Report - favor.jtube.top/

Report Overview

Visitedpublic

2024-12-07 03:44:39

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
obmenvsemfiles.net	535028	2020-06-19	2020-06-19	2024-11-27	477 B	34 kB	82.192.80.149
www.savdz.com	unknown	unknown	No data	No data	385 B	781 B	23.225.183.189
www.vecteezy.com	80373	2007-04-27	2012-08-08	2023-10-19	557 B	674 B	0.0.0.0
img2.javdove.com	unknown	unknown	No data	No data	456 B	22 kB	104.21.235.11
image.fmkorea.com	395291	2001-03-06	2015-10-30	2024-11-21	931 B	7.3 kB	93.184.223.182
cdn2-thumbs.worldsex.com	762968	1996-11-25	2017-02-03	2023-11-07	473 B	7.7 kB	64.210.135.115
www.blacktowhite.net	unknown	2007-09-21	2014-01-17	2024-12-05	898 B	98 kB	192.243.63.82
cdne-pics.youjizz.com	133153	2007-10-22	2017-01-30	2024-11-21	897 B	32 kB	64.210.135.119
18sese.top	unknown	unknown	No data	No data	396 B	16 kB	38.207.133.102
favor.jtube.top	unknown	unknown	No data	No data	559 B	28 kB	188.114.96.1
en.vidmo.pro	unknown	2022-04-10	2022-04-11	2024-12-05	2.8 kB	118 kB	89.248.193.244
emb4.teensexadd.com	unknown	2018-08-21	2019-06-18	2023-02-02	487 B	10 kB	213.174.142.67
rrs1.xyz	772340	2020-04-07	2021-07-04	2024-03-12	835 B	17 kB	104.21.235.159
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2024-12-04	872 B	63 kB	142.250.74.106
img.youtube.com	3087	2005-02-15	2012-05-30	2024-12-04	2.6 kB	106 kB	142.250.74.46
www.sesez.com	unknown	2010-03-17	2014-10-27	2024-03-27	385 B	4.9 kB	188.114.96.1
roriruo.com	unknown	2019-11-12	2019-11-12	2024-04-13	385 B	966 B	104.21.34.203
img.hgimg01.com	unknown	2023-05-01	2023-05-17	2024-11-03	470 B	0 B	0.0.0.0
periteen.com	unknown	2022-12-21	2022-12-21	2023-10-19	384 B	1.4 kB	195.35.15.48
jsjs.4jpg.top	unknown	2024-03-07	2024-03-08	2024-12-05	824 B	274 kB	188.114.96.1
cdn.hotscope.tv	542115	unknown	2019-06-17	2024-12-03	4.0 kB	75 kB	51.83.238.19
pic4.cdnclouder.com	458406	2020-04-17	2021-11-15	2024-11-27	509 B	12 kB	78.140.183.240
www.youhu.com	unknown	2003-05-31	2024-01-29	2024-12-06	1.3 kB	544 B	15.197.148.33
rule34porn.net	unknown	2020-11-01	2017-03-12	2024-11-30	1.2 kB	49 kB	172.67.132.222
cav102.com	unknown	2022-07-28	2022-07-28	2024-11-29	1.3 kB	219 kB	45.145.72.132
cacrz.4jpg.top	unknown	2024-03-07	2024-04-16	2024-12-05	399 B	9.7 kB	104.21.77.220
kompoz2.com	61320	2020-09-04	2020-09-07	2024-06-17	385 B	870 B	188.114.97.1
v.sina.cn	unknown	2003-03-17	2017-01-29	2024-12-06	383 B	334 B	0.0.0.0
pornohub24.ru	unknown	2015-12-18	2016-02-13	2024-12-03	856 B	18 kB	193.163.7.2
filmesporno.xxx	560351	unknown	2019-03-31	2024-12-06	857 B	15 kB	172.67.218.93
www.effedupmovies.com	950383	2017-08-24	2018-01-06	2024-11-28	1.3 kB	15 kB	101.99.88.242
jysheqwrf.cfd	unknown	2024-12-03	2024-12-03	2024-12-05	387 B	860 B	104.21.17.181
rtgallery.net	581632	2021-12-29	2022-03-30	2024-12-07	2.1 kB	102 kB	5.63.144.85
www.rbe66.com	unknown	2021-02-25	2021-02-28	2024-12-05	845 B	34 kB	104.21.15.99
cdn.onlyindianporn.tv	655290	unknown	2019-01-29	2024-12-06	437 B	7.0 kB	172.67.183.233
vidmo.org	337758	2012-10-07	2013-01-12	2024-11-08	381 B	5.7 kB	89.248.193.244
m.thisav.com	437225	2009-09-25	2014-02-12	2024-11-18	386 B	1.0 kB	0.0.0.0
treeyork.com	unknown	2024-01-14	2024-01-14	2024-11-30	15 kB	3.0 MB	104.26.10.85
p15-kimg.kwai.net	unknown	1999-10-05	2024-07-17	2024-12-03	1.3 kB	29 kB	54.240.174.114
img.qianju.cc	unknown	2021-09-23	2023-05-21	2024-12-05	1.4 kB	876 B	49.12.170.211
pic.duga.jp	673990	2006-02-24	2012-09-30	2024-11-30	880 B	141 kB	59.106.25.10
www.dirtysancheztube.com	unknown	2015-11-26	2017-04-21	2024-12-06	850 B	16 kB	172.67.216.69
hotntubes.com	389889	2015-03-03	2015-03-23	2024-04-10	385 B	1.5 kB	117.55.203.10
x-xx.pro	427860	2020-08-16	2020-10-16	2023-10-20	380 B	1.5 kB	185.73.221.144
okashik.atype.jp	860808	2005-11-20	2017-04-25	2024-11-28	824 B	206 kB	39.110.226.221
www.savsq.com	unknown	2023-03-21	2023-04-23	2024-03-03	385 B	781 B	23.225.183.189
www.sesenovel.com	unknown	unknown	No data	No data	389 B	565 B	38.207.133.102
www.ssnovel.top	unknown	2023-08-22	2023-08-26	2024-12-06	892 B	0 B	0.0.0.0
aporntv.com	362869	2014-10-07	2015-11-08	2024-07-12	385 B	948 B	0.0.0.0
uzbak.ru	unknown	2018-11-20	2018-12-31	2022-09-15	807 B	40 kB	51.83.213.151
www.youxvids.com	unknown	unknown	No data	No data	831 B	4.3 kB	104.21.234.160
www.thisav.com	369325	2009-09-25	2012-07-20	2024-12-06	400 B	1.1 kB	104.26.14.144
savsp.cc	unknown	unknown	No data	No data	380 B	349 B	82.192.82.226
recordtv.r7.com	185901	1996-04-14	2017-01-30	2023-09-12	387 B	179 B	23.45.147.146
www.xvideos.com	11464	1997-12-30	2012-05-21	2024-12-04	387 B	15 kB	185.88.181.11
savsq.com	unknown	2023-03-21	2023-03-22	2024-11-18	381 B	781 B	23.225.183.189
99xing.cc	unknown	2022-01-12	2022-05-10	2023-07-02	383 B	835 B	188.114.97.1
sasisa.ru	472964	2005-01-12	2016-04-26	2024-11-08	383 B	0 B	0.0.0.0
images.lourmel.nl	unknown	2023-06-16	2023-09-14	2023-12-07	429 B	9.9 kB	104.21.64.1
vjav2.com	unknown	2019-11-05	2019-11-25	2024-04-15	842 B	15 kB	104.21.65.63
22554.2514june2024.com	unknown	2024-06-02	2024-10-28	2024-12-06	406 B	7.1 kB	88.208.22.2
www.w3schools.com	17487	2000-03-21	2014-02-05	2024-12-06	418 B	5.9 kB	192.229.133.221
www.kwai.com	410749	2002-01-16	2014-12-08	2024-12-07	417 B	19 kB	23.33.119.170
www.fmkorea.com	137706	2001-03-06	2014-11-04	2024-11-08	401 B	1.1 kB	93.184.223.182
www.pornlulu.com	398147	2021-05-17	2021-07-12	2024-12-06	390 B	881 B	104.21.80.1
img.xvideosporno.blog	unknown	unknown	No data	No data	475 B	17 kB	172.67.192.69
thumb.aporntv.com	609763	2014-10-07	2018-03-19	2024-12-03	1.1 kB	11 kB	104.26.0.238
d2wuern4tlyyou.cloudfront.net	unknown	unknown	No data	No data	491 B	38 kB	54.230.241.50
