exosrv.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
hegdcrxavrtk.cdnvideo3.com/api/spots/329629?p=1&s1=%subid1%&kw=
200 OK 3.5 kB URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/spots/329629?p=1&s1=%subid1%&kw=
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash 5c63f47b85574fd4089b45ea3d5f9386
75a7044d17c1b81bf97bf7e8c83a1c4454260841
59b12f2f57707d64e5ccc3059d3e61e4b794084e57e75ac6cfdef76e344c4787
GET /api/spots/329629?p=1&s1=%subid1%&kw= HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=hPVyNodZNmbb686XE69I; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
hegdcrxavrtk.cdnvideo3.com/api/spots/334568?p=1&s1=%subid1%&kw=
200 OK 3.7 kB URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/spots/334568?p=1&s1=%subid1%&kw=
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (1346)
Hash 5909a4ba9ce5bff7b7509779f19ecbd3
5dc78faa4f2db38eb3b079c2877a7f4d839c34a7
9dd3ad316c1a35ee37e5c3631b762ebad376a3f6b08ab0bd535e22f664be73ad
GET /api/spots/334568?p=1&s1=%subid1%&kw= HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=3x5O1c3RgRz2BbPeMpHW; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
a.exosrv.com/ads.js
200 OK 1.4 kB IP
ASN #60068 Datacamp Limited
Hash 284608ed6ee5699c13c0a991bf3f943f
a33a14506ebf2e9975d4fdc039b379aaa4b0f641
fe87657a88deafe5298bd195e3c971b221ba1a2dfff26f59f8ed664ba90f8f4e
GET /ads.js HTTP/1.1
Host: a.exosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: application/javascript
etag: W/"b60fdcc211f42a1f246a8c80b56"
expires: Thu, 02 Feb 2023 18:45:33 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1675514815
server: CDN77-Turbo
x-77-nzt: AblMCQ0H6Wb/Xw0AAA
x-77-nzt-ray: c0a4cc28be0199e0ee36de63104afa04
x-cache: HIT
x-age: 3423
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bonertraffic12.pro/sdk/push_web/?zid=4101
200 OK 32 kB URL HTTP/2 cdn.bonertraffic12.pro/sdk/push_web/?zid=4101
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 55baf1d28365e77dfa2fc57e4ac60acf
ea838c9f452387dbbabd68143ac846ef73f03f22
7feb580bf161d11f08051dece97c70f8320a64e9f0d1191fbb48b17c3a863b37
GET /sdk/push_web/?zid=4101 HTTP/1.1
Host: cdn.bonertraffic12.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: application/javascript
x-time: 1675507438
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUa1SJf2XUxWvSgEi2OoY2YZ49%2BDCpH7Kf7vq5zi49LTOZr%2FA7AofucFR2C2ehmL5vDz9ScoInV9bIEZSpJmLwW7vgRjpGaxIAer3Rh0N9%2BoqnlNyyG%2BHlgOxsvNMgKXPJjyhkhZAIwC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942cef07d23b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hegdcrxavrtk.cdnvideo3.com/api/spots/377395?v2=1&fill=0&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25&s2=%25subid2%25
200 OK 541 B URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/spots/377395?v2=1&fill=0&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25&s2=%25subid2%25
IP
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text
Hash eb1eadfd69afb9b751167abbecdd1001
94258124da422e789f2210c03a79b13989283e4f
a9b26fa8545a8e149ed9407c41b53108e5e17192d57244ef290bae56b238af0c
GET /api/spots/377395?v2=1&fill=0&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25&s2=%25subid2%25 HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:58 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.videojav.com
Access-Control-Expose-Headers: X-Asg-Config, X-t
Set-Cookie: nauid=Gl943IRBEEpoLTwHjTHU; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
X-T: 0
Cache-Control: private
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/NK8pNQwXpzI
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NK8pNQwXpzI
IP
Hash 7f3414a5325ee1ef24fa95b3a59f7256
bb8db75411bcf9f6ee64d2defebaafc41291ff89
c36ae8406b9e5ecdc9d0fe12d0b4db4ad5f84a7ce62816ce7d106c4c452534fb
POST /s/gts1p5/NK8pNQwXpzI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.videojav.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 336892
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.videojav.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 477718
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.videojav.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 10:26:49 GMT
expires: Sun, 04 Feb 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 1029
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 89a100ea773a6223d24ca5e2df477ef8
4d64028b8df107e2ee97314fd77c1508e1556d16
064ead0181ad64406bc6506f73730f522e9d4c35f1f304f3d6ca5e3ef4a342ab
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "064EAD0181AD64406BC6506F73730F522E9D4C35F1F304F3D6CA5E3EF4A342AB"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4661
Expires: Sat, 04 Feb 2023 12:01:39 GMT
Date: Sat, 04 Feb 2023 10:43:58 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hegdcrxavrtk.cdnvideo3.com/api/spots/320559?v2=1&fill=0&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25&s2=%25subid2%25
200 OK 522 B URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/spots/320559?v2=1&fill=0&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25&s2=%25subid2%25
IP
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text
Hash efc6084cff44025fadb3832e4a5c1a7d
02d3254d09a36a64ceb677119bab2d99272df18d
0edd5575472ea20a5559a5cbfda87d782498174cb014c04012c4eb83fb75bd1d
GET /api/spots/320559?v2=1&fill=0&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25&s2=%25subid2%25 HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:58 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.videojav.com
Access-Control-Expose-Headers: X-Asg-Config, X-t
Set-Cookie: nauid=EypgNFmtoiKw4beTcI0m; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
X-T: 0
Cache-Control: private
Content-Encoding: gzip
www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/?video_id=32667579&mode=async&action=js_stats&rand=1675507473951
200 OK 43 B URL HTTP/1.1 www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/?video_id=32667579&mode=async&action=js_stats&rand=1675507473951
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/?video_id=32667579&mode=async&action=js_stats&rand=1675507473951 HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/
Cookie: PHPSESSID=9rc9bgbj175u1ecp6jnunaoc59; kt_qparams=id%3D32667579%26dir%3Db3ab2f49e889e1dc340aaf3097b75d39; kt_ips=91.90.42.154; show_pops2=true2; ppu_show_on_81757de1aae7e6aa130b463b81c6956d=1; kt_tcookie=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 10:43:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: kt_is_visited=1; expires=Sun, 05-Feb-2023 10:52:46 GMT; Max-Age=86400; path=/; domain=.videojav.com; SameSite=Lax
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpsWIjp9iOEg3Et2j3TNjeFHyHQb7SzT6hYgF4iE6SZylZaos2VQc1flA%2F8ESfy3Dr3lLOOMJmETK0BJO5lZemJ93eNJQ%2FCRwZ4OlNt6%2BBaE9%2Fot31xhG%2FijKuVDdwLjGCuH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7942cef458f6b517-OSL
alt-svc: h2=":443"; ma=60
deavynuotbrohw.xyz/U2VMUlh8Wi8hZTALDhwWBycHABA8KA4XKBEDOxMcAFUoZBkSIGomMTdYdWdgZld9dCg6AXFjfiARLSYtIFh9dDE9AyNvfiVYfXxrZ0t/Y3ZhQzlvaXURPDM/blRqIiwnCXFjbmRQeWJvZ1J/ZGpm
204 No Content 0 B URL HTTP/2 deavynuotbrohw.xyz/U2VMUlh8Wi8hZTALDhwWBycHABA8KA4XKBEDOxMcAFUoZBkSIGomMTdYdWdgZld9dCg6AXFjfiARLSYtIFh9dDE9AyNvfiVYfXxrZ0t/Y3ZhQzlvaXURPDM/blRqIiwnCXFjbmRQeWJvZ1J/ZGpm
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /U2VMUlh8Wi8hZTALDhwWBycHABA8KA4XKBEDOxMcAFUoZBkSIGomMTdYdWdgZld9dCg6AXFjfiARLSYtIFh9dDE9AyNvfiVYfXxrZ0t/Y3ZhQzlvaXURPDM/blRqIiwnCXFjbmRQeWJvZ1J/ZGpm HTTP/1.1
Host: deavynuotbrohw.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 10:43:58 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAE1ZfVjf5RDKpymSz1TNvDBNxwfoGmn%2FjjQ%2Bg3Z%2FjelO3QDcX0QFPIAX8mzP0GjESBAYUl2hkDBRDvO5Q1knJLVlMG66Fd1Jl6WRoAm2SB5eW2bY68Z9TudxlGQuPwqaW6u8pA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942cef3f87bb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
arnofourgu.com/RXhNMVQkGi5cayRFLxchNxRwFGYDXX93MHZBe14nMAw0ByYjHS4fNykXOFUyNxcjRXorHTkUZgMrLFw4LjcIVh4HHz1UMD1MDHAVEwAVABIXOyNdGQQAKWkeLQgYfToMFgpwEQ0bOlI1CQEiVAQHOQNmBS0ND1YzDiB+ZxkBOT1TMBMMHXMCMgkbAGUGLAlWEgQUIWEYPRcddxEAFgpgMwMwJwEYEzkhaRkiNQtyEikMGnJtFz4jWQQSSRxgBDI1BXASJl1/dxMQABpyFxwdGXcNDB0bQRwTOnwGHwAAGnIQfTwPAB0IGhtaJhQpPQURKUEceQw2Fxl3eRwxAlksCC5+XWESFDV6FwI+HWZlFx4BYD8GOzUAYgk+OWQXHRAsZhIUMi9nPB85IXRiAQ91fQUCSRR9ZRAxK2QGHykmAGUSD2tbJyoWPQweDxc/WTcONz13Gg
200 OK 1.2 kB URL HTTP/1.1 arnofourgu.com/RXhNMVQkGi5cayRFLxchNxRwFGYDXX93MHZBe14nMAw0ByYjHS4fNykXOFUyNxcjRXorHTkUZgMrLFw4LjcIVh4HHz1UMD1MDHAVEwAVABIXOyNdGQQAKWkeLQgYfToMFgpwEQ0bOlI1CQEiVAQHOQNmBS0ND1YzDiB+ZxkBOT1TMBMMHXMCMgkbAGUGLAlWEgQUIWEYPRcddxEAFgpgMwMwJwEYEzkhaRkiNQtyEikMGnJtFz4jWQQSSRxgBDI1BXASJl1/dxMQABpyFxwdGXcNDB0bQRwTOnwGHwAAGnIQfTwPAB0IGhtaJhQpPQURKUEceQw2Fxl3eRwxAlksCC5+XWESFDV6FwI+HWZlFx4BYD8GOzUAYgk+OWQXHRAsZhIUMi9nPB85IXRiAQ91fQUCSRR9ZRAxK2QGHykmAGUSD2tbJyoWPQweDxc/WTcONz13Gg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3040), with no line terminators
Hash e468d52f186fd95e3763a473d74431c2
653f7b25a7b14aa706c5ab1202a5868d9583b113
eeab6eea486bd2ac283ee5328c257c2fa657cc5a321f6e7cf6455edc03dd7e98
GET /RXhNMVQkGi5cayRFLxchNxRwFGYDXX93MHZBe14nMAw0ByYjHS4fNykXOFUyNxcjRXorHTkUZgMrLFw4LjcIVh4HHz1UMD1MDHAVEwAVABIXOyNdGQQAKWkeLQgYfToMFgpwEQ0bOlI1CQEiVAQHOQNmBS0ND1YzDiB+ZxkBOT1TMBMMHXMCMgkbAGUGLAlWEgQUIWEYPRcddxEAFgpgMwMwJwEYEzkhaRkiNQtyEikMGnJtFz4jWQQSSRxgBDI1BXASJl1/dxMQABpyFxwdGXcNDB0bQRwTOnwGHwAAGnIQfTwPAB0IGhtaJhQpPQURKUEceQw2Fxl3eRwxAlksCC5+XWESFDV6FwI+HWZlFx4BYD8GOzUAYgk+OWQXHRAsZhIUMi9nPB85IXRiAQ91fQUCSRR9ZRAxK2QGHykmAGUSD2tbJyoWPQweDxc/WTcONz13Gg HTTP/1.1
Host: arnofourgu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1192
Connection: keep-alive
Date: Sat, 04 Feb 2023 10:43:58 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FXGCUXQGN7igx8hkiCYP7xu808kAiSNjdrkLx7bAcZQebdy7-dnilQ==
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 51587a23f66c8249b593bdd3bc316c26
a44589aa9cf9e0a703e280f130f13783a4dce154
9d3982efed953d409b9ff9e88be9f517be1f563d0569bc8f39ca9c75be104477
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101491
Date: Sat, 04 Feb 2023 10:43:58 GMT
Etag: "63dd0c95-1d7"
Expires: Sun, 05 Feb 2023 14:55:29 GMT
Last-Modified: Fri, 03 Feb 2023 13:31:01 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E-giaI_qoTggV7auBCUr87t39WEoz2Tvf4jFo1xMWTr2BpuslSfHDg==
Age: 5068
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UVECKrt7/0MkaWG+LeultA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AG28AKiszSAQR+iANH3dZXm2S6o=
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash ab939220fb0b173295fa86732d7d46f3
db6136825a49a3e0577370d816b9a44f4b92ea49
e8b02dd39f3d72702785741c4fedf356d2a6794fe5ec390a130cf97d415b6cdf
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.videojav.com
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.videojav.com
access-control-allow-credentials: true
set-cookie: uid_id2=9dfd63aa-21c5-4daa-87ca-70f19cf4b237:2:1; expires=Tue, 01 Feb 2033 10:43:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
hegdcrxavrtk.cdnvideo3.com/api/click/7989999071138737095?c=90
200 OK 0 B URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/click/7989999071138737095?c=90
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/7989999071138737095?c=90 HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/api/spots/329627?p=1&s1=%subid1%&kw=
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:58 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
hegdcrxavrtk.cdnvideo3.com/api/click/6863573098437409095?c=90
200 OK 0 B URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/click/6863573098437409095?c=90
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/6863573098437409095?c=90 HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/api/spots/329629?p=1&s1=%subid1%&kw=
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:58 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
ocsp.pki.goog/s/gts1p5/NK8pNQwXpzI
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NK8pNQwXpzI
IP
Hash 7f3414a5325ee1ef24fa95b3a59f7256
bb8db75411bcf9f6ee64d2defebaafc41291ff89
c36ae8406b9e5ecdc9d0fe12d0b4db4ad5f84a7ce62816ce7d106c4c452534fb