wild-kitty.net	930527	2016-11-16	2017-10-05	2024-11-18	779 B	29 kB	104.21.40.107
rapefilms.net	596447	2012-04-01	2013-12-26	2024-11-18	387 B	0 B	0.0.0.0
toprealincestporn.com	unknown	2019-08-07	2019-08-27	2024-04-14	847 B	10 kB	172.67.216.60
www.pornfuck.mobi	unknown	2023-12-28	2023-09-28	2024-11-02	464 B	1.1 kB	104.26.1.129
fapdig.com	474236	2017-03-03	2017-08-25	2024-12-06	1.7 kB	46 kB	104.21.6.130
cav105.com	unknown	2022-07-28	2015-04-19	2024-02-24	849 B	91 kB	45.145.72.132
n.sinaimg.cn	40343	2007-03-28	2014-03-05	2024-12-04	444 B	19 kB	47.246.44.224
www.twi-dl.net	unknown	2024-05-15	2024-09-09	2024-12-06	386 B	4.2 kB	188.114.97.1
cdn.kompoz2.com	291861	2020-09-04	2020-09-27	2024-12-06	462 B	4.4 kB	172.67.206.129
p21-kimg.kwai.net	unknown	1999-10-05	2024-07-10	2024-11-28	637 B	11 kB	104.18.48.7
www.pornfuck.net	631366	2011-02-05	2020-04-16	2023-07-07	390 B	892 B	0.0.0.0
javlulu.com	unknown	2024-06-16	2020-02-09	2024-12-05	1.4 kB	2.6 kB	104.21.44.73
pornmaster.fun	393321	2021-01-27	2021-01-28	2024-05-27	388 B	0 B	0.0.0.0
stickamvids.net	463339	2011-03-02	2014-10-12	2024-12-05	1.7 kB	24 kB	80.92.205.167
static.themebuilder.aws.arc.pub	886069	2015-05-22	2022-02-09	2024-12-04	448 B	40 kB	143.204.55.98
image.baophapluat.vn	unknown	unknown	No data	No data	489 B	115 kB	222.255.114.107
mc.webvisor.org	17571	2009-08-25	2017-08-16	2024-12-05	3.3 kB	4.5 kB	77.88.21.119
www.worldsex.com	unknown	1996-11-25	2017-02-04	2023-11-01	388 B	1.7 kB	66.254.98.132
www.coolsexnew.com	493462	2021-04-14	2022-01-05	2024-10-17	850 B	7.0 kB	104.21.233.126
rolotube.com	349204	2018-10-13	2019-02-15	2024-11-30	811 B	2.4 kB	104.21.233.145
russkie.tv	unknown	unknown	2021-12-11	2023-02-16	382 B	3.0 kB	188.114.97.1
static.vecteezy.com	44978	2007-04-27	2012-10-01	2024-12-03	673 B	231 kB	104.18.4.151
cdn5-thumbs.motherlessmedia.com	168882	2008-10-11	2018-12-23	2024-12-07	3.6 kB	203 kB	185.107.92.224
1top.club	unknown	unknown	2015-06-25	2023-02-23	844 B	54 kB	54.38.205.67
www.wmur.com	124586	1995-10-06	2012-09-30	2023-10-24	384 B	771 B	151.101.65.55
mangyte.vn	unknown	unknown	2016-02-25	2024-01-24	382 B	104 kB	115.146.121.153
onlyindianporn.tv	155812	unknown	2024-11-28	2024-11-28	391 B	955 B	0.0.0.0
www.ttsp.tv	unknown	2021-08-17	2022-06-05	2023-05-11	385 B	0 B	0.0.0.0
av.tub4us.top	unknown	2024-03-09	2024-03-24	2024-12-05	979 B	123 kB	104.21.60.213
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-12-04	422 B	67 kB	104.18.187.31
motherless.com	95743	2005-11-19	2012-05-21	2024-12-06	386 B	1.5 kB	185.107.81.234
www.boy18tube.com	785975	2010-05-21	2014-07-19	2024-10-20	389 B	8.0 kB	45.133.44.101
fcclr.com	unknown	2022-09-26	2014-06-14	2023-11-18	383 B	986 B	0.0.0.0
cdn5.pornmaster.fun	unknown	2021-01-27	2021-01-28	2024-03-05	694 B	0 B	0.0.0.0
css.4jpg.top	unknown	2024-03-07	2024-03-18	2024-12-05	415 B	2.7 kB	104.21.77.220
ads.google.com	27064	1997-09-15	2013-08-25	2024-12-06	387 B	206 B	216.58.207.206
area51porn.net	unknown	2023-05-24	2023-05-28	2024-05-10	386 B	808 B	104.21.12.85
www.topasiansporn.com	unknown	unknown	No data	No data	393 B	784 B	46.229.174.195
baophapluat.vn	230690	unknown	2015-04-15	2023-11-24	766 B	454 B	123.30.41.185
timg191.top	unknown	unknown	No data	No data	475 B	1.2 kB	0.0.0.0
sorkab.com	unknown	2018-06-30	2021-02-01	2024-11-30	3.1 kB	224 kB	104.21.234.105
blumpkintube.com	582847	2015-11-26	2017-05-23	2024-12-07	846 B	15 kB	172.67.148.206
cdn1.hotmoza.tv	562962	unknown	2018-01-22	2024-12-06	920 B	43 kB	172.67.217.174
thumbs.xnxx-xxx.pro	unknown	unknown	2021-07-21	2022-11-28	456 B	9.7 kB	172.67.185.134
hotscope.tv	320260	unknown	2016-06-25	2024-11-08	383 B	989 B	51.83.238.19
videopreview.chezcathy.com	unknown	2007-03-03	2024-11-08	2024-12-07	1.8 kB	48 kB	104.21.235.159
thumbs1.2beeg.net	unknown	2018-01-17	2018-01-26	2024-03-25	461 B	16 kB	172.67.177.188
img.russkie.tv	unknown	unknown	2022-06-13	2024-12-03	431 B	12 kB	104.21.56.138
c.anhmoecdn.biz	unknown	2024-11-05	2024-12-03	2024-12-05	426 B	41 kB	104.21.59.150
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2024-12-04	432 B	5.0 kB	104.17.24.14
comments.4jpg.top	unknown	2024-03-07	2024-03-24	2024-12-05	412 B	1.1 kB	0.0.0.0
obmenvsem.org	216361	2019-04-02	2019-04-04	2023-09-08	385 B	15 kB	82.192.80.133
xvideosporno.blog.br	478860	2015-03-05	2015-03-27	2024-11-18	872 B	29 kB	104.26.10.106
sycdn.ddljsytt.com	unknown	2024-10-22	2024-10-25	2024-11-04	470 B	19 kB	104.26.15.52
icdn05.boy18tube.com	unknown	2010-05-21	2022-11-15	2024-10-20	433 B	14 kB	45.133.44.6
dojki.biz	unknown	2020-04-12	2014-12-13	2023-10-05	848 B	59 kB	207.180.194.251
www.googletagmanager.com	75	2011-11-11	2012-10-04	2024-12-04	419 B	78 kB	142.250.74.168
xvideos.com	5590	1997-12-30	2012-05-21	2024-07-29	383 B	15 kB	185.88.181.7
teensexadd.com	416091	2018-08-21	2021-02-01	2024-12-06	386 B	309 B	173.214.250.4
28892384-22554-ex.somentibrot.com	unknown	2024-09-22	2024-12-07	2024-12-07	1.3 kB	2.3 kB	88.208.22.3
s8.jshumeng.com	unknown	2019-10-20	2023-11-07	2024-12-06	936 B	0 B	0.0.0.0
www.cnhuayitang.com	unknown	unknown	No data	No data	393 B	837 B	104.21.42.217
jpgjingpinx.com	unknown	2024-06-22	2024-07-25	2024-12-05	6.1 kB	1.8 MB	137.175.7.66
www.twi-videos.net	unknown	2021-07-05	2021-11-10	2024-12-06	390 B	1.1 kB	172.67.181.85
www.pornfactory.info	283481	2015-12-17	2016-10-30	2024-06-17	394 B	919 B	0.0.0.0
oedy9.com	unknown	2023-10-27	2024-10-19	2024-11-28	383 B	2.3 kB	188.114.96.1
hotmoza.tv	207693	unknown	2018-01-17	2024-10-31	384 B	964 B	0.0.0.0
vtb.akamaized.net	unknown	2014-03-18	2022-06-10	2023-09-29	555 B	26 kB	95.101.11.74
kubrick.htvapps.com	11995	2016-05-26	2018-10-15	2024-07-02	541 B	11 kB	151.101.129.114
www.po-kaki-to.com	unknown	2011-09-18	2012-07-18	2024-12-06	845 B	56 kB	104.21.233.244
www.youtube.com	90	2005-02-15	2013-04-13	2024-12-04	401 B	864 B	142.250.74.46
sekesporno.net	unknown	2016-09-18	2014-11-06	2024-10-22	388 B	953 B	0.0.0.0
thisav.com	170091	2009-09-25	2012-07-03	2024-12-06	768 B	2.0 kB	0.0.0.0
cdn3.pornmaster.fun	unknown	2021-01-27	2021-01-28	2024-04-22	733 B	0 B	0.0.0.0
www.91rb.net	833512	2019-09-22	2019-12-02	2024-12-05	843 B	36 kB	172.67.204.28
vip.pornbraze.com	491480	2015-02-13	2016-11-24	2024-10-31	391 B	0 B	0.0.0.0
javp1.cc	unknown	2024-06-30	2024-07-01	2024-12-07	6.1 kB	52 kB	172.67.162.226
naturismv.com	unknown	2012-05-07	2014-04-08	2024-11-30	5.1 kB	418 kB	104.21.235.25
img.sekesporno.net	unknown	2016-09-18	2022-09-14	2024-11-21	1.3 kB	61 kB	172.67.214.155
ph.pornfactory.info	669569	2015-12-17	2020-03-27	2024-10-19	463 B	12 kB	172.67.135.246
vidmo.pro	unknown	2022-04-10	2019-07-13	2024-11-21	5.1 kB	175 kB	89.248.193.244
www.clporn.com	903902	2019-10-16	2015-04-11	2024-11-30	1.3 kB	38 kB	172.67.222.7
www.apornvideo.com	unknown	2019-10-31	2015-12-18	2024-10-14	836 B	10 kB	104.21.95.144
pics.x-xx.pro	unknown	2020-08-16	2021-04-13	2024-11-01	436 B	7.9 kB	104.21.70.153
www.youjizz.com	123168	2007-10-22	2012-05-22	2024-11-08	387 B	4.7 kB	66.254.114.242
www.yasetube.com	unknown	2022-06-20	2022-06-20	2024-12-06	390 B	952 B	0.0.0.0
img.mamaporno.net	unknown	unknown	No data	No data	437 B	53 kB	172.67.210.146
img.siwazywimg2.com	unknown	2023-05-19	2023-05-20	2024-12-01	447 B	382 kB	208.64.218.245
ext.fmkorea.com	unknown	2001-03-06	2016-09-16	2024-11-08	526 B	8.7 kB	198.255.46.10
en.vidmo.org	490377	2012-10-07	2017-03-14	2024-11-08	384 B	5.7 kB	89.248.193.244
dsx.obmenvsemfiles.net	unknown	2020-06-19	2023-07-24	2024-11-08	481 B	33 kB	85.17.28.58
xnxx-xxx.pro	unknown	unknown	2020-08-17	2022-11-30	384 B	1.5 kB	162.251.108.20
avhub.me	unknown	2022-12-16	2019-06-10	2024-12-02	380 B	16 kB	38.207.133.102
cf.gekso.com	unknown	2016-02-23	2024-05-11	2024-06-15	784 B	0 B	0.0.0.0
static.thisav.com	366329	2009-09-25	2017-08-08	2024-11-21	822 B	0 B	0.0.0.0
fixedjs.jtube.top	unknown	2024-03-07	2024-06-18	2024-12-05	1.3 kB	39 kB	188.114.96.1
www.pornbf.mobi	unknown	2024-11-12	2024-12-03	2024-12-03	851 B	13 kB	104.21.96.1
www.javdove.com	unknown	2018-06-04	2018-06-28	2024-04-17	389 B	907 B	0.0.0.0
img.caoliuzywimg.com	unknown	2023-07-08	2024-10-17	2024-10-17	443 B	0 B	0.0.0.0
www.cmav.net	unknown	2019-01-03	2022-08-25	2024-11-14	843 B	113 kB	104.21.56.121
meetcdn.com	unknown	2023-09-25	2023-09-26	2024-05-28	840 B	68 kB	104.21.48.1
realincestvideos.org	unknown	2015-12-31	2016-01-24	2024-11-08	857 B	14 kB	172.67.128.128
emb4.youngtube.one	944005	unknown	No data	No data	490 B	14 kB	213.174.142.70
fmtu.sltusl.com	unknown	2022-10-05	2022-10-15	2024-12-03	1.4 kB	423 B	156.238.196.42
porno-incest.tv	unknown	unknown	No data	No data	818 B	393 kB	185.162.11.82
img.imghuo.cfd	unknown	2024-07-16	2024-07-28	2024-12-05	885 B	22 kB	104.194.8.69
youngtube.one	774174	unknown	No data	No data	385 B	309 B	216.172.61.44
record.r7.com	unknown	unknown	No data	No data	388 B	718 B	23.36.76.186
akhwbjyshezaxck.buzz	unknown	2024-05-16	2024-10-19	2024-12-06	394 B	874 B	188.114.96.1
play.anh.moe	unknown	unknown	No data	No data	386 B	1.1 kB	188.114.96.1
cdn77-pic.xvideos-cdn.com	12833	2017-08-25	2018-09-06	2024-12-04	1.0 kB	31 kB	121.127.45.89
area51.porn	unknown	2016-11-24	2017-02-09	2024-07-22	801 B	3.6 kB	104.21.235.119
page.phic4.top	unknown	2024-03-07	2024-03-28	2024-12-05	395 B	1.3 kB	104.21.73.126
en.chezcathy.com	unknown	2007-03-03	2024-11-08	2024-11-08	402 B	2.4 kB	104.21.235.159
www.campus-av.com	unknown	unknown	No data	No data	389 B	988 B	188.114.96.1
thumb.pornbraze.com	unknown	2015-02-13	2023-01-04	2024-10-31	842 B	0 B	0.0.0.0
bp.vancouvercache.com	unknown	unknown	No data	No data	478 B	906 B	0.0.0.0
mamaporno.net	14143	unknown	No data	No data	387 B	964 B	0.0.0.0
xvideosporno.blog	unknown	unknown	No data	No data	391 B	1.1 kB	0.0.0.0
2beeg.net	827269	unknown	No data	No data	383 B	933 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-12-07 03:44:07	low	78.140.183.240	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2024-12-07 03:44:11	low	198.255.46.10	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2024-12-07 03:44:16	low	89.248.193.244	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2024-12-07 03:44:16	low	117.55.203.10	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2024-12-07 03:44:16	low	89.248.193.244	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2024-12-07 03:44:16	medium	Client IP	188.114.96.1	ETPRO INFO .moe Domain in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-06	medium	ssnovel.top	Sinkholed
2024-12-06	medium	ssnovel.top	Sinkholed
2024-12-06	medium	jshumeng.com	Sinkholed
2024-12-07	medium	ttsp.tv	Sinkholed
2024-12-06	medium	akhwbjyshezaxck.buzz	Sinkholed
2024-12-07	medium	pornbraze.com	Sinkholed
2024-12-07	medium	pornbraze.com	Sinkholed
2024-12-07	medium	pornbraze.com	Sinkholed
2024-12-06	medium	jshumeng.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	From	Size	First Seen	Last Seen
	unknown	EventHandler	48 B	2024-07-17	2025-08-05
URL IP / ASN 0.0.0.0 #0 Introduced by EventHandler Embedded false Resource Info First Seen 2024-07-17 Last Seen 2025-08-05 Times Seen 223 Size 48 B (48 bytes) MD5 8981d7d5762da819fd76fb9a6af69502 SHA1 73a6a054048f292202869c25a5be190ad5bb9cc6 SHA256 3c9e5317128af17847a8e308e8aa0c38c6be139b91afbd3d9598607d8de2b42e Format Code Loading...