POST /s/gts1p5/NK8pNQwXpzI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eeca9de144128804a77f65ba394b3fa8
8739f1b6590264e9850d84a427c8b52f2ac16dd1
875ffe96979aad0ec29ff7feba6bf0134e8ae18a14b8b3d91436255ad39ae096
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "875FFE96979AAD0EC29FF7FEBA6BF0134E8AE18A14B8B3D91436255AD39AE096"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15925
Expires: Sat, 04 Feb 2023 15:09:24 GMT
Date: Sat, 04 Feb 2023 10:43:59 GMT
Connection: keep-alive
solitudearbitrary.com/pixel/purst?dl=0&th=0&sc=0&rs=1051&rd=1051&fd=708&bv=22.10.v.9&tmpl=70
200 OK 0 B URL HTTP/1.1 solitudearbitrary.com/pixel/purst?dl=0&th=0&sc=0&rs=1051&rd=1051&fd=708&bv=22.10.v.9&tmpl=70
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1051&rd=1051&fd=708&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: solitudearbitrary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
hegdcrxavrtk.cdnvideo3.com/api/spots/3205945564468527095/1635938?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt
200 OK 512 B URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/spots/3205945564468527095/1635938?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt
IP
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text
Hash e4ccc2e8d11dcded8f79d94d275afecc
bb4efd46fa792c5d9c24aa9007ee35d567e22240
d723620d4e55a9fc86e541f55b10780d3e88ae0490d1d729609df2c35a86a5db
GET /api/spots/3205945564468527095/1635938?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.videojav.com
Cache-Control: private
Content-Encoding: gzip
pogothere.xyz/
200 OK 729 B IP
File type ASCII text, with no line terminators
Hash 2126713db32d28590a18ec952d562bb4
64b9891d1ff266d375b217db3376c85c40d01d22
cbe6072d9aa1347a578e4705273d9a6b6d951e5238628257e1fe60ae4bfdd381
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: text/plain
set-cookie: csu=2251578486191104@1@1675507438; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://www.videojav.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8FOFGNpBVevJveX6B6apDi2PbmsCby%2BeQ43QWNU9pyUzDvRi9rxAyPwd1O8%2BqGXqu40%2B4bVQe0G2%2BV8l%2BTJfY7Ey8DB4fBanoaXR9zVwrVZanAK2ivGipqwOo7D7KUe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942cef318b9777a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hegdcrxavrtk.cdnvideo3.com/api/spots/3205945564468527095/1636043?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt
200 OK 516 B URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/spots/3205945564468527095/1636043?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt
IP
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text
Hash a0d4c994b0bb9e34cedd7492a21294b7
cf56998b1eb8b5e09c61f3dcc7fe3dea61a66a33
df77d7a316dc354a630641dad41c44cf7e7e8762727e981d50981feed43779c9
GET /api/spots/3205945564468527095/1636043?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.videojav.com
Cache-Control: private
Content-Encoding: gzip
syndication.realsrv.com/splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=http%3A%2F%2Fwww.videojav.com%2F
200 OK 4.6 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=http%3A%2F%2Fwww.videojav.com%2F
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (8740), with no line terminators
Hash 83bfc32fd97443759f28e0fe9321d933
728ec61539e8dbfc31eaa46313eb834344e433bd
d2c791baee213ad086c36fe0ce4d8ef92059ba055d815b0e65383d251eedeff7
GET /splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=http%3A%2F%2Fwww.videojav.com%2F HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hegdcrxavrtk.cdnvideo3.com
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://hegdcrxavrtk.cdnvideo3.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263de36ef0da9b2.20749808536665875%22%3B%7D; expires=Mon, 03 Feb 2025 10:43:59 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
impressions=oslmrxbrnxgxamrcraoxsgeicxbmsbcenxgxamrreosbbgeimmccrbebnxgxamcbexxbmgeioslmrxbmnxgxamrcaxocmgeicxbmsbocnxgxamrremcslgeimmccrlaonxgxamrcremlrgeimmccrlacnxgxamcmlarclgeicxbmsboenxgxamrscrmeogeioslmrxlrnxgxamslescrogeimmccrbxenxgxamrescroogeislsaroornxgxamccolacbgeioslmroemnxgxamrcremlrgeioslmrxlsnxgxamrremcslgeicmmsxrbonxgxamsoeamlmgeimmccrlaenxgxamrsxxxmrgeimmccrbeanxgxamcssabxegeicaocmrmanxgxamolcrcergeimcclsxronxgxamsscrmclgeimcclsxmenxgxamrceerargeialbserebnxgxamccrrssogeimcclsxaonxgxamsxsxllxgeicxbmsbxcnxgxamrcaxocmgeimrblxebenxgxamselmborgeimcclsxconxgxamrcraoxsgeirbabxabbnxgxamrescroogeimcclsxacnxgxamsscrmclgeicmmsxaeenxgxamcmrmsrmgeialbsereanxgxamsoeabscgeicaxsscmbnxgxamsosomemgeimcclosconxgxamrcremlrgeimcclsoeonxgxamrcraoxsgeimcclsxlcnxgxamrceerargeimcclossbnxgxamcscxaesgeimcclsxscnxgxamsmoooeegeimcclsxlenxgxamcbrorxbgeimaecseaenxgxamrcremlrgeimaecsxcbnxgxamsmoooeegeimcclsxoanxgxamclrbcelgeimcclsxlbnxgxamcrbalrageimccloscanxgxamrceerargeiclsmrbsonxgxamsmmrbmbgeiclsmarsenxgxamsmmrbmbgeiccmmllebnxgxamclarlmmgeimcclsxsbnxgxamrcremlrgeiclsmrbxonxgxamsbebceegeiclsmrbxcnxgxamsbebceegeiclsmarscnxgxamsbebceegeiccmmlmlcnxgxamsbebceegeiclsmarrenxgxamsbebceegeicaormbaonxgxamsbxxbsrgeicaormlrenxgxamcememscgeimcclsxlonxgxamcsmlmxcgeimrblelronxgxamsbremaegeimaecsxobnxgxamsbremaegeiclsmrbrcnxgxamsbroemmgeiclsmrraanxgxamclsslaegeiclsmrmxbnxgxamsbroemmgeimccloscenxgxamrcraoxsgeimcclsxxonxgxamslescrogeimrblelxbnxgxamslescrogeimcclsoeenxgxamclrbcelgeimrblelmonxgxamcxcrasxgeimrbleloenxgxamcxcrasxgeiclsmrrmanxgxamcxabcxbgeiclsmrbeonxgxamcxabcxbgeiclsmrrcenxgxamcxabcxbgeiclsmrmxanxgxamcxabcxbgeiclsmrbxenxgxamcxabcxbgeiclsmaroonxgxamcxabcxbgeialbserxenxgxamcosraregeimcclsxsenxgxamrcraoxsgeimcclsxlanxgxamcblrlbcgeiccmmlleanxgxamccrrssogeicaormlabnxgxamcrllsmageicaormlconxgxamcrllsmageiclsmarsonxgxamclsslaegeiclsmrmlbnxgxamclsslaegeiclsmrmocnxgxamclsslaegeiccmmllecnxgxamclsslaegeimcclsxcanxgxamrceerscgeimrblelcenxgxamclrbcelgeimaecsxrcnxgxamclrbcelgeialbserxonxgxamclarlmmgeimcclosscnxgxamrceerscgeimaecobronxgxamrescroogeimaecobeenxgxamrescroogeimcclosccnxgxamrescroogeimaecoboonxgxamrescroogeimrblxelenxgxamrescroogeimeembesonxgxamrcoxcmagxcceimxeemblenogxamrcoxcmagxcceimcssmlrensgxamrcoxcbegxcceimxeemleonogxamrcoxcbegxcceimblraeabnsgxamrcooeelgxcceimrmaobxanogxamrcooeelgxcceimxlbmxlcnogxamrcoscrlgxcceimaoolslanxgxamrcobllogxcceirarrrcaenxgxamrcceorxgxcceimexexabbnxgxamrccrbsogxcceimbscxmxanxgxamrccarblgxcceimxlbmosanogxamrccmecbgxcceicxmecmcanxgxamrccmecbgxcceimcssmlronsgxamrcresmegxcceimrbxmxmanxgxamrcremlrgxcceimaecsxccnxgxamrcremlrgeimocbmmmbnxgxamrcrxblmgxcceimocbmmacnxgxamrcrxblmgxcceimocbmmaanxgxamrcrxblmgxcceimrxccosanxgxamrcrolmegxcceimrxccosensgxamrcrolmegxcceimrxccoscnxgxamrcrolmegxcceimxlbmoconogxamrcraoxsgxcceimxeoxsacnsgxamrcraoxsgxcceimlxbaxlonxgxamrcraoxsgeimxlbalsbnxgxamrcrblsagxcceimlxbaxbanxgxamrcaxocmgeimxlbmxlenogxamrcaxocmgxcceimxlbalcenogxamrcaxocbgxcceimxlbmoobnxgxamrcaobasgxcceimrxccosonxgxamrcacbrlgxcceimxlbmoaonxgxamrcabersgxcceimlxasascnxgxamrcmoorsgxcceimxelmbranxgxamrcmoormgxcceimblelamenxgxamrcmoscagxcceimlxoblmonxgxamrcmoscagxcceialrexexbnxgxamrcmrbebgxcceimxlbmxbbnxgxamrcmacemgxcceimxlbmxlonogxamrcmacemgxcceimrbleaebnxgxamrcmmbacgxcceimaooblebnogxamrcbmccogxcceimbsblroancgxamrclresagcbeimxlbmoscnogxamrclresagxcceimboslabcnxgxamrclresagxcceimcssmlrcnsgxamrclresagxcceimblelamanxgxamrclresagxcceimbbcemoancgxamrclrcergxcceialaroxrcnxgxamrclaermgxcceimxeemblbnxgxamrclaeaegxcceialrexeoonxgxamrclamblgxcceimaoobbebnxgxamrclablagxcceimclsaoxbnsgxamrclablagxcceimlxmrlxonxgxamrrexelcgxcceimlxocxobnogxamrrexelcgxcceixaoosscrnxgxamrrexelcgxcceimxxerreonxgxamrreosbmgxcceimxlbmosonogxamrreosbbgxcceialbbebsanxgxamrreosbbgxcceimlxocxoonxgxamrreosblgxcceimbbcemobncgxamrreosblgxcceimaooloranxgxamrreoslxgxcceimeembescnxgxamrreoslogxcceicmarxbbonxgxamrreoslogxcceimxlbmosenxgxamrrecasxgxcceimlxbaxbonxgxamrremcslgeimsacexoonxgxamrremcslgxcce; expires=Sun, 05 Feb 2023 10:43:59 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4348472%7C23975193%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cfa14e04d6d24d7684c7d5bb08d862024%7C0%7Cvideojav.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sun, 05 Feb 2023 10:43:59 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4348472%7C41873824%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cfa14e04d6d24d7684c7d5bb08d862024%7C0%7Cvideojav.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sun, 05 Feb 2023 10:43:59 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4348472%7C79186182%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cfa14e04d6d24d7684c7d5bb08d862024%7C0%7Cvideojav.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sun, 05 Feb 2023 10:43:59 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4348472%7C73640122%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cfa14e04d6d24d7684c7d5bb08d862024%7C0%7Cvideojav.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sun, 05 Feb 2023 10:43:59 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4348472%7C71987192%7C100644%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cfa14e04d6d24d7684c7d5bb08d862024%7C0%7Cvideojav.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sun, 05 Feb 2023 10:43:59 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
d396osuty6rfec.cloudfront.net/SamlkOEgJBgpedx4AAAVxX1FRCnlMAxdXJhpULnInGAEHcwcaLyoePBANWQhuBggKX3VMDApbdVtPBVwqV11CTDgFAllPLxoPFEEnGQgFHj0LVAlXMgMFCFltWC9RFnhPW1QQPwMHAFc/GUxWCCYeTFYIeVpHVB17KExWCD8DB1IMbVkrQQp4El9QHXsoTF-YIOhxMV3l5WlxKCGFPW1RfLQkCCx16LFtUCXhaWFQJbVhZAlE6Dw8LQG1YL1UIfURZQk11Ww
200 OK 457 B URL HTTP/1.1 d396osuty6rfec.cloudfront.net/SamlkOEgJBgpedx4AAAVxX1FRCnlMAxdXJhpULnInGAEHcwcaLyoePBANWQhuBggKX3VMDApbdVtPBVwqV11CTDgFAllPLxoPFEEnGQgFHj0LVAlXMgMFCFltWC9RFnhPW1QQPwMHAFc/GUxWCCYeTFYIeVpHVB17KExWCD8DB1IMbVkrQQp4El9QHXsoTF-YIOhxMV3l5WlxKCGFPW1RfLQkCCx16LFtUCXhaWFQJbVhZAlE6Dw8LQG1YL1UIfURZQk11Ww
IP
File type ASCII text, with very long lines (647), with no line terminators
Hash b07a448ef241b142cb7cc833d9139e23
353dc10df74ea759c3b00d5e8dd73e3a0c5d7cb6
53e2cec3697b5d633e1af9d204ac921feaafa8e6848f329ece45b97230e4e477
GET /SamlkOEgJBgpedx4AAAVxX1FRCnlMAxdXJhpULnInGAEHcwcaLyoePBANWQhuBggKX3VMDApbdVtPBVwqV11CTDgFAllPLxoPFEEnGQgFHj0LVAlXMgMFCFltWC9RFnhPW1QQPwMHAFc/GUxWCCYeTFYIeVpHVB17KExWCD8DB1IMbVkrQQp4El9QHXsoTF-YIOhxMV3l5WlxKCGFPW1RfLQkCCx16LFtUCXhaWFQJbVhZAlE6Dw8LQG1YL1UIfURZQk11Ww HTTP/1.1
Host: d396osuty6rfec.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arnofourgu.com/
HTTP/1.1 200 OK
Content-Length: 457
Connection: keep-alive
Date: Sat, 04 Feb 2023 10:43:59 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: J57fUGpNQFtGEMpJiAjtS7TninOgpLk4BriJf6q_2UdF1qeHpVbndw==
syndication.realsrv.com/v1/api.php
200 OK 1.2 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1595), with no line terminators
Hash 865c1238e01fb5970c97abfc274a9a8c
07a4e6a564db2d6040b4797cf9ac8856301a48c8
e0467610270dda6046f3fbd7cd67e0fa12927947f5dc39c87fcfc74efd0a530a
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain
Content-Length: 334
Origin: http://hegdcrxavrtk.cdnvideo3.com
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://hegdcrxavrtk.cdnvideo3.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263de36ef08d582.570375461969049666%22%3B%7D; expires=Mon, 03-Feb-2025 10:43:59 GMT; Max-Age=63072000; path=/; domain=realsrv.com
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
solitudearbitrary.com/98/00/e5/9800e5fc6ff3aca35add05938f7ac2c8.js
200 OK 13 kB URL HTTP/1.1 solitudearbitrary.com/98/00/e5/9800e5fc6ff3aca35add05938f7ac2c8.js
IP
File type ASCII text, with very long lines (37128), with no line terminators
Hash bc515393a9f324c51fa85ca89edf5786
411f679a3a87bf7752b8a8299a5ac2e7fb303bd8
d564a7784c021e0828ce1e6bfa19f1bcf8003eeac9182564ffea35bf110b2ca4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /98/00/e5/9800e5fc6ff3aca35add05938f7ac2c8.js HTTP/1.1
Host: solitudearbitrary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 321fe59b559aae7bd7af83c191d87497
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
deavynuotbrohw.xyz/popunder.gif
200 OK 26 kB URL HTTP/2 deavynuotbrohw.xyz/popunder.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4c79132ae7a3db897b756bea9cccea93
a43ca654268074cf206f1c376c928142e71f9e6d
5c4150fe1a28d1a5b6adf8152aa3700be443f676c7d2c96f8fa0639e2ef5e090