	unknown	EventHandler	61 B	2024-07-17	2025-08-05
URL IP / ASN 0.0.0.0 #0 Introduced by EventHandler Embedded false Resource Info First Seen 2024-07-17 Last Seen 2025-08-05 Times Seen 335 Size 61 B (61 bytes) MD5 fc99276790fd60430168f66babce9b5f SHA1 aa97ed55496c03dc06f7ecad4721d094b456ffdf SHA256 877bccd98aed1b71b4998a16cafbb93bfe0028f121304b26b07d9af90bb91205 Format Code Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-08-06
URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP / ASN 142.250.74.106 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-06 Times Seen 67885 Size 87 kB (86927 bytes) MD5 a09e13ee94d51c524b7e2a728c7d4039 SHA1 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae SHA256 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Format Code Loading...

	jsjs.4jpg.top/index.php?js=very	ScriptElement	82 B	2024-04-16	2025-08-05
URL jsjs.4jpg.top/index.php?js=very IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-04-16 Last Seen 2025-08-05 Times Seen 1648 Size 82 B (82 bytes) MD5 77542f8a3ada1bb8b45eb9139c5e69ef SHA1 08556fa802dce18bec90fc57d62c7caaa4dbbdd0 SHA256 4a12c40c3eb9ed0e055519dbd5be4cb7e88ee707739484aa38e3e3284c0bdc46 Format Code Loading...

	av.tub4us.top/2	ScriptElement	12 B	2023-03-07	2025-08-05
URL av.tub4us.top/2 IP / ASN 104.21.60.213 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-05 Times Seen 1663 Size 12 B (12 bytes) MD5 b4b936eab4235f662d4eb756534d69d7 SHA1 4ee18cb14eaf40e117a19a7f86dcefe6291bc0cf SHA256 f7650ed40588ee2d1128869afc47866ee4eb09d4860ce1c3e07c9860b7242d33 Format Code Loading...

	fixedjs.jtube.top/?vidjs=51qxezx	ScriptElement	76 kB	2024-11-18	2025-01-18
URL fixedjs.jtube.top/?vidjs=51qxezx IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-11-18 Last Seen 2025-01-18 Times Seen 76 Size 76 kB (75731 bytes) MD5 66a4f53558c776b531d3414e0e3b83e9 SHA1 0b85a23cc2355af62658e331fecb082208e95af3 SHA256 8e0e7cc3fad729d92bb78d94819e820a34998b9c15b5814068ecf5e2968c4a3a Format Code Loading...

	av.tub4us.top/2	ScriptElement	353 B	2024-05-18	2025-08-05
URL av.tub4us.top/2 IP / ASN 104.21.60.213 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-05-18 Last Seen 2025-08-05 Times Seen 746 Size 353 B (353 bytes) MD5 0b92303a1cb08e00253e7879d304ee26 SHA1 68bdd0c37dddd5312507918516eaa994a1a1cb93 SHA256 7f10c6dc85b21ab592994c008eea9b75e836674d27bef1d026c511b4fb158432 Format Code Loading...

	unknown	DomTimer	919 B	2024-11-18	2025-03-01
URL IP / ASN 0.0.0.0 #0 Introduced by DomTimer Embedded false Resource Info First Seen 2024-11-18 Last Seen 2025-03-01 Times Seen 112 Size 919 B (919 bytes) MD5 8546c81b5cc815d1f7bdb5fe027f0e22 SHA1 207c213fa59e888cee8d2b0c23b4018a803c1c7c SHA256 ab46f9e14e4ceb73f737da3b7913ebe0907c77465291b1be8cb1424e8f921cd0 Format Code Loading...

	page.phic4.top/myda.php	ScriptElement	0 B	0001-01-01	2025-08-06
URL page.phic4.top/myda.php IP / ASN 104.21.73.126 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 0001-01-01 Last Seen 2025-08-06 Times Seen 5691063 Size 0 B (0 bytes) MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Format Code Loading...

	av.tub4us.top/2	ScriptElement	15 B	2023-03-07	2025-08-03
URL av.tub4us.top/2 IP / ASN 104.21.60.213 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-03 Times Seen 113 Size 15 B (15 bytes) MD5 b48e1dfdcd851253aefbcc1dff266c22 SHA1 48271858cf54993e59861c7185a12e274b02f89d SHA256 ff3ac91740d1ab06d3e7d382087ef1ed6a8cc5a95aceddc36b17aee2b13002a6 Format Code Loading...

	av.tub4us.top/2	ScriptElement	14 B	2023-03-07	2025-08-05
URL av.tub4us.top/2 IP / ASN 104.21.60.213 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-05 Times Seen 1395 Size 14 B (14 bytes) MD5 13b29d7aeaa1d827a9a3feeb39148a43 SHA1 da2040ef13a2d1ce62b0eef9c6ced0fe14f66b28 SHA256 d2d18329527d4d7d4acda028f92281274ac2a08bd840af1c0480620582f98338 Format Code Loading...

	cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js	ScriptElement	172 kB	2024-12-05	2024-12-21
URL cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js IP / ASN 104.18.187.31 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-05 Last Seen 2024-12-21 Times Seen 36 Size 172 kB (171982 bytes) MD5 34bd147a5eca21139b85cfa34de1ff3a SHA1 e9afa1e2a524ce3dc8fc9579c6743d16293a9b47 SHA256 b441b7322697c923fc4669efedd78f0938ad0c14410bb94ed0ec827b072ee6b7 Format Code Loading...

	jsjs.4jpg.top/index.php?js=av4&advertisement&	ScriptElement	184 kB	2024-12-07	2024-12-07
URL jsjs.4jpg.top/index.php?js=av4&advertisement& IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-07 Last Seen 2024-12-07 Times Seen 1 Size 184 kB (183767 bytes) MD5 ffdf164fecbba28c15eadab95d2aa582 SHA1 6ea5d1e8fe180640c36d0101f2831b066ff6b1e5 SHA256 98b19265fe5886125b4c64a25ce21226fed12cbb9d93e840c4cd53c924c3514d Format Code Loading...

	22554.2514june2024.com/4/js/239376	ScriptElement	17 kB	2024-12-07	2024-12-07
URL 22554.2514june2024.com/4/js/239376 IP / ASN 88.208.22.2 #39572 DataWeb Global Group B.V. Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-07 Last Seen 2024-12-07 Times Seen 1 Size 17 kB (16646 bytes) MD5 7f21d4f4ef9900e357aa1ffb49cf71a4 SHA1 d10a1a2b168d3a3600fc67d2f9a5e72bf99645f6 SHA256 fcc07c8021ac4d2a87c108632a95edace4b621ec6a9a77b3593e47e465f736f8 Format Code Loading...

	www.googletagmanager.com/gtag/js?id=UA-620120-3	ScriptElement	215 kB	2024-12-07	2024-12-07
URL www.googletagmanager.com/gtag/js?id=UA-620120-3 IP / ASN 142.250.74.168 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-07 Last Seen 2024-12-07 Times Seen 2 Size 215 kB (215413 bytes) MD5 687268cc90e4e9e3ca8617e6703ae25d SHA1 4c649c062a3d2db1343c74065be29d3386fdb408 SHA256 0ab53c71fe113ff78c6f83f0540b4e75c9ff017aba107f387cf9c618b432b0c3 Format Code Loading...

	av.tub4us.top/2	ScriptElement	190 B	2024-10-22	2025-03-10
URL av.tub4us.top/2 IP / ASN 104.21.60.213 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-10-22 Last Seen 2025-03-10 Times Seen 70 Size 190 B (190 bytes) MD5 569b681687ac6bcf0620f5058796e1cb SHA1 13643e61d52193f4859d4be8489c356586f00696 SHA256 669a3efb5b57c744c8fc6612c778e9c7b6fa6f9a58650c932750bedde799d1e0 Format Code Loading...

	cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js	ScriptElement	11 kB	2023-03-07	2025-08-05
URL cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js IP / ASN 104.17.24.14 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-05 Times Seen 1678 Size 11 kB (10687 bytes) MD5 ea77f824de2ef57acb12e7cb6596365e SHA1 10bad0dbdf30a0471c2c786b349daeb1dd19180e SHA256 2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c Format Code Loading...

	HASH	FROM	Size	First Seen	Last Seen
	8da66cae5fc09ad0ad54710cd4960dbd	DocumentWrite	88 B	2023-03-07	2025-08-05
Introduced by DocumentWrite First Seen 2023-03-07 Last Seen 2025-08-05 Times Seen 1741 Size 88 B (88 bytes) MD5 8da66cae5fc09ad0ad54710cd4960dbd SHA1 01ef404d9c252491d6f0cd6900cce145d4b76db1 SHA256 90b1ab53462f9b18c6a0d06704f07055e834c86239bdc87a3708514e9a6b6762 Format Code Loading...

	33e50c65bc34e7205dd72147375dd7ee	DocumentWrite	228 B	2024-11-18	2025-08-05
Introduced by DocumentWrite First Seen 2024-11-18 Last Seen 2025-08-05 Times Seen 369 Size 228 B (228 bytes) MD5 33e50c65bc34e7205dd72147375dd7ee SHA1 45d7704eefa9421415ddfe589dba26be6f3e0a1e SHA256 f17654210f6b478323ef0f08d7591e4844f6c6d9c2e00672cbc8b7d211a0d688 Format Code Loading...

	4b4b5c916fca1f879ae406eafa073906	DocumentWrite	30 B	2024-04-16	2025-08-05
Introduced by DocumentWrite First Seen 2024-04-16 Last Seen 2025-08-05 Times Seen 1598 Size 30 B (30 bytes) MD5 4b4b5c916fca1f879ae406eafa073906 SHA1 b188d4ad342b5264c33cf9c6f655aa95118fb6d0 SHA256 7b5253c47ccce336175a06c9279a4527663c82e012d9b6627083c6503d1cefb4 Format Code Loading...

	2badd01f80cd03eb7ffce90487ab3f71	DocumentWrite	43 B	2023-03-07	2025-08-05
Introduced by DocumentWrite First Seen 2023-03-07 Last Seen 2025-08-05 Times Seen 1695 Size 43 B (43 bytes) MD5 2badd01f80cd03eb7ffce90487ab3f71 SHA1 1d0af7cc184466c7d86216085ea60242daeb1eb4 SHA256 e8f6c4dca8b7093bad96494bef55525265ce366c13dc6f76d9358cca8ee182d4 Format Code Loading...

	edc24b7d2fc7536422daee6621435edf	DocumentWrite	55 B	2024-04-16	2025-08-05
Introduced by DocumentWrite First Seen 2024-04-16 Last Seen 2025-08-05 Times Seen 1670 Size 55 B (55 bytes) MD5 edc24b7d2fc7536422daee6621435edf SHA1 71fd4875b509449d820e6a3dd7d83e5f6c31fac8 SHA256 ec599569faa2feb73e0954dcb1f0f7ac5ba6d49ad50d17d3932506608b86a2fc Format Code Loading...

HTTP Transactions (377)

URL IP Response Size

GET fixedjs.jtube.top/AV4.us.jpg

188.114.96.1

200 OK

8.7 kB

URL GET HTTPS

fixedjs.jtube.top/AV4.us.jpg

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3

First Seen2024-04-16

Last Seen2025-08-05

Times Seen1698

Size8.7 kB (8741 bytes)

MD5edfe007a6e5b3d268b2528f564b60b43

SHA11644c8ef97c871079e07e5079d613af5cb94052f

SHA256bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390

Certificate Info

IssuerGoogle Trust Services

Subjectjtube.top

Fingerprint9D:F7:B8:3A:A8:13:38:DE:74:BF:77:4B:F4:4E:53:42:62:EE:F4:9B

ValidityTue, 05 Nov 2024 14:16:24 GMT - Mon, 03 Feb 2025 14:16:23 GMT

HTTP Headers

GET /AV4.us.jpg HTTP/1.1
Host: fixedjs.jtube.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://favor.jtube.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:05 GMT
content-type: image/jpeg
content-length: 8741
etag: "2225-614075c7eff6b"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 326376
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KiqXNkIL9c758RaVHUEHmp3zXsT0Y8RbcAx1fKnzJkXmqjKCfiEaDvrk7HXBWlYEW%2F4gWpJCRjoRCpkv57Xt2DD02nQ4eFaIODqANTDn2AYjgWiMTfJO7wkO%2FMuPI20l2uzkow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183e348b8b50b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6371&min_rtt=3834&rtt_var=3250&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4135&recv_bytes=1191&delivery_rate=154916&cwnd=12000&unsent_bytes=0&cid=47f280bb414274bc&ts=370&x=1", cfExtPri, cfHdrFlush;dur=0

GET fixedjs.jtube.top/AV4.us.jpg

188.114.96.1

200 OK

8.7 kB

URL GET HTTPS

fixedjs.jtube.top/AV4.us.jpg

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3

First Seen2024-04-16

Last Seen2025-08-05

Times Seen1698

Size8.7 kB (8741 bytes)

MD5edfe007a6e5b3d268b2528f564b60b43

SHA11644c8ef97c871079e07e5079d613af5cb94052f

SHA256bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390

Certificate Info

IssuerGoogle Trust Services

Subjectjtube.top

Fingerprint9D:F7:B8:3A:A8:13:38:DE:74:BF:77:4B:F4:4E:53:42:62:EE:F4:9B

ValidityTue, 05 Nov 2024 14:16:24 GMT - Mon, 03 Feb 2025 14:16:23 GMT

HTTP Headers

GET /AV4.us.jpg HTTP/1.1
Host: fixedjs.jtube.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 8741
etag: "2225-614075c7eff6b"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 326377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mOjvmN4YnSxdhOE08cMESKvFFFwpRpPvhfCOw88Yqx4ik5Vtf8ZM2uRN3zpObDN%2B4hgMQR7sABPL9XWo5hA1hpflZHxRUXJgz2NH9cX5S4u5mXypi5XufXX2k7LkUaowB%2B9sPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183ea1b90b518-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=740&min_rtt=415&rtt_var=653&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3265&recv_bytes=1205&delivery_rate=6851735&cwnd=254&unsent_bytes=0&cid=43fe21e0973cb219&ts=63&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/295853/295853.jpg

104.26.10.85

200 OK

155 kB

URL GET HTTPS

treeyork.com/295853/295853.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 960x560, components 3

First Seen2024-06-04

Last Seen2025-01-18

Times Seen8

Size155 kB (154774 bytes)

MD58daffa359933acbc3b12f0cb170a389f

SHA186c520cea104c2b4066e7d8d4d222f30025f68cc

SHA256ad5e6651d5248892c2c0d9fe19979863e17211a901fc9c2253b483a000aafc4f

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /295853/295853.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 154774
cf-bgj: h2pri
etag: "8daffa359933acbc3b12f0cb170a389f"
last-modified: Sun, 14 Jan 2024 18:57:26 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6481
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JHNsMAzaYsC5awwaBrzhRd2pkQ7qoQdDt3coXnCPFFEAPEh%2Bn9wWFC78l%2FTdSkD%2BvkClYXg7GNLQ7gHSUfYwaz4KLrYMdG5ZH6qGYcKpH2f%2FDluafC%2Bvyv%2FxE7wEQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ea2c857129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=961&min_rtt=430&rtt_var=913&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3184&recv_bytes=1236&delivery_rate=7074918&cwnd=254&unsent_bytes=0&cid=35e9f8474f583708&ts=50&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/148919/148919.jpg

104.26.10.85

200 OK

93 kB

URL GET HTTPS

treeyork.com/148919/148919.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2025-01-01

Times Seen2

Size93 kB (93272 bytes)