Analyzer Verdict Alert quad9 Sinkholed
GET /popunder.gif HTTP/1.1
Host: deavynuotbrohw.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 38294
last-modified: Sat, 04 Feb 2023 00:05:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNCCFn8XNM73zm5c7i%2Fa5Az746rk9d6h04xqjoBGTD2Vibl5dZbqsktf9oZYMqHopxmWcAurmN1yk7IZSbUuDEo7AL0twGfioGQJkSie%2FNr6bouZF90BXgyvKdORr3%2FYspt5ABA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942cef4c989b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash ab939220fb0b173295fa86732d7d46f3
db6136825a49a3e0577370d816b9a44f4b92ea49
e8b02dd39f3d72702785741c4fedf356d2a6794fe5ec390a130cf97d415b6cdf
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.videojav.com
Connection: keep-alive
Referer: http://www.videojav.com/
Cookie: uid_id2=9dfd63aa-21c5-4daa-87ca-70f19cf4b237:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.videojav.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
rvmessages.top/feed/?zid=4101&v=2&h=27549197310000&ver=1&cnt=1
200 OK 661 B URL HTTP/2 rvmessages.top/feed/?zid=4101&v=2&h=27549197310000&ver=1&cnt=1
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (652)
Hash 2f6635d09d212ccf73ca5318aa49a061
425af7ca06a87169a9c122f39fd34934b69bab1d
79ec813652099cacd7a5b5dbe9e978b7e0e14322af071c8cf7795bb8b933cbba
GET /feed/?zid=4101&v=2&h=27549197310000&ver=1&cnt=1 HTTP/1.1
Host: rvmessages.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Origin: http://www.videojav.com
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: application/json
content-length: 661
set-cookie: _trd_=9eac22b5891abc; Expires=Sun, 04-Feb-24 10:43:59 GMT; Domain=rvmessages.top; Path=/; Secure; SameSite=None
access-control-allow-origin: http://www.videojav.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hegdcrxavrtk.cdnvideo3.com/api/spots/5491342777968198095/997745?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt
200 OK 510 B URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/spots/5491342777968198095/997745?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt
IP
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text
Hash bae793545a5a7a14ee1a6c3ef897e4fa
f25f65cb8cb2aae3c46978e4b2774c3656a77b33
257d162406b167fc1bc3dc2cacfad424e4cad3fe1bd045730750eac291a8bd66
GET /api/spots/5491342777968198095/997745?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.videojav.com
Cache-Control: private
Content-Encoding: gzip
hegdcrxavrtk.cdnvideo3.com/api/spots/5491342777968198095/997762?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt
200 OK 705 B URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/spots/5491342777968198095/997762?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt
IP
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (489)
Hash a1a31f4cd441c12c6fb11e77f56b057e
a6965d062af03f4dfea55e663329c14b88dad1c0
b97ccb258a937532053edb53fd75d1aaddef112ce2af4d8f128b842060ab516c
GET /api/spots/5491342777968198095/997762?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.videojav.com
Cache-Control: private
Content-Encoding: gzip
friendshipmale.com/sfp.js
200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: af99e67737b720f00f48c2f724102a6d
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Sat, 04 Feb 2023 10:43:58 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jcs8WMDx%2FuA5iP8c9mA6ZR6WW2wQa4h5Zf%2FkIbk5xeOc4pVGs6BWAiGh%2FJiyubYExDPeT0Zl3c26u0%2BRcvHwBProgKyj%2F8QD4V8NSFrOkCZy8YwWHGKt8Y3%2BrjXjVRdnPwnvgUQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7942cef728a5dc63-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hegdcrxavrtk.cdnvideo3.com/api/spots/5491342777968198095/997869?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt
200 OK 517 B URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/api/spots/5491342777968198095/997869?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt
IP
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text
Hash 125446df089283ba1d9401550e5ea338
05c9c7409c27b529c39110085ad204f2d4ed642d
7597453db80aefe1f06632be19f74256df4735788c454fc4fd8c973a028fd6d4
GET /api/spots/5491342777968198095/997869?fill=0&kw=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.videojav.com
Cache-Control: private
Content-Encoding: gzip
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1bd4865ff0e983efaecaa75f57f72378
Strict-Transport-Security: max-age=0; includeSubdomains
www.videojav.com/apple-touch-icon.png
200 OK 14 kB URL HTTP/1.1 www.videojav.com/apple-touch-icon.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 302003967bcce57931c372aa26310c88
526045f535e90a6d7b19240532f9100c9535beee
117477b129e4ca959b0afd092f7edca8f460ff25120b8dbe2011a88d9f48bef8
GET /apple-touch-icon.png HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/
Cookie: PHPSESSID=9rc9bgbj175u1ecp6jnunaoc59; kt_qparams=id%3D32667579%26dir%3Db3ab2f49e889e1dc340aaf3097b75d39; kt_ips=91.90.42.154; show_pops2=true2; ppu_show_on_81757de1aae7e6aa130b463b81c6956d=1; kt_tcookie=1; rvt_inlpush_cnt_4101=1; rvt_inlpush_max_4101=100; kt_is_visited=1; ppu_main_81757de1aae7e6aa130b463b81c6956d=1; ppu_exp_81757de1aae7e6aa130b463b81c6956d=1675511074369; dom3ic8zudi28v8lr6fgphwffqoz0j6c=9dfd63aa-21c5-4daa-87ca-70f19cf4b237%3A2%3A1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: image/png
Content-Length: 13713
Connection: keep-alive
Last-Modified: Mon, 27 Apr 2020 09:02:49 GMT
ETag: "5ea69fb9-3591"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 14936061
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FubMpfNp3ck3VkTRSJWNnu0A9bIFDBMCqTULulkoXtAFxcIaeUTt1erdvKsNRP%2FezXIPGz1nAnmnfJh%2BcmbHpvG8eq0AS6uSIqeeIeA2QdkaaY0AbIzyfDXLHOsyqeY83p%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7942cef87dafb517-OSL
alt-svc: h2=":443"; ma=60
www.videojav.com/favicon-16x16.png
200 OK 1.5 kB URL HTTP/1.1 www.videojav.com/favicon-16x16.png
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 552872354755cb050014a9501cfec4fa
fd05b4d7002b52e705344db04db723495910e4c7
88ef331642f08aaee6990894bd8015032891181d446faa6c4bbec095a56aba8d
GET /favicon-16x16.png HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/videos/32667579/b3ab2f49e889e1dc340aaf3097b75d39/
Cookie: PHPSESSID=9rc9bgbj175u1ecp6jnunaoc59; kt_qparams=id%3D32667579%26dir%3Db3ab2f49e889e1dc340aaf3097b75d39; kt_ips=91.90.42.154; show_pops2=true2; ppu_show_on_81757de1aae7e6aa130b463b81c6956d=1; kt_tcookie=1; rvt_inlpush_cnt_4101=1; rvt_inlpush_max_4101=100; kt_is_visited=1; ppu_main_81757de1aae7e6aa130b463b81c6956d=1; ppu_exp_81757de1aae7e6aa130b463b81c6956d=1675511074369; dom3ic8zudi28v8lr6fgphwffqoz0j6c=9dfd63aa-21c5-4daa-87ca-70f19cf4b237%3A2%3A1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: image/png
Content-Length: 1489
Connection: keep-alive
Last-Modified: Mon, 27 Apr 2020 09:02:49 GMT
ETag: "5ea69fb9-5d1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 14935586
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNeLopR7xiuf35uzfHgm3VtgiG9l9171vLyPewYcg6%2Fe4W1JEH5GaCXFL7N8jZt46I5wseXCtQSr9A7IvpvVV0slzCU4cM3J5jLLgrodQlddRqJ7qc%2FZVBI2wkUD9Lc275gj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7942cef87967b505-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 471 B IP
Hash a3a67dba1b1b1f3ae766058d9cd538d7
9dc833327c3755593c077f703117f6187f4d3e97
b8990e3b7ba47804077dd1d5c3b3e05c8beec9a3288e3fa9e41680dc15045f0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5626
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:59 GMT
Last-Modified: Sat, 04 Feb 2023 09:10:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7815df9178e9a1b99aacd0e4b012d9e0
24d0c3c04404356ce1fbffabcf82fc196fa0e99c
02661905ba6f91909a98b1038f9b260f9e7e524515246775567d6ed26a0f4a48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7815df9178e9a1b99aacd0e4b012d9e0
24d0c3c04404356ce1fbffabcf82fc196fa0e99c
02661905ba6f91909a98b1038f9b260f9e7e524515246775567d6ed26a0f4a48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 39 kB IP
Hash 7eb0c70f08f191fef3cd71bc73dc26a7
32ab77fe042b7fe63c8eaded575b5258e3117123
e4aa35312baee1f16c5eeeccbbbf872e2e3e2ac32ff909758b7f58a0f5445512
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 09:44:08 GMT
expires: Sat, 04 Feb 2023 11:44:08 GMT
cache-control: public, max-age=7200
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
age: 3591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 400 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 6d2feee8aeb9f91c0df2f44e4d96ab14
c5c4135f5d635199fd83773d87665e1a24adc17e
7eb437a2bd2af77988c6af2e69d4c70ccfcabdee2e1c945e3a5dbf6542093e0f
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Feb 2023 10:43:59 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1509427002%3A1675507439515762&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcMJyV_W7GXJVjh3c5inb2zD7sHZhSbijD4wpvRthnuXzxwrvfkSWAKtSudvPFcQb1lMM6GwA
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-nhinm4UQ0IrwiURhUYYgDA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 400
server: GSE
set-cookie: __Host-GAPS=1:6Kqn6Z0oM35vE2mUU_PC1KyYW4gGvw:bdOhpGrfRgnHuqnZ;Path=/;Expires=Mon, 03-Feb-2025 10:43:59 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.videojav.com/css/main.css?v=1.2
200 OK 12 kB URL HTTP/2 www.videojav.com/css/main.css?v=1.2
IP
File type assembler source, ASCII text, with very long lines (492)
Hash 3a4462c2acc28280b39b635492ded96b
93d3afb5255975534118e10d0a7ef976a0ad3f79
7bcaa803c8fa26bb8ae44627516be8bda189f4e23957dbb75eafa0c1d6e2e6f6
GET /css/main.css?v=1.2 HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: text/css
last-modified: Mon, 23 May 2022 12:39:46 GMT
vary: Accept-Encoding
etag: W/"628b8092-13093"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 11813876
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh71yuqJ1ktYs45qMoiHHzcSXqoFvXPipL%2FyMm3xitLGlfP6HmqJ2x7YYHQmviLLESRc40kW2rFUXsAk6K70aam%2FpKo8CPB8ns%2FaMRjRecLzpIyJyveezqF4OVG%2Bz5aaUCmn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942ceefa9090b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j99&a=14568800&t=pageview&_s=1&dl=http%3A%2F%2Fwww.videojav.com%2Fvideos%2F32667579%2Fb3ab2f49e889e1dc340aaf3097b75d39%2F&ul=en-us&de=UTF-8&dt=Massages%20with%20Mikami%20Yua%20-%20Full%20HD%20-%20videojav.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=203034157&gjid=1007371213&cid=1294781080.1675507475&tid=UA-154720556-4&_gid=1126957260.1675507475&_r=1&_slc=1&z=38989788
200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=14568800&t=pageview&_s=1&dl=http%3A%2F%2Fwww.videojav.com%2Fvideos%2F32667579%2Fb3ab2f49e889e1dc340aaf3097b75d39%2F&ul=en-us&de=UTF-8&dt=Massages%20with%20Mikami%20Yua%20-%20Full%20HD%20-%20videojav.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=203034157&gjid=1007371213&cid=1294781080.1675507475&tid=UA-154720556-4&_gid=1126957260.1675507475&_r=1&_slc=1&z=38989788
IP
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=14568800&t=pageview&_s=1&dl=http%3A%2F%2Fwww.videojav.com%2Fvideos%2F32667579%2Fb3ab2f49e889e1dc340aaf3097b75d39%2F&ul=en-us&de=UTF-8&dt=Massages%20with%20Mikami%20Yua%20-%20Full%20HD%20-%20videojav.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=203034157&gjid=1007371213&cid=1294781080.1675507475&tid=UA-154720556-4&_gid=1126957260.1675507475&_r=1&_slc=1&z=38989788 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.videojav.com
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://www.videojav.com
date: Sat, 04 Feb 2023 10:43:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 397 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 5d23adae591f45cb04fa325bc787dc2b
72d2b7fe8c4959d8ffe685d8644a19384996d591
af142e99131182a8b0cc41b928186f34ab6f5428c8d3b77c282fef3e51d1514c
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Feb 2023 10:43:59 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1123696107%3A1675507439557856&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcPHDebE4hOMslp5MkyEZicVDO8wMb-1eQYKRRdXk0pXgEJ0g_j6J1xoowANVPKBdXXnVYOCQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-WBj7q91hCFSr4YCBWOwnzQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:eeseol7uFQgFhL-LDwW3eOBkdd6Nrw:-59S4euqjEjPLqO7;Path=/;Expires=Mon, 03-Feb-2025 10:43:59 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1509427002%3A1675507439515762&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcMJyV_W7GXJVjh3c5inb2zD7sHZhSbijD4wpvRthnuXzxwrvfkSWAKtSudvPFcQb1lMM6GwA
403 Forbidden 1.3 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1509427002%3A1675507439515762&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcMJyV_W7GXJVjh3c5inb2zD7sHZhSbijD4wpvRthnuXzxwrvfkSWAKtSudvPFcQb1lMM6GwA
IP
Hash 993052cc998cb0ce4d8decb3ba0cf6ff
a5b2faeac64b16ecf77a4b19e55f2f6ad6fc7573
98d5ff3acb992c45b1bb83a9783016caa65272125eb13f026e9fd7a0fef30005
GET /v3/signin/identifier?dsh=S-1509427002%3A1675507439515762&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcMJyV_W7GXJVjh3c5inb2zD7sHZhSbijD4wpvRthnuXzxwrvfkSWAKtSudvPFcQb1lMM6GwA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Feb 2023 10:43:59 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-nRo2g-Zo7l1In6Pfee5AQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a3a67dba1b1b1f3ae766058d9cd538d7
9dc833327c3755593c077f703117f6187f4d3e97
b8990e3b7ba47804077dd1d5c3b3e05c8beec9a3288e3fa9e41680dc15045f0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5626
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:59 GMT
Last-Modified: Sat, 04 Feb 2023 09:10:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW07DQAy8ChdoNH5ssttv+AWpqAcI67QgRIMKqoo0h2eTSgjPh0e2ZzwKtQ10A79D2rptU2GRrqBz7SQ5H592dOHnfD4d567OH3TPnoRqMgzKjJLzQDdNnsCEzNQWGeDgxXqVTAeNaNBk7gvrAC2aOGQ+7HfcP9+3WZGibMY04KrNTNbvVHAVXReLsZ8sfAyLQT2bZgtIRD4Expfk1kTg63SMer6Ol/P3e1fjdHmLabY1PW7okPz2DH/YyNpagSsbv35Olfx3siCtIqe4LxGJmKJm6yXqBESI2KEXq6Yy5SL1F6ro+7ljAQAA
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW07DQAy8ChdoNH5ssttv+AWpqAcI67QgRIMKqoo0h2eTSgjPh0e2ZzwKtQ10A79D2rptU2GRrqBz7SQ5H592dOHnfD4d567OH3TPnoRqMgzKjJLzQDdNnsCEzNQWGeDgxXqVTAeNaNBk7gvrAC2aOGQ+7HfcP9+3WZGibMY04KrNTNbvVHAVXReLsZ8sfAyLQT2bZgtIRD4Expfk1kTg63SMer6Ol/P3e1fjdHmLabY1PW7okPz2DH/YyNpagSsbv35Olfx3siCtIqe4LxGJmKJm6yXqBESI2KEXq6Yy5SL1F6ro+7ljAQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OW07DQAy8ChdoNH5ssttv+AWpqAcI67QgRIMKqoo0h2eTSgjPh0e2ZzwKtQ10A79D2rptU2GRrqBz7SQ5H592dOHnfD4d567OH3TPnoRqMgzKjJLzQDdNnsCEzNQWGeDgxXqVTAeNaNBk7gvrAC2aOGQ+7HfcP9+3WZGibMY04KrNTNbvVHAVXReLsZ8sfAyLQT2bZgtIRD4Expfk1kTg63SMer6Ol/P3e1fjdHmLabY1PW7okPz2DH/YyNpagSsbv35Olfx3siCtIqe4LxGJmKJm6yXqBESI2KEXq6Yy5SL1F6ro+7ljAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://hegdcrxavrtk.cdnvideo3.com
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://hegdcrxavrtk.cdnvideo3.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Mon, 03 Feb 2025 10:43:59 GMT; path=/; domain=.realsrv.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1P0UoEMQz8FX/gliRN2+Se9VXh5D6gdruniLdyynHCfLztCjY0GcpMZyIkYUeyI72juNewjw7nyWlSmTgqHp8OUMbnejmf1qmuH0g5ZXdI4JwFRm6WoUGidnok61dyMkNmt+TBoIQA6iUxqA40EbEgGx6OBxyf7/uLswsYQuh9uA64kW9D2iipLk1kYbFKxm3xEqpJfXGfpXQR4bWd5nq5levl+32q8/n6Nrc1bKkJUVIgMI2Puh9rCMNvC/ZXO95GP4QNla+fcwX+CX2XMeKm6mm1b8aANy+xVK3SYrEUfak2e82zUWwz+y/5xLetZQEAAA==
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1P0UoEMQz8FX/gliRN2+Se9VXh5D6gdruniLdyynHCfLztCjY0GcpMZyIkYUeyI72juNewjw7nyWlSmTgqHp8OUMbnejmf1qmuH0g5ZXdI4JwFRm6WoUGidnok61dyMkNmt+TBoIQA6iUxqA40EbEgGx6OBxyf7/uLswsYQuh9uA64kW9D2iipLk1kYbFKxm3xEqpJfXGfpXQR4bWd5nq5levl+32q8/n6Nrc1bKkJUVIgMI2Puh9rCMNvC/ZXO95GP4QNla+fcwX+CX2XMeKm6mm1b8aANy+xVK3SYrEUfak2e82zUWwz+y/5xLetZQEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1P0UoEMQz8FX/gliRN2+Se9VXh5D6gdruniLdyynHCfLztCjY0GcpMZyIkYUeyI72juNewjw7nyWlSmTgqHp8OUMbnejmf1qmuH0g5ZXdI4JwFRm6WoUGidnok61dyMkNmt+TBoIQA6iUxqA40EbEgGx6OBxyf7/uLswsYQuh9uA64kW9D2iipLk1kYbFKxm3xEqpJfXGfpXQR4bWd5nq5levl+32q8/n6Nrc1bKkJUVIgMI2Puh9rCMNvC/ZXO95GP4QNla+fcwX+CX2XMeKm6mm1b8aANy+xVK3SYrEUfak2e82zUWwz+y/5xLetZQEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://hegdcrxavrtk.cdnvideo3.com
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://hegdcrxavrtk.cdnvideo3.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Mon, 03 Feb 2025 10:43:59 GMT; path=/; domain=.realsrv.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
rvmessages.top/s4/pgo/3-6665/atxtnxtdf3eegacoj4aaaaaajtokoa42fjnfwbajdiaaaaovjaaaaaaaaaaa?ver=21
302 Found 158 B URL HTTP/2 rvmessages.top/s4/pgo/3-6665/atxtnxtdf3eegacoj4aaaaaajtokoa42fjnfwbajdiaaaaovjaaaaaaaaaaa?ver=21
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff800f7c0fbcc0a1b3a01222155d46a
33555b5351d9740ef0f943c7a5aa6282601eadf9
39c7f77e186fa5ff07bd1bf2bb39281a6778e5b7cda6b72e08da6a7a688dd8e3
GET /s4/pgo/3-6665/atxtnxtdf3eegacoj4aaaaaajtokoa42fjnfwbajdiaaaaovjaaaaaaaaaaa?ver=21 HTTP/1.1
Host: rvmessages.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Cookie: _trd_=9eac22b5891abc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 10:43:59 GMT
content-type: text/html
content-length: 158
location: https://static.pixinform.com/5d/5df1/1666704778413__icon.jpg
set-cookie: 7zbeY0zcpwMAAAAA_img=1; Expires=Sat, 04-Feb-23 16:43:59 GMT; Domain=newsinform.net; Path=/
_trd_=9eac22b5891abc; Expires=Sun, 04-Feb-24 10:43:59 GMT; Domain=rvmessages.top; Path=/; Secure; SameSite=None
_uqt2745136324=1; Expires=Sun, 05-Feb-23 00:00:00 GMT; Domain=rvmessages.top; Path=/; Secure; SameSite=None
_uqp3268470317=1; Expires=Sun, 05-Feb-23 00:00:00 GMT; Domain=rvmessages.top; Path=/; Secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/676799/5d2478ad32323b9e7f249a98729721f69b06b2ed.jpg
200 OK 20 kB URL HTTP/1.1 s3t3d2y8.afcdn.net/library/676799/5d2478ad32323b9e7f249a98729721f69b06b2ed.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 895906d769dc2c9e6d3158bb380724d7
5d2478ad32323b9e7f249a98729721f69b06b2ed
cb4ba11b8371cbad8c6c5d029fe70a28199340b9d3809c47a2333edf6b6255c6
GET /library/676799/5d2478ad32323b9e7f249a98729721f69b06b2ed.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: image/jpeg
Content-Length: 19814
Connection: keep-alive
Last-Modified: Tue, 13 Apr 2021 14:34:08 GMT
ETag: "6075abe0-4d66"
Expires: Fri, 30 Jun 2023 11:53:38 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
X-Cache-OP: HIT
X-Accel-Expires: @1688195253
Server: CDN77-Turbo
X-Robots-Tag: noindex, follow
X-77-NZT: AblMCQ2+nnP/upkfAQ
X-77-NZT-Ray: c0a4cc284dfc1ff4ef36de63dfeb792c
X-Cache: HIT
X-Age: 18848186
X-77-POP: stockholmSE
X-77-Cache: HIT
Accept-Ranges: bytes
s3t3d2y8.afcdn.net/library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4
206 Partial Content 22 kB URL HTTP/1.1 s3t3d2y8.afcdn.net/library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4
IP
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 7aab39bd95f3b8fe10a021cef327eee8
8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5
0405eb10aa1fce693abb9d60fbfbb1f82f07b6a72692d0addf003449d11b79eb
GET /library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
HTTP/1.1 206 Partial Content
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: video/mp4
Content-Length: 21956
Connection: keep-alive
Last-Modified: Fri, 29 Jul 2022 16:34:04 GMT
ETag: "62e40bfc-55c4"
Expires: Sat, 29 Jul 2023 16:45:10 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
X-Cache-OP: HIT
X-Accel-Expires: @1690649128
Server: CDN77-Turbo
X-Robots-Tag: noindex, follow
X-77-NZT: AblMCQ3EeL3/Ryj6AA
X-77-NZT-Ray: c0a4cc28890920f4ef36de63a7f97d2c
X-Cache: HIT
X-Age: 16394311
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Range: bytes 0-21955/21956
s3t3d2y8.afcdn.net/library/358224/645954c6340a11acad16ac625690ab072306ce20.webp
200 OK 6.7 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/358224/645954c6340a11acad16ac625690ab072306ce20.webp
IP
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec2421d5a229103d8d41bfcd12d3a308
645954c6340a11acad16ac625690ab072306ce20
23d570d8cecc541a0e9b15333e709cdc2a37a2759de9868b38c7b44d5e9e3052
GET /library/358224/645954c6340a11acad16ac625690ab072306ce20.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:59 GMT
content-type: image/webp
content-length: 6704
last-modified: Mon, 23 Jan 2023 17:14:04 GMT
etag: "63cec05c-1a30"
expires: Wed, 24 Jan 2024 14:37:42 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1706805899
server: CDN77-Turbo
x-77-nzt: AblMCQ2IMJP/5J8DAA
x-77-nzt-ray: c0a4cc28890932f4ef36de63c21b612f
x-cache: HIT
x-age: 237540
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/238464/f6d40bd5d590015afcd00318eddc902913886963.webp
200 OK 7.5 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/238464/f6d40bd5d590015afcd00318eddc902913886963.webp
IP
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 521e8810391ac697b94d998db25e9de5
f6d40bd5d590015afcd00318eddc902913886963
61abbac0b854039034ed4ffe2646c5bbf1897d01fb9f6ea6b809564038aba003
GET /library/238464/f6d40bd5d590015afcd00318eddc902913886963.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:59 GMT
content-type: image/webp
content-length: 7464
last-modified: Wed, 15 Jun 2022 07:36:33 GMT
etag: "62a98c01-1d28"
expires: Fri, 30 Jun 2023 11:52:45 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195228
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ1mRGn/05kfAQ
x-77-nzt-ray: c0a4cc28890932f4ef36de636357c72f
x-cache: HIT
x-age: 18848211
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/140058/d35401b29d0c4fd1079651c0fde2f01f97ec11a4.webp
200 OK 10 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/140058/d35401b29d0c4fd1079651c0fde2f01f97ec11a4.webp
IP
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dca61ca44b9a87b631eb5200c12f234c
d35401b29d0c4fd1079651c0fde2f01f97ec11a4
bc0c8c5a132af93ccc2cfbc1784f2e67119a9c72e289b8ab502561e16be71b03
GET /library/140058/d35401b29d0c4fd1079651c0fde2f01f97ec11a4.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:59 GMT
content-type: image/webp
content-length: 10254
last-modified: Wed, 03 Nov 2021 11:53:34 GMT
etag: "6182783e-280e"
expires: Fri, 30 Jun 2023 11:13:36 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195317
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ1vNU7/epkfAQ
x-77-nzt-ray: c0a4cc28890932f4ef36de636406e02f
x-cache: HIT
x-age: 18848122
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/623611/1d086ee530ffd2df0ad79a4430c5284ea0bf43a1.webp
200 OK 14 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/623611/1d086ee530ffd2df0ad79a4430c5284ea0bf43a1.webp
IP
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c844d5a19386b984d862c88ff15dd0f
1d086ee530ffd2df0ad79a4430c5284ea0bf43a1
5be93e78e93fcb00f0445cd83b9d55ad0d54aacddbd782b46286574a5b68a535
GET /library/623611/1d086ee530ffd2df0ad79a4430c5284ea0bf43a1.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:59 GMT
content-type: image/webp
content-length: 14308
last-modified: Wed, 03 Nov 2021 19:23:20 GMT
etag: "6182e1a8-37e4"
expires: Wed, 25 Oct 2023 05:55:25 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1702034090
server: CDN77-Turbo
x-77-nzt: AblMCQ2OjBT/xW9MAA
x-77-nzt-ray: c0a4cc28890932f4ef36de6333152b30
x-cache: HIT
x-age: 5009349
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/splash.php?idzone=4646908
200 OK 2.7 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=4646908
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1562)
Hash 526fc18c7b6bda16a023caf35982e90f
7dd18627440bc554848cc9640e22a9c99928b1fc
fb5f00e503075d4ca9379500bcee951760df400ef6c2d3fd53ac7a4f1e7536cb