MD517448050547586383cc33362f9c53780

SHA1f463aebbd266f8c144eed4013f7e91348ea8c6d4

SHA25610250f11a07effa35d09807d22a90c5a3b0467beb7e66e1133c056eb746337ed

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /148919/148919.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 93272
cf-bgj: h2pri
etag: "17448050547586383cc33362f9c53780"
last-modified: Sun, 14 Jan 2024 13:03:46 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6985
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EYK6dn3Jm3N1LqCOe9RF7OsJz%2Fgy5NQtBIMpVChBnyypmBNs%2FDHuJLUFgv4bCV0jNl9on5kmIzTaqQajHExzNOLzndyiNJJxCnCuB7UYEmktAsD4EEr5XkUhFt7E%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ea2c877129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=961&min_rtt=430&rtt_var=913&sent=56&recv=12&lost=0&retrans=0&sent_bytes=67312&recv_bytes=1236&delivery_rate=7074918&cwnd=254&unsent_bytes=31856&cid=35e9f8474f583708&ts=50&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/297398/297398.jpg

104.26.10.85

200 OK

154 kB

URL GET HTTPS

treeyork.com/297398/297398.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size154 kB (154022 bytes)

MD5014b02f52dc84551f9d7e8b709409252

SHA109052a568a31f4e4745529870ab01d6b7954cbe2

SHA2565ee277d9bb3b834958ba37afddbbd47a8ac24d51fc7471fbd7715efd093556c3

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /297398/297398.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 154022
cf-bgj: h2pri
etag: "014b02f52dc84551f9d7e8b709409252"
last-modified: Sun, 14 Jan 2024 19:12:22 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 25
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JTZaKvmtzbDw7NPPI7aiYrJQ6uWIwMCEg9RyPbsMS%2B%2B69QdyKvuERhAmStgnXJvUpHeNdHan2M9OCrNyd%2FQwqJp4n5LbEDcoE%2B4i5%2FH23Ur9FAZDvou4wtqSWIwkPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ea3c887129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=961&min_rtt=430&rtt_var=913&sent=56&recv=12&lost=0&retrans=0&sent_bytes=67312&recv_bytes=1236&delivery_rate=7074918&cwnd=254&unsent_bytes=31856&cid=35e9f8474f583708&ts=50&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/617792/617792.jpg

104.26.10.85

200 OK

16 kB

URL GET HTTPS

treeyork.com/617792/617792.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-09-19

Last Seen2025-01-18

Times Seen8

Size16 kB (16176 bytes)

MD59722c3bb7df1efc74ddeaf7c8d23d940

SHA12b870d67efd9a3c066ccbf87269d685339c19ab6

SHA256cd09ae7b78b3718e5dbb895aea01da7e9a1539acde0364e75f96887c93578184

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /617792/617792.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 16176
cf-bgj: h2pri
etag: "9722c3bb7df1efc74ddeaf7c8d23d940"
last-modified: Mon, 15 Jan 2024 10:08:38 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6153
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BECqmWEmF%2FXR85cB4Crz7Un5S6rTAWpgMfp%2BSl2rJ1of6RmGzndw0qC1JXHHYnVTUIUmRQ7iPAI1BoI1050e0Polf9BSJcbLsJCnkiXVoOiC00%2Bc6OYzv%2BO%2B50Uy4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ea5c977129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1533&min_rtt=410&rtt_var=105&sent=303&recv=121&lost=0&retrans=0&sent_bytes=409318&recv_bytes=1316&delivery_rate=114878228&cwnd=254&unsent_bytes=0&cid=35e9f8474f583708&ts=76&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/317188/317188.jpg

104.26.10.85

200 OK

14 kB

URL GET HTTPS

treeyork.com/317188/317188.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-05-07

Last Seen2025-01-18

Times Seen81

Size14 kB (14016 bytes)

MD555b3d19de23e536259209a8fbbfc2c9a

SHA16eeb47aec4a223e1378eb122b2e51909eb98b288

SHA2566c6a70545b178cc5aa49cf1d5583f58a5d58cad485f35a7e6f0c3ada89751055

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /317188/317188.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 14016
cf-bgj: h2pri
etag: "55b3d19de23e536259209a8fbbfc2c9a"
last-modified: Sun, 14 Jan 2024 23:09:32 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2409
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bz8yYfOR9THA517n5BEmBiKRGvpfsXUGdq5RqLcEZCupL2srzOCYwr8hzBhl896ej5WNLTJxuL0DAZ5%2B4uOsixhs1qmXx5yaL89TBTnx8JxnL0ca380SxBhRJTQbqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183eaacb67129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1634&min_rtt=410&rtt_var=1401&sent=318&recv=129&lost=0&retrans=1&sent_bytes=426117&recv_bytes=1396&delivery_rate=760104&cwnd=254&unsent_bytes=0&cid=35e9f8474f583708&ts=125&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/358664/358664.jpg

104.26.10.85

200 OK

17 kB

URL GET HTTPS

treeyork.com/358664/358664.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size17 kB (16631 bytes)

MD547b618d6a768a1cfd7cc908076c2ebfa

SHA149c60e62f94bec6ffb81bde9d6987c08aa371aa9

SHA2562c5e6103de0680c87aa091bc149ef773e6d0296c4849ac64eb82f34eb8d01db7

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /358664/358664.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 16631
cf-bgj: h2pri
etag: "47b618d6a768a1cfd7cc908076c2ebfa"
last-modified: Mon, 15 Jan 2024 00:32:43 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 167
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0dWNpbNkU08ggucKdHDqdhe04V1gZQ0nzEzOa2IqAK0QSeLii6EFT7JjxxHTC%2FKsJtt2APPEvKJK%2F5II%2FvoPjL9o6Ye53RUm4raIP8UjuvFZQMJNL3p3Ev4FsCXxZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183eabcb97129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1023&min_rtt=410&rtt_var=827&sent=330&recv=136&lost=0&retrans=1&sent_bytes=440717&recv_bytes=1476&delivery_rate=25525641&cwnd=254&unsent_bytes=0&cid=35e9f8474f583708&ts=133&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/561722/561722.jpg

104.26.10.85

200 OK

14 kB

URL GET HTTPS

treeyork.com/561722/561722.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-08-19

Last Seen2024-12-10

Times Seen3

Size14 kB (13902 bytes)

MD5eb55b866d5ebeef6e53fe8c4b28c171e

SHA17adf7c5c28faaacaac504868e579c033dcc6f75d

SHA256599930ec47b54b67acecdcc7ae1480951619df26183650314a5250f12645776f

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /561722/561722.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 13902
cf-bgj: h2pri
etag: "eb55b866d5ebeef6e53fe8c4b28c171e"
last-modified: Mon, 15 Jan 2024 07:56:55 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5053
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ik7GqA0i10FOjWlqrL%2FKX4WHgEhks8e1LMi8%2FTv2RjJwjZvbK45k8Spatzgqj0txUHov%2FCFbr4FKlCL1HUeXRnTSKvw1oXM02Q53n6mi4vjtxOEk216zsk%2Bkd4mctQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183eaeccf7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1982&min_rtt=410&rtt_var=2388&sent=346&recv=146&lost=0&retrans=2&sent_bytes=458226&recv_bytes=1713&delivery_rate=690290&cwnd=254&unsent_bytes=0&cid=35e9f8474f583708&ts=165&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/621007/621007.jpg

104.26.10.85

200 OK

15 kB

URL GET HTTPS

treeyork.com/621007/621007.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-05-10

Last Seen2024-12-08

Times Seen88

Size15 kB (15292 bytes)

MD51ed2f0f940a68c17f3d975629f5931b4

SHA19fbf739e3e69497e2bb88cc3eeb27a3e24e4b8b1

SHA256ac96a6ef7ab506254682cab4cef2d4d36928844cddfb8d233e22ac65acc3363b

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /621007/621007.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 15292
cf-bgj: h2pri
etag: "1ed2f0f940a68c17f3d975629f5931b4"
last-modified: Mon, 15 Jan 2024 10:18:53 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2447
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8Ml6o4xHvPNC45szgwpi8Riz1oGkr3OYlCSMUdDkcivPUOGgf6aDP%2BgvNVHlagS48oB068oGFkQr38gZsqUbSEhaixCptDfvRq4Nww4QU9Onoqy%2FNLy6mWVuZuY%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183eaecce7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1982&min_rtt=410&rtt_var=2388&sent=358&recv=146&lost=0&retrans=2&sent_bytes=472716&recv_bytes=1713&delivery_rate=690290&cwnd=254&unsent_bytes=0&cid=35e9f8474f583708&ts=165&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/222183/222183.jpg