GET /splash.php?idzone=4646908 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263de36ef0da9b2.20749808536665875%22%3B%7D; impressions=oslmrxbrnxgxamrcraoxsgeicxbmsbcenxgxamrreosbbgeimmccrbebnxgxamcbexxbmgeioslmrxbmnxgxamrcaxocmgeicxbmsbocnxgxamrremcslgeimmccrlaonxgxamrcremlrgeimmccrlacnxgxamcmlarclgeicxbmsboenxgxamrscrmeogeioslmrxlrnxgxamslescrogeimmccrbxenxgxamrescroogeislsaroornxgxamccolacbgeioslmroemnxgxamrcremlrgeioslmrxlsnxgxamrremcslgeicmmsxrbonxgxamsoeamlmgeimmccrlaenxgxamrsxxxmrgeimmccrbeanxgxamcssabxegeicaocmrmanxgxamolcrcergeimcclsxronxgxamsscrmclgeimcclsxmenxgxamrceerargeialbserebnxgxamccrrssogeimcclsxaonxgxamsxsxllxgeicxbmsbxcnxgxamrcaxocmgeimrblxebenxgxamselmborgeimcclsxconxgxamrcraoxsgeirbabxabbnxgxamrescroogeimcclsxacnxgxamsscrmclgeicmmsxaeenxgxamcmrmsrmgeialbsereanxgxamsoeabscgeicaxsscmbnxgxamsosomemgeimcclosconxgxamrcremlrgeimcclsoeonxgxamrcraoxsgeimcclsxlcnxgxamrceerargeimcclossbnxgxamcscxaesgeimcclsxscnxgxamsmoooeegeimcclsxlenxgxamcbrorxbgeimaecseaenxgxamrcremlrgeimaecsxcbnxgxamsmoooeegeimcclsxoanxgxamclrbcelgeimcclsxlbnxgxamcrbalrageimccloscanxgxamrceerargeiclsmrbsonxgxamsmmrbmbgeiclsmarsenxgxamsmmrbmbgeiccmmllebnxgxamclarlmmgeimcclsxsbnxgxamrcremlrgeiclsmrbxonxgxamsbebceegeiclsmrbxcnxgxamsbebceegeiclsmarscnxgxamsbebceegeiccmmlmlcnxgxamsbebceegeiclsmarrenxgxamsbebceegeicaormbaonxgxamsbxxbsrgeicaormlrenxgxamcememscgeimcclsxlonxgxamcsmlmxcgeimrblelronxgxamsbremaegeimaecsxobnxgxamsbremaegeiclsmrbrcnxgxamsbroemmgeiclsmrraanxgxamclsslaegeiclsmrmxbnxgxamsbroemmgeimccloscenxgxamrcraoxsgeimcclsxxonxgxamslescrogeimrblelxbnxgxamslescrogeimcclsoeenxgxamclrbcelgeimrblelmonxgxamcxcrasxgeimrbleloenxgxamcxcrasxgeiclsmrrmanxgxamcxabcxbgeiclsmrbeonxgxamcxabcxbgeiclsmrrcenxgxamcxabcxbgeiclsmrmxanxgxamcxabcxbgeiclsmrbxenxgxamcxabcxbgeiclsmaroonxgxamcxabcxbgeialbserxenxgxamcosraregeimcclsxsenxgxamrcraoxsgeimcclsxlanxgxamcblrlbcgeiccmmlleanxgxamccrrssogeicaormlabnxgxamcrllsmageicaormlconxgxamcrllsmageiclsmarsonxgxamclsslaegeiclsmrmlbnxgxamclsslaegeiclsmrmocnxgxamclsslaegeiccmmllecnxgxamclsslaegeimcclsxcanxgxamrceerscgeimrblelcenxgxamclrbcelgeimaecsxrcnxgxamclrbcelgeialbserxonxgxamclarlmmgeimcclosscnxgxamrceerscgeimaecobronxgxamrescroogeimaecobeenxgxamrescroogeimcclosccnxgxamrescroogeimaecoboonxgxamrescroogeimrblxelenxgxamrescroogeimeembesonxgxamrcoxcmagxcceimxeemblenogxamrcoxcmagxcceimcssmlrensgxamrcoxcbegxcceimxeemleonogxamrcoxcbegxcceimblraeabnsgxamrcooeelgxcceimrmaobxanogxamrcooeelgxcceimxlbmxlcnogxamrcoscrlgxcceimaoolslanxgxamrcobllogxcceirarrrcaenxgxamrcceorxgxcceimexexabbnxgxamrccrbsogxcceimbscxmxanxgxamrccarblgxcceimxlbmosanogxamrccmecbgxcceicxmecmcanxgxamrccmecbgxcceimcssmlronsgxamrcresmegxcceimrbxmxmanxgxamrcremlrgxcceimaecsxccnxgxamrcremlrgeimocbmmmbnxgxamrcrxblmgxcceimocbmmacnxgxamrcrxblmgxcceimocbmmaanxgxamrcrxblmgxcceimrxccosanxgxamrcrolmegxcceimrxccosensgxamrcrolmegxcceimrxccoscnxgxamrcrolmegxcceimxlbmoconogxamrcraoxsgxcceimxeoxsacnsgxamrcraoxsgxcceimlxbaxlonxgxamrcraoxsgeimxlbalsbnxgxamrcrblsagxcceimlxbaxbanxgxamrcaxocmgeimxlbmxlenogxamrcaxocmgxcceimxlbalcenogxamrcaxocbgxcceimxlbmoobnxgxamrcaobasgxcceimrxccosonxgxamrcacbrlgxcceimxlbmoaonxgxamrcabersgxcceimlxasascnxgxamrcmoorsgxcceimxelmbranxgxamrcmoormgxcceimblelamenxgxamrcmoscagxcceimlxoblmonxgxamrcmoscagxcceialrexexbnxgxamrcmrbebgxcceimxlbmxbbnxgxamrcmacemgxcceimxlbmxlonogxamrcmacemgxcceimrbleaebnxgxamrcmmbacgxcceimaooblebnogxamrcbmccogxcceimbsblroancgxamrclresagcbeimxlbmoscnogxamrclresagxcceimboslabcnxgxamrclresagxcceimcssmlrcnsgxamrclresagxcceimblelamanxgxamrclresagxcceimbbcemoancgxamrclrcergxcceialaroxrcnxgxamrclaermgxcceimxeemblbnxgxamrclaeaegxcceialrexeoonxgxamrclamblgxcceimaoobbebnxgxamrclablagxcceimclsaoxbnsgxamrclablagxcceimlxmrlxonxgxamrrexelcgxcceimlxocxobnogxamrrexelcgxcceixaoosscrnxgxamrrexelcgxcceimxxerreonxgxamrreosbmgxcceimxlbmosonogxamrreosbbgxcceialbbebsanxgxamrreosbbgxcceimlxocxoonxgxamrreosblgxcceimbbcemobncgxamrreosblgxcceimaooloranxgxamrreoslxgxcceimeembescnxgxamrreoslogxcceicmarxbbonxgxamrreoslogxcceimxlbmosenxgxamrrecasxgxcceimlxbaxbonxgxamrremcslgeimsacexoonxgxamrremcslgxcce; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4348472%7C71987192%7C100644%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cfa14e04d6d24d7684c7d5bb08d862024%7C0%7Cvideojav.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263de36ef0da9b2.20749808536665875%22%3B%7D; expires=Mon, 03 Feb 2025 10:43:59 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4348472%7C71987192%7C100644%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cfa14e04d6d24d7684c7d5bb08d862024%7C0%7Cvideojav.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%2C%22tag-video%22%3A%22v3%7C%7CNOR%7C4646908%7C59504696%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C63de36ef0da9b2.20749808536665875%7C%7C0%7Cvideojav.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sun, 05 Feb 2023 10:43:59 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: http://www.videojav.com
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/676799/83568851106bf5f179aec8cb977edc832eabce1e.webp
200 OK 7.2 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/676799/83568851106bf5f179aec8cb977edc832eabce1e.webp
IP
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7aeed1edccf33acb12d6e3e4130d8a5e
83568851106bf5f179aec8cb977edc832eabce1e
0d5ada97bfd8648bddbd481667c118195bb1ec843d5eb5ba6f04b363df855832
GET /library/676799/83568851106bf5f179aec8cb977edc832eabce1e.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:59 GMT
content-type: image/webp
content-length: 7228
last-modified: Thu, 04 Nov 2021 11:52:34 GMT
etag: "6183c982-1c3c"
expires: Fri, 30 Jun 2023 11:19:55 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195422
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ0AI6b/EZkfAQ
x-77-nzt-ray: c0a4cc28890932f4ef36de63e4befb30
x-cache: HIT
x-age: 18848017
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/splash.php?idzone=4248590
200 OK 2.7 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=4248590
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1558)
Hash 83698b5b63211c5610f0a87615b3cbca
ea288e78298b594341be3d3ba6782b124f610fda
a1e10dd060d6987bc3caf226114986cf6579e8420243d8defd3846fa9a632285
GET /splash.php?idzone=4248590 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263de36ef0da9b2.20749808536665875%22%3B%7D; impressions=oslmrxbrnxgxamrcraoxsgeicxbmsbcenxgxamrreosbbgeimmccrbebnxgxamcbexxbmgeioslmrxbmnxgxamrcaxocmgeicxbmsbocnxgxamrremcslgeimmccrlaonxgxamrcremlrgeimmccrlacnxgxamcmlarclgeicxbmsboenxgxamrscrmeogeioslmrxlrnxgxamslescrogeimmccrbxenxgxamrescroogeislsaroornxgxamccolacbgeioslmroemnxgxamrcremlrgeioslmrxlsnxgxamrremcslgeicmmsxrbonxgxamsoeamlmgeimmccrlaenxgxamrsxxxmrgeimmccrbeanxgxamcssabxegeicaocmrmanxgxamolcrcergeimcclsxronxgxamsscrmclgeimcclsxmenxgxamrceerargeialbserebnxgxamccrrssogeimcclsxaonxgxamsxsxllxgeicxbmsbxcnxgxamrcaxocmgeimrblxebenxgxamselmborgeimcclsxconxgxamrcraoxsgeirbabxabbnxgxamrescroogeimcclsxacnxgxamsscrmclgeicmmsxaeenxgxamcmrmsrmgeialbsereanxgxamsoeabscgeicaxsscmbnxgxamsosomemgeimcclosconxgxamrcremlrgeimcclsoeonxgxamrcraoxsgeimcclsxlcnxgxamrceerargeimcclossbnxgxamcscxaesgeimcclsxscnxgxamsmoooeegeimcclsxlenxgxamcbrorxbgeimaecseaenxgxamrcremlrgeimaecsxcbnxgxamsmoooeegeimcclsxoanxgxamclrbcelgeimcclsxlbnxgxamcrbalrageimccloscanxgxamrceerargeiclsmrbsonxgxamsmmrbmbgeiclsmarsenxgxamsmmrbmbgeiccmmllebnxgxamclarlmmgeimcclsxsbnxgxamrcremlrgeiclsmrbxonxgxamsbebceegeiclsmrbxcnxgxamsbebceegeiclsmarscnxgxamsbebceegeiccmmlmlcnxgxamsbebceegeiclsmarrenxgxamsbebceegeicaormbaonxgxamsbxxbsrgeicaormlrenxgxamcememscgeimcclsxlonxgxamcsmlmxcgeimrblelronxgxamsbremaegeimaecsxobnxgxamsbremaegeiclsmrbrcnxgxamsbroemmgeiclsmrraanxgxamclsslaegeiclsmrmxbnxgxamsbroemmgeimccloscenxgxamrcraoxsgeimcclsxxonxgxamslescrogeimrblelxbnxgxamslescrogeimcclsoeenxgxamclrbcelgeimrblelmonxgxamcxcrasxgeimrbleloenxgxamcxcrasxgeiclsmrrmanxgxamcxabcxbgeiclsmrbeonxgxamcxabcxbgeiclsmrrcenxgxamcxabcxbgeiclsmrmxanxgxamcxabcxbgeiclsmrbxenxgxamcxabcxbgeiclsmaroonxgxamcxabcxbgeialbserxenxgxamcosraregeimcclsxsenxgxamrcraoxsgeimcclsxlanxgxamcblrlbcgeiccmmlleanxgxamccrrssogeicaormlabnxgxamcrllsmageicaormlconxgxamcrllsmageiclsmarsonxgxamclsslaegeiclsmrmlbnxgxamclsslaegeiclsmrmocnxgxamclsslaegeiccmmllecnxgxamclsslaegeimcclsxcanxgxamrceerscgeimrblelcenxgxamclrbcelgeimaecsxrcnxgxamclrbcelgeialbserxonxgxamclarlmmgeimcclosscnxgxamrceerscgeimaecobronxgxamrescroogeimaecobeenxgxamrescroogeimcclosccnxgxamrescroogeimaecoboonxgxamrescroogeimrblxelenxgxamrescroogeimeembesonxgxamrcoxcmagxcceimxeemblenogxamrcoxcmagxcceimcssmlrensgxamrcoxcbegxcceimxeemleonogxamrcoxcbegxcceimblraeabnsgxamrcooeelgxcceimrmaobxanogxamrcooeelgxcceimxlbmxlcnogxamrcoscrlgxcceimaoolslanxgxamrcobllogxcceirarrrcaenxgxamrcceorxgxcceimexexabbnxgxamrccrbsogxcceimbscxmxanxgxamrccarblgxcceimxlbmosanogxamrccmecbgxcceicxmecmcanxgxamrccmecbgxcceimcssmlronsgxamrcresmegxcceimrbxmxmanxgxamrcremlrgxcceimaecsxccnxgxamrcremlrgeimocbmmmbnxgxamrcrxblmgxcceimocbmmacnxgxamrcrxblmgxcceimocbmmaanxgxamrcrxblmgxcceimrxccosanxgxamrcrolmegxcceimrxccosensgxamrcrolmegxcceimrxccoscnxgxamrcrolmegxcceimxlbmoconogxamrcraoxsgxcceimxeoxsacnsgxamrcraoxsgxcceimlxbaxlonxgxamrcraoxsgeimxlbalsbnxgxamrcrblsagxcceimlxbaxbanxgxamrcaxocmgeimxlbmxlenogxamrcaxocmgxcceimxlbalcenogxamrcaxocbgxcceimxlbmoobnxgxamrcaobasgxcceimrxccosonxgxamrcacbrlgxcceimxlbmoaonxgxamrcabersgxcceimlxasascnxgxamrcmoorsgxcceimxelmbranxgxamrcmoormgxcceimblelamenxgxamrcmoscagxcceimlxoblmonxgxamrcmoscagxcceialrexexbnxgxamrcmrbebgxcceimxlbmxbbnxgxamrcmacemgxcceimxlbmxlonogxamrcmacemgxcceimrbleaebnxgxamrcmmbacgxcceimaooblebnogxamrcbmccogxcceimbsblroancgxamrclresagcbeimxlbmoscnogxamrclresagxcceimboslabcnxgxamrclresagxcceimcssmlrcnsgxamrclresagxcceimblelamanxgxamrclresagxcceimbbcemoancgxamrclrcergxcceialaroxrcnxgxamrclaermgxcceimxeemblbnxgxamrclaeaegxcceialrexeoonxgxamrclamblgxcceimaoobbebnxgxamrclablagxcceimclsaoxbnsgxamrclablagxcceimlxmrlxonxgxamrrexelcgxcceimlxocxobnogxamrrexelcgxcceixaoosscrnxgxamrrexelcgxcceimxxerreonxgxamrreosbmgxcceimxlbmosonogxamrreosbbgxcceialbbebsanxgxamrreosbbgxcceimlxocxoonxgxamrreosblgxcceimbbcemobncgxamrreosblgxcceimaooloranxgxamrreoslxgxcceimeembescnxgxamrreoslogxcceicmarxbbonxgxamrreoslogxcceimxlbmosenxgxamrrecasxgxcceimlxbaxbonxgxamrremcslgeimsacexoonxgxamrremcslgxcce; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4348472%7C71987192%7C100644%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cfa14e04d6d24d7684c7d5bb08d862024%7C0%7Cvideojav.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:59 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263de36ef0da9b2.20749808536665875%22%3B%7D; expires=Mon, 03 Feb 2025 10:43:59 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4348472%7C71987192%7C100644%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cfa14e04d6d24d7684c7d5bb08d862024%7C0%7Cvideojav.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%2C%22tag-video%22%3A%22v3%7C%7CNOR%7C4248590%7C78484636%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C63de36ef0da9b2.20749808536665875%7C%7C0%7Cvideojav.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sun, 05 Feb 2023 10:43:59 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: http://www.videojav.com
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 279 B IP
Hash 02ce5b133ccf7308941d753b4327e1f4
89ac58b32e2417eaff44b37faf0fc1a364a4b32f
f9d2be9123cd04fb5ba91168ccf0146ac168ff7dfa42d10da578241d668a449c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 822
Cache-Control: max-age=111659
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:59 GMT
Etag: "63dd44e4-117"
Expires: Sun, 05 Feb 2023 17:44:58 GMT
Last-Modified: Fri, 03 Feb 2023 17:31:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 02ce5b133ccf7308941d753b4327e1f4
89ac58b32e2417eaff44b37faf0fc1a364a4b32f
f9d2be9123cd04fb5ba91168ccf0146ac168ff7dfa42d10da578241d668a449c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4085
Cache-Control: max-age=114922
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:43:59 GMT
Etag: "63dd44e4-117"
Expires: Sun, 05 Feb 2023 18:39:21 GMT
Last-Modified: Fri, 03 Feb 2023 17:31:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 89af9743caf2e82c5f649207b006cddc
269cf162c7004f7d618aea7e8c8b52dea5ae2691
930d0cc1e07a3e9cb9e771548183a222d4f257e3f70b17eb196356e7734cde6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "930D0CC1E07A3E9CB9E771548183A222D4F257E3F70B17EB196356E7734CDE6D"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6863
Expires: Sat, 04 Feb 2023 12:38:23 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash e69146b2b3cc4fedc68b10de5fa1c071
90d9d81bb5513e701edac6b93fea10d0d536e2f1
f3706f157fe37709ef692f56e8bbd7763e372b0a02926ce27892769860f7e9f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4217
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:44:00 GMT
Last-Modified: Sat, 04 Feb 2023 09:33:43 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c60a627a5cbc914afbd955597f03adc4