104.26.10.85

200 OK

277 kB

URL GET HTTPS

treeyork.com/222183/222183.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size277 kB (277133 bytes)

MD535743ac63d4f89d4eeebf84d058a7d19

SHA16ad979f893e0184b20335fb893435d323f41ea24

SHA25617c7abdf667c815789d202dc4142c57ca33a78eef4e9347ef1c4b8ccdd3f93db

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /222183/222183.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 277133
cf-bgj: h2pri
etag: "35743ac63d4f89d4eeebf84d058a7d19"
last-modified: Sun, 14 Jan 2024 14:23:08 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 526
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cj3fZaayt%2BkHc3jk3UOAmrGsy8VrG6fHqZDyhK6xlqJno4gXMgoc7fXEI2gp6IBE%2BborxUkw9yveLkGqWTcu6hIzu9vpyyky4Wm9dR9kQdTUPkeP%2Blkh5KTpXku9%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183eaecd07129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1982&min_rtt=410&rtt_var=2388&sent=371&recv=146&lost=0&retrans=2&sent_bytes=488596&recv_bytes=1713&delivery_rate=690290&cwnd=254&unsent_bytes=0&cid=35e9f8474f583708&ts=165&x=0"
X-Firefox-Spdy: h2

GET naturismv.com/images/night-swimming-pool-naturist-freedom.jpg

104.21.235.25

200 OK

40 kB

URL GET HTTPS

naturismv.com/images/night-swimming-pool-naturist-freedom.jpg

IP / ASN

104.21.235.25

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, progressive, precision 8, 400x300, components 3

First Seen2024-04-22

Last Seen2025-07-07

Times Seen23

Size40 kB (40224 bytes)

MD58ed7ae92668948d88994493754af4a96

SHA15ebeae2dc114521d49e9ff67c198b440ca7c8f6a

SHA2562fec7460ebd3d41904dcc3bac4e216c555c054b20ce96fe13a6a4d18699de157

Certificate Info

IssuerGoogle Trust Services

Subjectnaturismv.com

Fingerprint9C:58:56:25:78:19:EB:E0:62:6C:2F:51:48:3D:DF:C2:55:0E:82:5B

ValidityWed, 06 Nov 2024 08:49:12 GMT - Tue, 04 Feb 2025 08:49:11 GMT

HTTP Headers

GET /images/night-swimming-pool-naturist-freedom.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 40224
last-modified: Fri, 19 May 2023 12:04:48 GMT
etag: "646765e0-9d20"
expires: Mon, 01 Dec 2025 07:09:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 506050
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TujUAifp442DXBlvJkTKmk1tv%2B4fnfaGBbpyLlYK0j%2BrJ%2BYx4MQJaGEMy3x3Fa2ONb%2FGyPi6dF2UugJr%2BfWCWuLCqSCe7C63J%2Fi6PZayt3CwyMJ1HDYk6d0hDOz5BFdc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183eafba7d1fd-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17682&min_rtt=17546&rtt_var=2916&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3283&recv_bytes=1192&delivery_rate=246776&cwnd=254&unsent_bytes=0&cid=5c0ec9b538a07b3d&ts=144&x=0"
X-Firefox-Spdy: h2

GET sorkab.com/wp-content/uploads/2022/08/0002134.jpg

104.21.234.105

200 OK

53 kB

URL GET HTTPS

sorkab.com/wp-content/uploads/2022/08/0002134.jpg

IP / ASN

104.21.234.105

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3

First Seen2024-12-07

Last Seen2025-07-23

Times Seen2

Size53 kB (52662 bytes)

MD58fcc2b44fd190b6de183b7e24b7bd776

SHA110386edc0be4b7939e8952336181405376b3b543

SHA2568366cca3f5f57e235619fc38cb15cea73072fb5df10f76e2bc33e03e87dcf339

Certificate Info

IssuerGoogle Trust Services

Subjectsorkab.com

FingerprintD3:11:17:D3:EB:D7:75:32:87:93:33:0C:EE:8B:E9:79:13:66:B2:04

ValidityFri, 08 Nov 2024 02:56:19 GMT - Thu, 06 Feb 2025 02:56:18 GMT

HTTP Headers

GET /wp-content/uploads/2022/08/0002134.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 52662
cache-control: public, max-age=31536000
expires: Sat, 22 Mar 2025 23:10:30 GMT
last-modified: Wed, 22 Feb 2023 06:11:53 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 9184791
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9hHTVpF11xJupUG0Ffq101ZpAaU0bLCzNzvntwKYwh5Kf5yd78RVEFlo7rs6Utx0EOOrTRYA3lDd0qsYTZ%2BwlUntSl2N271%2BcmA4TK3cElMSp%2BP2SsxU1dpcRml"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183eb4e37652f-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20236&min_rtt=20214&rtt_var=3229&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3193&recv_bytes=1088&delivery_rate=214222&cwnd=115&unsent_bytes=0&cid=b57ea78fefd72974&ts=182&x=0"
X-Firefox-Spdy: h2

GET sorkab.com/wp-content/uploads/2023/11/0004876.jpg

104.21.234.105

200 OK

32 kB

URL GET HTTPS

sorkab.com/wp-content/uploads/2023/11/0004876.jpg

IP / ASN

104.21.234.105

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size32 kB (31669 bytes)

MD59cc444ba9026d31fcaf1406ae5e7b4d9

SHA15a71f3e7f4055077c91d646e34a70ac12f7ef9f3

SHA2568be91d7253c80b8a355115960d0623b4ca435b4cc1649eaa96083bac238a2051

Certificate Info

IssuerGoogle Trust Services

Subjectsorkab.com

FingerprintD3:11:17:D3:EB:D7:75:32:87:93:33:0C:EE:8B:E9:79:13:66:B2:04

ValidityFri, 08 Nov 2024 02:56:19 GMT - Thu, 06 Feb 2025 02:56:18 GMT

HTTP Headers

GET /wp-content/uploads/2023/11/0004876.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: image/jpeg
content-length: 31669
cache-control: public, max-age=31536000
expires: Thu, 27 Nov 2025 00:35:54 GMT
last-modified: Fri, 24 Nov 2023 07:41:48 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 795300
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDQFDtvqrNWgwPMtpjJkdz50D0kSI2m4jrIE76I0Z%2BJKfrz3J3OrZEgYMQgtS6v39yqpiXlVV0c%2Fougt1FNMWYiyri8NbAvPPW5C0XJH%2BEdBCKrp05arod0Jk3pz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183eb5e40652f-LHR
server-timing: cfL4;desc="?proto=TCP&rtt=20236&min_rtt=20214&rtt_var=3229&sent=47&recv=12&lost=0&retrans=0&sent_bytes=57788&recv_bytes=1182&delivery_rate=214222&cwnd=115&unsent_bytes=0&cid=b57ea78fefd72974&ts=193&x=0"
X-Firefox-Spdy: h2

GET jsjs.4jpg.top/index.php?js=av4&advertisement&

188.114.96.1

200 OK

272 kB

URL GET HTTPS

jsjs.4jpg.top/index.php?js=av4&advertisement&

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (6439), with CRLF line terminators

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size272 kB (271463 bytes)

MD5ffdf164fecbba28c15eadab95d2aa582

SHA16ea5d1e8fe180640c36d0101f2831b066ff6b1e5

SHA25698b19265fe5886125b4c64a25ce21226fed12cbb9d93e840c4cd53c924c3514d

Certificate Info

IssuerGoogle Trust Services

Subject4jpg.top

FingerprintC4:37:E6:09:C5:3C:99:D3:7D:3F:90:98:D9:5E:80:F2:A7:C8:D2:F4

ValidityTue, 29 Oct 2024 17:25:21 GMT - Mon, 27 Jan 2025 17:25:20 GMT

HTTP Headers

GET /index.php?js=av4&advertisement& HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://favor.jtube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:05 GMT
content-type: text/html; charset=UTF-8
imghost: 104194820-h-jsjs4jpgtopmh--RU-rm16215822257/index.php?js=av4&advertisement&
56nloadrate: 1.220625
cache-control: public, max-age=14400, s-max-age=1800
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: HIT
age: 1166
last-modified: Sat, 07 Dec 2024 03:24:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXq46%2FZt58nvLt8%2Fj4mMrQM2VVLL73ygxM69RSDtzgr91%2FA7%2BW47MgUnIM8riLYHHt5P4ZjX3fxHTUGrNnSneSELoXMPXt9jy8BPl%2Fyi%2FrpTT3zoXR3wx7ChJMiY2mpD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183e38db4712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=602&min_rtt=438&rtt_var=221&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3185&recv_bytes=1153&delivery_rate=5878213&cwnd=254&unsent_bytes=0&cid=2b56b1c7db68f533&ts=83&x=0"
X-Firefox-Spdy: h2