c0cb91de4a8439318da22dba758230266a5e9c5f
f1e8e9a72f75c0aad9f3d683536403d78cee9d3d03b2818208c7eab0ec43bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1E8E9A72F75C0AAD9F3D683536403D78CEE9D3D03B2818208C7EAB0EC43BD74"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17103
Expires: Sat, 04 Feb 2023 15:29:03 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Connection: keep-alive
static.pixinform.com/5d/5df1/1666704778413__icon.jpg
200 OK 7.5 kB URL HTTP/2 static.pixinform.com/5d/5df1/1666704778413__icon.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 192x192, components 3\012- data
Hash 9ac6eca9f0a80695244a3cfdb4d77f1f
1ca6144d706b875be9ca180ac70f615f2ebf5ea9
c3e3187c74b39a8699ddbb27344cc4432a371053b8583218f0b0ab6ef31037a4
GET /5d/5df1/1666704778413__icon.jpg HTTP/1.1
Host: static.pixinform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:44:00 GMT
content-type: image/jpeg
content-length: 7516
etag: "6357e58a-1d5c"
last-modified: Tue, 25 Oct 2022 13:32:58 GMT
server: openresty/1.13.6.2
age: 8802652
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 02ce5b133ccf7308941d753b4327e1f4
89ac58b32e2417eaff44b37faf0fc1a364a4b32f
f9d2be9123cd04fb5ba91168ccf0146ac168ff7dfa42d10da578241d668a449c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 823
Cache-Control: max-age=111659
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:44:00 GMT
Etag: "63dd44e4-117"
Expires: Sun, 05 Feb 2023 17:44:59 GMT
Last-Modified: Fri, 03 Feb 2023 17:31:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
go.xlivrdr.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOprprultdVdVLTXdW6VzqpbXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOro23or34l2zu0njnlsputltqorrrqtsqc6VyO9tw.Zoj1D.5zpXSuldK6V0rpXSulcH2A&sourceId=4646908&p1=4581850&skipOffset=00:00:05
302 Found 0 B URL HTTP/2 go.xlivrdr.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOprprultdVdVLTXdW6VzqpbXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOro23or34l2zu0njnlsputltqorrrqtsqc6VyO9tw.Zoj1D.5zpXSuldK6V0rpXSulcH2A&sourceId=4646908&p1=4581850&skipOffset=00:00:05
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOprprultdVdVLTXdW6VzqpbXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOro23or34l2zu0njnlsputltqorrrqtsqc6VyO9tw.Zoj1D.5zpXSuldK6V0rpXSulcH2A&sourceId=4646908&p1=4581850&skipOffset=00:00:05 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 04 Feb 2023 10:44:00 GMT
content-length: 0
location: https://go.xlivrdr.com/api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397613&masterSmartpopId=2683&memberId=ooc4ASOprprultdVdVLTXdW6VzqpbXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOro23or34l2zu0njnlsputltqorrrqtsqc6VyO9tw.Zoj1D.5zpXSuldK6V0rpXSulcH2A&p1=4581850&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=4646908&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30208&videosList=oil-show11
access-control-allow-origin: http://www.videojav.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=7868025.30208; Path=/; HttpOnly; SameSite=Strict
__cflb=0H28uukSkGJRy5UBr1XYMARUwdYFVsfnB3qKViHjEgk; SameSite=None; Secure; path=/; expires=Sun, 05-Feb-23 09:44:00 GMT; HttpOnly
server: cloudflare
cf-ray: 7942cefc6d81b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash e69146b2b3cc4fedc68b10de5fa1c071
90d9d81bb5513e701edac6b93fea10d0d536e2f1
f3706f157fe37709ef692f56e8bbd7763e372b0a02926ce27892769860f7e9f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4217
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:44:00 GMT
Last-Modified: Sat, 04 Feb 2023 09:33:43 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
hegdcrxavrtk.cdnvideo3.com/api/click/11882152919763786095?kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25&t=5&ab=0&keywords=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt&w=1280&h=1024&domain=www.videojav.com&rnd=0.12432811665341414
200 OK 2.3 kB URL HTTP/2 hegdcrxavrtk.cdnvideo3.com/api/click/11882152919763786095?kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25&t=5&ab=0&keywords=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt&w=1280&h=1024&domain=www.videojav.com&rnd=0.12432811665341414
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1301), with CRLF, LF line terminators
Hash 8c5c2fed64942913788f500756406702
e18149c94d0396c02bc631cd08b8be2d99c2e6e6
8dd407965e229bf9122a2ee828d6261bc65654202203a7c395de3993d6e105e2
GET /api/click/11882152919763786095?kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25&t=5&ab=0&keywords=Big%20Tits,Japanese,Asian,hd,Massage,straight,big%20butt&w=1280&h=1024&domain=www.videojav.com&rnd=0.12432811665341414 HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Cookie: nauid=kDYTUbwZH4DFNZyCLelY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 10:43:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5993
Expires: Sat, 04 Feb 2023 12:23:53 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Connection: keep-alive
s3t3d2y8.afcdn.net/library/146936/4eb12a3a36c95b0c9ba8dc34422ceab674b357c4.jpg
200 OK 186 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/146936/4eb12a3a36c95b0c9ba8dc34422ceab674b357c4.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1600x900, components 3\012- data
Size 186 kB (186503 bytes)
Hash 882dd7008940cf96f7df24bbff20fff2
4eb12a3a36c95b0c9ba8dc34422ceab674b357c4
d46ce1bcd7cf6bbc8eb6dbbb9198a6dbe9d926c63486ea003efaad3c4c8d2be0
GET /library/146936/4eb12a3a36c95b0c9ba8dc34422ceab674b357c4.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hegdcrxavrtk.cdnvideo3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:44:00 GMT
content-type: image/jpeg
content-length: 186503
last-modified: Mon, 23 Jan 2023 09:47:55 GMT
etag: "63ce57cb-2d887"
expires: Tue, 23 Jan 2024 09:59:45 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1706004921
server: CDN77-Turbo
x-77-nzt: AblMCQ3TlZ3/t9gPAA
x-77-nzt-ray: c0a4cc28890932f4f036de6350d3eb09
x-cache: HIT
x-age: 1038519
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 45496
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 77e225775154732b55c206faa6fce355
126bdaa18d9a1650b5e3a4e883d89188e8bbf136
af7fb0e6cfe7082af183bd2ba5ef43ab3ef3f9e6df2761ed4534bd48aa078798
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3868
x-amzn-requestid: 5ae7dc8b-55a8-4500-84ef-938727459c1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqHskoAMFpyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-662f24ed24651faa2323de32;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mk-qCGW538M5F88fom6XC1UmuzHd7qqEDUQQBdu-tVFn7-I4r547sg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:42:12 GMT
age: 43308
etag: "126bdaa18d9a1650b5e3a4e883d89188e8bbf136"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45c6a062f8637e689819f505b019dc0e
61665688f1039c4fad848853a68e28d057718ad1
c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 45460
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
twinrdsrv.com/preroll.engine?id=6ad96df4-2aad-435f-b4e3-8b8b1a0e95a1&zid=40316&cvs=%7BClientVideoSupport%7D&time=%7BTimeOffset%7D&stdtime=%7BStdTimeOffset%7D&abr=%7BIsAdblockRequest%7D&pageurl=%7BPageUrl%7D&tid=%7BTrackingId%7D&res=%7BResolution%7D&bw=%7BBrowserWidth%7D&bh=%7BBrowserHeight%7D&kw=Big+Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig+butt&referrerUrl=%7BReferrerUrl%7D&pw=%7BPlayerWidth%7D&ph=%7BPlayerHeight%7D
200 OK 12 kB URL HTTP/2 twinrdsrv.com/preroll.engine?id=6ad96df4-2aad-435f-b4e3-8b8b1a0e95a1&zid=40316&cvs=%7BClientVideoSupport%7D&time=%7BTimeOffset%7D&stdtime=%7BStdTimeOffset%7D&abr=%7BIsAdblockRequest%7D&pageurl=%7BPageUrl%7D&tid=%7BTrackingId%7D&res=%7BResolution%7D&bw=%7BBrowserWidth%7D&bh=%7BBrowserHeight%7D&kw=Big+Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig+butt&referrerUrl=%7BReferrerUrl%7D&pw=%7BPlayerWidth%7D&ph=%7BPlayerHeight%7D
IP
Hash d8c99042aed2c4784f599e5d1042f3d7
f64a5436a8d6beaa1dc599491db494e59cc29660
52a1aa13e4604dec15a69409fa0657f39d6ab66d1753e53088c720b5c8a9ae3d
GET /preroll.engine?id=6ad96df4-2aad-435f-b4e3-8b8b1a0e95a1&zid=40316&cvs=%7BClientVideoSupport%7D&time=%7BTimeOffset%7D&stdtime=%7BStdTimeOffset%7D&abr=%7BIsAdblockRequest%7D&pageurl=%7BPageUrl%7D&tid=%7BTrackingId%7D&res=%7BResolution%7D&bw=%7BBrowserWidth%7D&bh=%7BBrowserHeight%7D&kw=Big+Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig+butt&referrerUrl=%7BReferrerUrl%7D&pw=%7BPlayerWidth%7D&ph=%7BPlayerHeight%7D HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:44:00 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
access-control-allow-credentials: true
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: http://www.videojav.com
set-cookie: IKSR={}; path=/; SameSite=None; secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUc3t6fzwW33WAiON6F%2BlWwFlxT7%2BpwkqZE9x36%2BLt%2F3GCpSuU%2BQdsl8oj3zxlsNHZBCwT1pglyhMGTKW1WdI%2FD4HKglYQ1B7M8rLWgqg1oOQbzwtgZ5twHVdyP6uOY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942cefb5a6cfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d44d133a7527b71f30d15aa47d219fd5
a84fcef13c712dae95e7c0ad593de0eb1b9ccfcf
ed3a6905026cd6874ddfa4b3e817fe96486cab896413534deabb2bafb4dab681
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED3A6905026CD6874DDFA4B3E817FE96486CAB896413534DEABB2BAFB4DAB681"
Last-Modified: Fri, 03 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17229
Expires: Sat, 04 Feb 2023 15:31:09 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash a77a403e372f4666dcace965178133e9
cccb7b5a37a1230e83771390940a987e44b37af0
b6116cce21cf58ba0135985f352961ae7e9b52f84071049b37644b5f5f39c8d3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B6116CCE21CF58BA0135985F352961AE7E9B52F84071049B37644B5F5F39C8D3"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5583
Expires: Sat, 04 Feb 2023 12:17:03 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 15836
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 45219
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
go.xlviiirdr.com/smartpop/68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&memberId=11e487fb-515c-4f37-bdb8-b8ba9194e547&sourceId=7405&p1=45081&p2=68073&contentType=video/mp4&no_bb=1
302 Found 0 B URL HTTP/2 go.xlviiirdr.com/smartpop/68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&memberId=11e487fb-515c-4f37-bdb8-b8ba9194e547&sourceId=7405&p1=45081&p2=68073&contentType=video/mp4&no_bb=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&xhVersion=1&memberId=11e487fb-515c-4f37-bdb8-b8ba9194e547&sourceId=7405&p1=45081&p2=68073&contentType=video/mp4&no_bb=1 HTTP/1.1
Host: go.xlviiirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 04 Feb 2023 10:44:00 GMT
content-length: 0
location: https://go.xlirdr.com/api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397620&masterSmartpopId=2683&memberId=11e487fb-515c-4f37-bdb8-b8ba9194e547&no_bb=1&p1=45081&p2=68073&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7405&tag=-girls%2Findian&targetDomain=cambaddies.com&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30208&videosList=oil-show11&xhVersion=1
access-control-allow-origin: http://www.videojav.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=8782564.30208; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCeScBLPeXxw9eeb9uhgZ3ARA2c1a; SameSite=None; Secure; path=/; expires=Sun, 05-Feb-23 09:44:00 GMT; HttpOnly
server: cloudflare
cf-ray: 7942cefd7ca40b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=9dfd63aa-21c5-4daa-87ca-70f19cf4b237&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=81757de1aae7e6aa130b463b81c6956d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=9dfd63aa-21c5-4daa-87ca-70f19cf4b237&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=81757de1aae7e6aa130b463b81c6956d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=9dfd63aa-21c5-4daa-87ca-70f19cf4b237&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=81757de1aae7e6aa130b463b81c6956d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 10:44:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 29de6f45bb94fcf18d837d31ef162b02
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash a77a403e372f4666dcace965178133e9
cccb7b5a37a1230e83771390940a987e44b37af0
b6116cce21cf58ba0135985f352961ae7e9b52f84071049b37644b5f5f39c8d3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B6116CCE21CF58BA0135985F352961AE7E9B52F84071049B37644B5F5F39C8D3"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5583
Expires: Sat, 04 Feb 2023 12:17:03 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=9dfd63aa-21c5-4daa-87ca-70f19cf4b237&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=9800e5fc6ff3aca35add05938f7ac2c8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=9dfd63aa-21c5-4daa-87ca-70f19cf4b237&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=9800e5fc6ff3aca35add05938f7ac2c8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=9dfd63aa-21c5-4daa-87ca-70f19cf4b237&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=9800e5fc6ff3aca35add05938f7ac2c8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 10:44:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 167dc1f3421197db3e82123d7fa6f3e4
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/s/gts1p5/JOSWRLamYCo
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/JOSWRLamYCo
IP
Hash e755b311d8373f3666998d560d2ab0d2
ca9770909afe5e96f44450c80744113a26aea04c
e46a54ba60e23f467752512884ed570a1b3e1276a6b4c508486d8b366c4d44b0
POST /s/gts1p5/JOSWRLamYCo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:44:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
prejudiceinsure.com/sbar.json?key=9800e5fc6ff3aca35add05938f7ac2c8&uuid=9dfd63aa-21c5-4daa-87ca-70f19cf4b237%3A2%3A1
200 OK 3.5 kB URL HTTP/1.1 prejudiceinsure.com/sbar.json?key=9800e5fc6ff3aca35add05938f7ac2c8&uuid=9dfd63aa-21c5-4daa-87ca-70f19cf4b237%3A2%3A1
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6081), with no line terminators
Hash dad96a09cf468d92cc6c46642b575899
3b7b154a6823df46e513fce0f09df6f77b4913e0
f4a2591d11af2591cef4872ea7f419606dbadff91229da7859e686cc9e0845a3
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=9800e5fc6ff3aca35add05938f7ac2c8&uuid=9dfd63aa-21c5-4daa-87ca-70f19cf4b237%3A2%3A1 HTTP/1.1
Host: prejudiceinsure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.videojav.com
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 10:44:00 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.videojav.com
Access-Control-Allow-Origin: http://www.videojav.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17371661; expires=Sun, 05 Feb 2023 10:44:00 GMT; secure; SameSite=None
uid_id2=9dfd63aa-21c5-4daa-87ca-70f19cf4b237:2:1; expires=Sat, 11 Feb 2023 10:44:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 Feb 2023 10:44:00 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 Feb 2023 10:44:00 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 Feb 2023 10:44:00 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 Feb 2023 10:44:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3754d1ca2787ab190115b33e58bae530
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 358c0cc441f7401b74509340db8b0014
19c0c7970d9a01d09daa48fd89a756d3da76a4d8
f4b0f1711cc67ff151c6ce05827d1663b2569b55a669e8bb4a1dd21b3972dfea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4B0F1711CC67FF151C6CE05827D1663B2569B55A669E8BB4A1DD21B3972DFEA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2615
Expires: Sat, 04 Feb 2023 11:27:35 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Connection: keep-alive
go.xlirdr.com/api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397620&masterSmartpopId=2683&memberId=11e487fb-515c-4f37-bdb8-b8ba9194e547&no_bb=1&p1=45081&p2=68073&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7405&tag=-girls%2Findian&targetDomain=cambaddies.com&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30208&videosList=oil-show11&xhVersion=1
200 OK 820 B URL HTTP/2 go.xlirdr.com/api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397620&masterSmartpopId=2683&memberId=11e487fb-515c-4f37-bdb8-b8ba9194e547&no_bb=1&p1=45081&p2=68073&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7405&tag=-girls%2Findian&targetDomain=cambaddies.com&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30208&videosList=oil-show11&xhVersion=1
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1989), with no line terminators
Hash 272d448e77258c92af375b300dd5e4a5
c15f995b0ae1fbc3a8ee1aeb1e01ff974c383d99
19321e62a5a540e1be612613f479c30e3dbb333c149a3c10752929f5f7f5b6d6
GET /api/models/vast?campaignId=68260928b57f412a654bda3f2409e8c9a61a69f506dc4ba3c073a43c2be31490&campaignType=smartpop&contentType=video%2Fmp4&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397620&masterSmartpopId=2683&memberId=11e487fb-515c-4f37-bdb8-b8ba9194e547&no_bb=1&p1=45081&p2=68073&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3594&sourceId=7405&tag=-girls%2Findian&targetDomain=cambaddies.com&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=30208&videosList=oil-show11&xhVersion=1 HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://www.videojav.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:44:00 GMT
content-type: text/xml; charset=utf-8
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDfsBaY2bRYJiCeSRSGTzNwtDfLbsDbKZnN9GUvCk; SameSite=None; Secure; path=/; expires=Sun, 05-Feb-23 09:44:00 GMT; HttpOnly
server: cloudflare
cf-ray: 7942ceff0907b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/JOSWRLamYCo
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/JOSWRLamYCo
IP
Hash e755b311d8373f3666998d560d2ab0d2
ca9770909afe5e96f44450c80744113a26aea04c
e46a54ba60e23f467752512884ed570a1b3e1276a6b4c508486d8b366c4d44b0
POST /s/gts1p5/JOSWRLamYCo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:44:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash de26603d2dd53bbc97ab84a98a423fc8
0ef00c310251712fe1993300278436541a835629
a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4064
Expires: Sat, 04 Feb 2023 11:51:44 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash de26603d2dd53bbc97ab84a98a423fc8
0ef00c310251712fe1993300278436541a835629
a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4064
Expires: Sat, 04 Feb 2023 11:51:44 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 04 Feb 2023 10:44:00 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash de26603d2dd53bbc97ab84a98a423fc8
0ef00c310251712fe1993300278436541a835629
a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4064
Expires: Sat, 04 Feb 2023 11:51:44 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 98f0950ed03ec36f411e972a9c167b2a
f5da8f3faa05536769ce459ed3028a1f0bec4fb0
9db298b3908012b0310ffc50ae948424d0ec38a8f1f9b6ae09c36a64f596e91b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DB298B3908012B0310FFC50AE948424D0EC38A8F1F9B6AE09C36A64F596E91B"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12206
Expires: Sat, 04 Feb 2023 14:07:26 GMT
Date: Sat, 04 Feb 2023 10:44:00 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/83/3d/e5/833de546c56c331bebb4de53b31dba05/1669388537.png
200 OK 78 kB URL HTTP/2 cdn.cloudimagesb.com/si/83/3d/e5/833de546c56c331bebb4de53b31dba05/1669388537.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash b5363f9084c2365d15b9c8524ef0bad7
61bb4d49ffa7276b01447c15de4f4f9fc3da3c79
7939092319490c3a974f459a094ead8ab72bdc3915af2956c1fba6cf489d732a
GET /si/83/3d/e5/833de546c56c331bebb4de53b31dba05/1669388537.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:44:00 GMT
content-type: image/png
content-length: 78101
server: nginx/1.17.6
last-modified: Fri, 25 Nov 2022 15:02:26 GMT
etag: "6380d902-13115"
expires: Mon, 06 Feb 2023 10:44:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
200 OK 21 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP
Hash 3dc4d4b6b0d08d02130362a7dc0e4fd0
68e248add624490a760d884ceb71361141e677c1
2e2f1f341b83e8c79fa70d9db28649168e2d772d97f85dc0d64325f14ae30d14
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.videojav.com
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:44:01 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OixIdVnM4Hga8Py7n12LVmSVpbK2CzJQa6mImnrYdRuQiU8GXwBI9NCPGt8d6r1Swh3QisWbbOl1DfTzal6TmSQi0RIZU2gRhcBUZXF6Of%2BmU8u%2FkDMCMOpAJ4kIPCVJyZXoy4gXJCIw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942cf00fae0886d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.videojav.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 18:19:39 GMT
Expires: Sat, 03 Feb 2024 18:19:39 GMT
Cache-Control: public, max-age=31536000
Age: 59062
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
prejudiceinsure.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuzq4HXQR3EcGDOIiHFcyke3o6M7OLLMYYCa7ZsLuSi5fqqupJmequpqp7epJTcFFyEHf05LHzTbJBXWT3BwjS8SLBQ8aD5GB%2BgyDuWWYyMPoO9d5X3zt873vvi%2F38nLjI6dn6R3pHKkUXgrpbu74hE64LW1u7X%2FPcunuztiGTxebNWn%2F8mN4Nzw3q7lu1DwTb0gsN13Ndz%2FVqK9KISPcXJixk%2Brjj1Ttuvdmoe0ETffN%2FbHMHljrgvXNyDZKPntv89Skkq5DET5aF3cp0%2Bvb7ca5opg16%2FOjjZCvRRYJ4VkbGQZQcTbuh7YiQb%2Begk6PpBNC9g%2FEECOWIOH94CJOjqUyEvcMLpaGCSBDyKyh6FYSqIGkFph9A8lMCMI61O0jiR2vaFHT7gqVjdkQuP%2FsbshiRy3%2B%2BjCT%2BcUnJfu2eVnkmdWLRj0rIfgXZrZDmx8h2HMjiGCz7DJITJHEJyc%2Fe7PCIL%2FqUzjc8Fsw3OaXz7Raj8y038josaoYNvzWxRsoKMqqgxADUziG3DnLpII8c5KmDmJ%2FVaNCJXLcVhZHvt5uMMd9nLGgv8oD7zXbkImdj7QNk6QBMDcDMLlKziy35zWlw7XT5GUz%2BM%2BxmCcsd2Iygx0sUgqCwBAUlKCRBkREUvfKQK9uw5SOubB5609yYZr8c6qy7Tw911hUJ2U%2FPydWxbc7z117EljirddquK4KILUaRTxn1A8q5G3T8dtSirMHasLKEtHOg1sGOHJGrr3yOVI7IHP0NIT2GVcdg8iXQ%2FDXQYthquKCbw2bbxU7ypCfMdmSESLVJ6kzH4LpEml1Gtu3sq3Py6mSFN965AsFObo0efnL9n%2BohmCmRmhKfyl8IumpveFcX5OCuLix5eifNZCx36Hi99zKaiUvffyi2C2346rIdfPcuGxPj8vF9YbPbNOEy6Vryw5LkXJgVbZggP63aDRGu53ZzKTdJnt5ef29lNU6NsFbqpAKVp%2FZLMDkiL%2Bx9NTnc19%2BIIU0Fk5eI8xMyDUhdgaW7sOlMvdUERs16wtRBkZdD0whnn0oSKDHDNCxh%2F4PDWb1v99A1Dmj2YHKuPVOip0pQNYDNLw2z1Jzc%2Bt2fBELlDENlnINQGfX1hbVWntUCrynaYbvFOA8F416r4bd9121w3mx1hNdBZkfsfPGvfwEAAP%2F%2FAQAA%2F%2F9Dhg1tkAQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 prejudiceinsure.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuzq4HXQR3EcGDOIiHFcyke3o6M7OLLMYYCa7ZsLuSi5fqqupJmequpqp7epJTcFFyEHf05LHzTbJBXWT3BwjS8SLBQ8aD5GB%2BgyDuWWYyMPoO9d5X3zt873vvi%2F38nLjI6dn6R3pHKkUXgrpbu74hE64LW1u7X%2FPcunuztiGTxebNWn%2F8mN4Nzw3q7lu1DwTb0gsN13Ndz%2FVqK9KISPcXJixk%2Brjj1Ttuvdmoe0ETffN%2FbHMHljrgvXNyDZKPntv89Skkq5DET5aF3cp0%2Bvb7ca5opg16%2FOjjZCvRRYJ4VkbGQZQcTbuh7YiQb%2Begk6PpBNC9g%2FEECOWIOH94CJOjqUyEvcMLpaGCSBDyKyh6FYSqIGkFph9A8lMCMI61O0jiR2vaFHT7gqVjdkQuP%2FsbshiRy3%2B%2BjCT%2BcUnJfu2eVnkmdWLRj0rIfgXZrZDmx8h2HMjiGCz7DJITJHEJyc%2Fe7PCIL%2FqUzjc8Fsw3OaXz7Raj8y038josaoYNvzWxRsoKMqqgxADUziG3DnLpII8c5KmDmJ%2FVaNCJXLcVhZHvt5uMMd9nLGgv8oD7zXbkImdj7QNk6QBMDcDMLlKziy35zWlw7XT5GUz%2BM%2BxmCcsd2Iygx0sUgqCwBAUlKCRBkREUvfKQK9uw5SOubB5609yYZr8c6qy7Tw911hUJ2U%2FPydWxbc7z117EljirddquK4KILUaRTxn1A8q5G3T8dtSirMHasLKEtHOg1sGOHJGrr3yOVI7IHP0NIT2GVcdg8iXQ%2FDXQYthquKCbw2bbxU7ypCfMdmSESLVJ6kzH4LpEml1Gtu3sq3Py6mSFN965AsFObo0efnL9n%2BohmCmRmhKfyl8IumpveFcX5OCuLix5eifNZCx36Hi99zKaiUvffyi2C2346rIdfPcuGxPj8vF9YbPbNOEy6Vryw5LkXJgVbZggP63aDRGu53ZzKTdJnt5ef29lNU6NsFbqpAKVp%2FZLMDkiL%2Bx9NTnc19%2BIIU0Fk5eI8xMyDUhdgaW7sOlMvdUERs16wtRBkZdD0whnn0oSKDHDNCxh%2F4PDWb1v99A1Dmj2YHKuPVOip0pQNYDNLw2z1Jzc%2Bt2fBELlDENlnINQGfX1hbVWntUCrynaYbvFOA8F416r4bd9121w3mx1hNdBZkfsfPGvfwEAAP%2F%2FAQAA%2F%2F9Dhg1tkAQAAA%3D%3D
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuzq4HXQR3EcGDOIiHFcyke3o6M7OLLMYYCa7ZsLuSi5fqqupJmequpqp7epJTcFFyEHf05LHzTbJBXWT3BwjS8SLBQ8aD5GB%2BgyDuWWYyMPoO9d5X3zt873vvi%2F38nLjI6dn6R3pHKkUXgrpbu74hE64LW1u7X%2FPcunuztiGTxebNWn%2F8mN4Nzw3q7lu1DwTb0gsN13Ndz%2FVqK9KISPcXJixk%2Brjj1Ttuvdmoe0ETffN%2FbHMHljrgvXNyDZKPntv89Skkq5DET5aF3cp0%2Bvb7ca5opg16%2FOjjZCvRRYJ4VkbGQZQcTbuh7YiQb%2Begk6PpBNC9g%2FEECOWIOH94CJOjqUyEvcMLpaGCSBDyKyh6FYSqIGkFph9A8lMCMI61O0jiR2vaFHT7gqVjdkQuP%2FsbshiRy3%2B%2BjCT%2BcUnJfu2eVnkmdWLRj0rIfgXZrZDmx8h2HMjiGCz7DJITJHEJyc%2Fe7PCIL%2FqUzjc8Fsw3OaXz7Raj8y038josaoYNvzWxRsoKMqqgxADUziG3DnLpII8c5KmDmJ%2FVaNCJXLcVhZHvt5uMMd9nLGgv8oD7zXbkImdj7QNk6QBMDcDMLlKziy35zWlw7XT5GUz%2BM%2BxmCcsd2Iygx0sUgqCwBAUlKCRBkREUvfKQK9uw5SOubB5609yYZr8c6qy7Tw911hUJ2U%2FPydWxbc7z117EljirddquK4KILUaRTxn1A8q5G3T8dtSirMHasLKEtHOg1sGOHJGrr3yOVI7IHP0NIT2GVcdg8iXQ%2FDXQYthquKCbw2bbxU7ypCfMdmSESLVJ6kzH4LpEml1Gtu3sq3Py6mSFN965AsFObo0efnL9n%2BohmCmRmhKfyl8IumpveFcX5OCuLix5eifNZCx36Hi99zKaiUvffyi2C2346rIdfPcuGxPj8vF9YbPbNOEy6Vryw5LkXJgVbZggP63aDRGu53ZzKTdJnt5ef29lNU6NsFbqpAKVp%2FZLMDkiL%2Bx9NTnc19%2BIIU0Fk5eI8xMyDUhdgaW7sOlMvdUERs16wtRBkZdD0whnn0oSKDHDNCxh%2F4PDWb1v99A1Dmj2YHKuPVOip0pQNYDNLw2z1Jzc%2Bt2fBELlDENlnINQGfX1hbVWntUCrynaYbvFOA8F416r4bd9121w3mx1hNdBZkfsfPGvfwEAAP%2F%2FAQAA%2F%2F9Dhg1tkAQAAA%3D%3D HTTP/1.1
Host: prejudiceinsure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Cookie: u_pl=17371661; uid_id2=9dfd63aa-21c5-4daa-87ca-70f19cf4b237:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 10:44:01 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9630082c586a81cfef39048cead0d7d5
Strict-Transport-Security: max-age=0; includeSubdomains
prejudiceinsure.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 prejudiceinsure.com/pixel/sbs?c=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: prejudiceinsure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Cookie: u_pl=17371661; uid_id2=9dfd63aa-21c5-4daa-87ca-70f19cf4b237:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 10:44:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
pogothere.xyz/asd100.bin
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://www.videojav.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sat, 04 Feb 2023 10:43:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hlp8G%2BsGtCwUKmKt%2BLmTptQejgCdYES9ZaRoMLrZaJSBCLaHaLzAMuThqz9HcahH0tJi8qwV5svlW6jw6S%2Fm9rG8Sf%2FYPMzCm2vazUqxv%2BwSMIMD6Lh6EnL6qF1Azed%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942cef2f88f777a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
twinrdsrv.com/preroll.engine?id=de9319ce-c948-4420-b00f-01013a3c1f77&zid=52155&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Big+Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig+butt&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight}
200 OK 0 B URL HTTP/2 twinrdsrv.com/preroll.engine?id=de9319ce-c948-4420-b00f-01013a3c1f77&zid=52155&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Big+Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig+butt&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight}
IP
GET /preroll.engine?id=de9319ce-c948-4420-b00f-01013a3c1f77&zid=52155&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Big+Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig+butt&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight} HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:44:00 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
access-control-allow-credentials: true
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: http://www.videojav.com
set-cookie: IKSR={}; path=/; SameSite=None; secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mvgf0Nijnfw%2F1q32dwUEK5x7W7M0gesEKJOq4JvNLfjCd9Be7unNtVrPv4UOkNRFznrltQaRLgIkwm5F1JGZLA2qXIZYbyDhpZEvIGBjBZBfQFEQbtvkn0AwmH0E%2BI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942cefb4a64fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hegdcrxavrtk.cdnvideo3.com/api/spots/410357?host=www.videojav.com&ev=204&wh=939&ww=1280&uuid=&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25
200 OK 0 B URL HTTP/2 hegdcrxavrtk.cdnvideo3.com/api/spots/410357?host=www.videojav.com&ev=204&wh=939&ww=1280&uuid=&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25
IP
ASN #24940 Hetzner Online GmbH
GET /api/spots/410357?host=www.videojav.com&ev=204&wh=939&ww=1280&uuid=&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25 HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 10:44:00 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=OaQL0GA6bnuuoRFJwj12; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
tsyndicate.com/do2/5a4d8c9f24e543abb29e2f21424e70ea/vast?
200 OK 0 B URL HTTP/2 tsyndicate.com/do2/5a4d8c9f24e543abb29e2f21424e70ea/vast?
IP
ASN #24940 Hetzner Online GmbH
GET /do2/5a4d8c9f24e543abb29e2f21424e70ea/vast? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 10:43:59 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: http://www.videojav.com
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: 06e9e7076969cd52
set-cookie: ts_uid=ee5801b3-3d02-4075-b24f-a5b875be98af; expires=Fri, 04 Aug 2023 10:43:59 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZMmbMiFFjRhcWIsYU3BLjoYgyE2PYuFGjRo4ZOGbk6NJH; expires=Sun, 05 Feb 2023 10:43:59 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1123696107%3A1675507439557856&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcPHDebE4hOMslp5MkyEZicVDO8wMb-1eQYKRRdXk0pXgEJ0g_j6J1xoowANVPKBdXXnVYOCQ
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1123696107%3A1675507439557856&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcPHDebE4hOMslp5MkyEZicVDO8wMb-1eQYKRRdXk0pXgEJ0g_j6J1xoowANVPKBdXXnVYOCQ
IP
GET /v3/signin/identifier?dsh=S-1123696107%3A1675507439557856&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcPHDebE4hOMslp5MkyEZicVDO8wMb-1eQYKRRdXk0pXgEJ0g_j6J1xoowANVPKBdXXnVYOCQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Feb 2023 10:43:59 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-u1JcgYXRiSpPC-BIRAHTFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.videojav.com/extension/aine/hum/g.php
200 OK 0 B URL HTTP/2 www.videojav.com/extension/aine/hum/g.php
IP
GET /extension/aine/hum/g.php HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: application/javascript
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QWkDl23XEmgDKkJ43Ho6ca%2F6%2BKgZsuP0BgnDHikxxwQOy4GY6zK%2FOYxn1bDrW5PkzOy3%2BHQgKk8MEDUA6jAJPpKIpERvWnZpEmCjBJNXRhzRyoZ9ZOYWcqfEzvFX83T6LE7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942ceefa90a0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.videojav.com/js/main.js?v=1.2
200 OK 0 B URL HTTP/2 www.videojav.com/js/main.js?v=1.2
IP
GET /js/main.js?v=1.2 HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: application/javascript
last-modified: Tue, 04 May 2021 08:04:58 GMT
vary: Accept-Encoding
etag: W/"6091002a-5120"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 11813876
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3O%2Fm6j351HSoPIzY5g1ux7L26JEWI%2BzVfvjUx7kCYGN8BWUIDrNj8wH%2F6dwkAGx3yJMoVr9mWOuiuToeV2V6z0mBJthYjUFPs2DMmDfgEjHmmHnvtF9OMSjOeqK9STa2k6Mx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942ceeff9520b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
200 OK 0 B URL HTTP/2 unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
IP
GET /silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Wed, 10 Jan 2018 00:56:00 GMT
etag: W/"5329-e6FW82qZOTCVRh707R8p5aJnMuY"
via: 1.1 fly.io
fly-request-id: 01G7549ZE3WWN11S6HGDRQ6KSN-fra
cf-cache-status: HIT
age: 18551460
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7942cef03ca5fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
hegdcrxavrtk.cdnvideo3.com/api/spots/309158?host=www.videojav.com&ev=204&wh=939&ww=1280&uuid=&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25
200 OK 0 B URL HTTP/2 hegdcrxavrtk.cdnvideo3.com/api/spots/309158?host=www.videojav.com&ev=204&wh=939&ww=1280&uuid=&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25
IP
ASN #24940 Hetzner Online GmbH
GET /api/spots/309158?host=www.videojav.com&ev=204&wh=939&ww=1280&uuid=&kw=Big%20Tits%2CJapanese%2CAsian%2Chd%2CMassage%2Cstraight%2Cbig%20butt&s1=%25subid1%25 HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 10:43:59 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=kDYTUbwZH4DFNZyCLelY; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
hegdcrxavrtk.cdnvideo3.com/gHEi7g5.js
200 OK 0 B URL HTTP/1.1 hegdcrxavrtk.cdnvideo3.com/gHEi7g5.js
IP
ASN #24940 Hetzner Online GmbH
GET /gHEi7g5.js HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.videojav.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 10:43:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 11:45:01 GMT
ETag: W/"63dba23d-2a581"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Vary: Accept-Encoding, Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 990c1aa70667fe4e8f93d88ac8400fc4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: Ek6UgNfuohJEdD8FpCc2lxiYjWT3ahdh_TSWLB6BxXJGhVRHtnpIWg==
Age: 206
Content-Encoding: gzip
hegdcrxavrtk.cdnvideo3.com/api/settings/377395
200 OK 0 B URL HTTP/2 hegdcrxavrtk.cdnvideo3.com/api/settings/377395
IP
ASN #24940 Hetzner Online GmbH
GET /api/settings/377395 HTTP/1.1
Host: hegdcrxavrtk.cdnvideo3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
a.realsrv.com/nativeads-v2.js
200 OK 0 B URL HTTP/2 a.realsrv.com/nativeads-v2.js
IP
ASN #60068 Datacamp Limited
GET /nativeads-v2.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hegdcrxavrtk.cdnvideo3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: application/javascript
etag: W/"21b43fd9d304f2027f605b8ad4d"
expires: Thu, 02 Feb 2023 18:45:37 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1675514815
server: CDN77-Turbo
x-77-nzt: AblMCRRpaZj/Xw0AAA
x-77-nzt-ray: af5856307caeaf0cee36de6369842e39
x-cache: HIT
x-age: 3423
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 4OiZoxCl1rP2fw9yEkoptxXhk2L1zKhzBGA7+LVPyQtMJ+9uFDrt2HnhpxvBLDMSVVAGnPAzNdgaN/h0wPB/mQ==
date: Sat, 04 Feb 2023 10:43:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:44:00 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 761099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrBiRLifT%2FAhVeC7hymmN3AUj7XrMAUomgVXv5FHc2ckV3AfJeJ7ezNJ%2FI5iRiKgCZc4zVZq4eRhSgM0tJnVK6eIYoHrdfOuo8raUFRSudBE5QxeuC%2BueE3j1h7z01uji6toFVeNR1PW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942cf012b46886d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tsyndicate.com/do2/5cb88775434f4889bb921e0d5254481d/vast?
200 OK 0 B URL HTTP/2 tsyndicate.com/do2/5cb88775434f4889bb921e0d5254481d/vast?
IP
ASN #24940 Hetzner Online GmbH
GET /do2/5cb88775434f4889bb921e0d5254481d/vast? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.videojav.com/
Origin: http://www.videojav.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 10:43:59 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: http://www.videojav.com
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: f24326d409884062
set-cookie: ts_uid=564c6666-92f1-470c-be5a-e6552023261b; expires=Fri, 04 Aug 2023 10:43:59 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZMWjMwIGwCwsRYwpuieFQRBmJMWzcqFEjx8IZObr0URAQ; expires=Sun, 05 Feb 2023 10:43:59 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js
302 Found 0 B URL HTTP/2 unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js
IP
GET /silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GRE0BNMNJR6A5E1R20JG7M92-fra
cf-cache-status: HIT
age: 48
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7942ceefac50fab8-OSL
X-Firefox-Spdy: h2
www.videojav.com/js/kvs/main.min.js?v=1.2
200 OK 0 B URL HTTP/2 www.videojav.com/js/kvs/main.min.js?v=1.2
IP
GET /js/kvs/main.min.js?v=1.2 HTTP/1.1
Host: www.videojav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:43:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Apr 2020 09:02:48 GMT
vary: Accept-Encoding
etag: W/"5ea69fb8-444ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 11813876
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xCTOIBdyGRMrAl8nbjW6Rb3hceBZoUU%2B6KJyki9S%2BFIsxzL0yzttGlrA0oLysSqWIKJdmU8VX9fskaUYHfiPXavcKNOD%2FOvsoFTStNHnuPJVS8waH1iTRHey1JkuGStgtI2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942ceeff95c0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700
IP
GET /css?family=Roboto:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.videojav.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 10:43:58 GMT
date: Sat, 04 Feb 2023 10:43:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.videojav.com
Connection: keep-alive
Referer: http://www.videojav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 10:44:00 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 04 Feb 2023 11:44:00 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
104.21.21.190
8.254.252.211
78.140.187.215
31.13.72.36
135.181.208.216
136.243.80.153
23.36.76.226
93.184.220.29