GET p15-kimg.kwai.net/kimg/EKzM1y8qmQEKAnMzEg1waG90by1vdmVyc2VhGoMBdXBpYy8yMDIyLzA3LzI0LzA4L0JNakF5TWpBM01qUXdPREExTlRKZk1UVXdNREF4TVRjMU56RTFPRGs1WHpFMU1ERXdNRE0yT1RJNE5EZzBOMTh4WHpNPV9vdXVfQjIyZmJlZTEyZjBmY2I4YWFmZGNlNDBmNWY1ZWM0MGViLndlYnA.webp

54.240.174.114

200 OK

14 kB

URL GET HTTPS

p15-kimg.kwai.net/kimg/EKzM1y8qmQEKAnMzEg1waG90by1vdmVyc2VhGoMBdXBpYy8yMDIyLzA3LzI0LzA4L0JNakF5TWpBM01qUXdPREExTlRKZk1UVXdNREF4TVRjMU56RTFPRGs1WHpFMU1ERXdNRE0yT1RJNE5EZzBOMTh4WHpNPV9vdXVfQjIyZmJlZTEyZjBmY2I4YWFmZGNlNDBmNWY1ZWM0MGViLndlYnA.webp

IP / ASN

54.240.174.114

#16509 AMAZON-02

Requested byhttps://av.tub4us.top/2

Resource Info

File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 322x574, Scaling: [none]x[none], YUV color, decoders should clamp

First Seen2024-11-02

Last Seen2025-01-18

Times Seen5

Size14 kB (13666 bytes)

MD54b20ffdcde9a370794b631a841aa133a

SHA1502a88b7391a511c12dbd52b7971f2db18395857

SHA25664c98bc784b0000657a53ed19036f1f6def00cd1c7789ecd2a144132e6b3066d

Certificate Info

IssuerAmazon

Subject*.kwai.net

FingerprintF1:A4:C1:87:13:2A:DC:F1:6B:70:25:61:4D:D3:B2:FA:DD:F5:F1:26

ValidityTue, 10 Sep 2024 00:00:00 GMT - Thu, 09 Oct 2025 23:59:59 GMT

HTTP Headers

GET /kimg/EKzM1y8qmQEKAnMzEg1waG90by1vdmVyc2VhGoMBdXBpYy8yMDIyLzA3LzI0LzA4L0JNakF5TWpBM01qUXdPREExTlRKZk1UVXdNREF4TVRjMU56RTFPRGs1WHpFMU1ERXdNRE0yT1RJNE5EZzBOMTh4WHpNPV9vdXVfQjIyZmJlZTEyZjBmY2I4YWFmZGNlNDBmNWY1ZWM0MGViLndlYnA.webp HTTP/1.1
Host: p15-kimg.kwai.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 13666
date: Sun, 29 Sep 2024 23:31:47 GMT
krtid: gw9b288797f3ef4d4abe7524bcea440169
expires: Mon, 29 Sep 2025 23:31:47 GMT
cache-control: public, max-age=31536000
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront), 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1, OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DsCNu_g8hXdGSx9T4DXTbPG6ZBEdYaVg4M6GTmUkXLk9JnzEmG-fzw==
age: 5890340
timing-allow-origin: *
vary: Origin
X-Firefox-Spdy: h2

GET p15-kimg.kwai.net/kimg/EKzM1y8qmQEKAnMzEg1waG90by1vdmVyc2VhGoMBdXBpYy8yMDIzLzA0LzExLzIxL0JNakF5TXpBME1URXlNVE16TXpkZk1UVXdNREF4TXprME1qa3pNVEl3WHpFMU1ERXdNalkwTmpjMk5qQTBPVjh5WHpNPV9vdXVfQmEzOWE5NWNhM2YyMjYwZGFhODRmMzAxMWU3ZGFlY2M2LndlYnA.webp

54.240.174.114

200 OK

14 kB

URL GET HTTPS

p15-kimg.kwai.net/kimg/EKzM1y8qmQEKAnMzEg1waG90by1vdmVyc2VhGoMBdXBpYy8yMDIzLzA0LzExLzIxL0JNakF5TXpBME1URXlNVE16TXpkZk1UVXdNREF4TXprME1qa3pNVEl3WHpFMU1ERXdNalkwTmpjMk5qQTBPVjh5WHpNPV9vdXVfQmEzOWE5NWNhM2YyMjYwZGFhODRmMzAxMWU3ZGFlY2M2LndlYnA.webp

IP / ASN

54.240.174.114

#16509 AMAZON-02

Requested byhttps://av.tub4us.top/2

Resource Info

File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 322x574, Scaling: [none]x[none], YUV color, decoders should clamp

First Seen2024-12-07

Last Seen2025-07-07

Times Seen3

Size14 kB (14030 bytes)

MD5dc96d6c254ecdb677b84aca28fb7249e

SHA1d7bdeb3def6e70fbe0dc343300b12f1344b481de

SHA256f60dfe64ee7ebad13754bab61780efd60a851788e87a3ce480d602c22c9362ee

Certificate Info

IssuerAmazon

Subject*.kwai.net

FingerprintF1:A4:C1:87:13:2A:DC:F1:6B:70:25:61:4D:D3:B2:FA:DD:F5:F1:26

ValidityTue, 10 Sep 2024 00:00:00 GMT - Thu, 09 Oct 2025 23:59:59 GMT

HTTP Headers

GET /kimg/EKzM1y8qmQEKAnMzEg1waG90by1vdmVyc2VhGoMBdXBpYy8yMDIzLzA0LzExLzIxL0JNakF5TXpBME1URXlNVE16TXpkZk1UVXdNREF4TXprME1qa3pNVEl3WHpFMU1ERXdNalkwTmpjMk5qQTBPVjh5WHpNPV9vdXVfQmEzOWE5NWNhM2YyMjYwZGFhODRmMzAxMWU3ZGFlY2M2LndlYnA.webp HTTP/1.1
Host: p15-kimg.kwai.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 14030
date: Sat, 19 Oct 2024 05:20:32 GMT
krtid: gwfa57ecfed1764c3483a3013fd0253114
expires: Sun, 19 Oct 2025 05:20:32 GMT
cache-control: public, max-age=31536000
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront), 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1, OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: W822Zyf4_0X3RW0I0kU2rSQEbwvkn8IRVdU34mLNPtbvOEo1kwJRQA==
age: 4227815
timing-allow-origin: *
vary: Origin
X-Firefox-Spdy: h2

GET treeyork.com/273288/273288.jpg

104.26.10.85

200 OK

188 kB

URL GET HTTPS

treeyork.com/273288/273288.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size188 kB (188401 bytes)

MD5a3135df25b0217fd2077e69338f47d1c

SHA136974a84b57b76326e48a5e0115b3a8800dc284f

SHA2567618f0d1b3af2679acb6f2092b4d7fd2bc2ddd94f510cb2f3e6664cad5f13323

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /273288/273288.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 188401
cf-bgj: h2pri
etag: "a3135df25b0217fd2077e69338f47d1c"
last-modified: Sun, 14 Jan 2024 16:45:24 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4152
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5tUFBpnNkdzkWDK7tshOUfo%2FYghCGMYgjfOKGLaKVIN%2B8x8Rs2uxhiXYHdbPYw7%2FSDrXHDef0MQuNGArZighrxaSyQvNGr2Eqo0u6wN3TtgbmoBIVtZptDDtv6JDcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ec6d837129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3394&min_rtt=410&rtt_var=2002&sent=573&recv=259&lost=0&retrans=3&sent_bytes=767146&recv_bytes=1873&delivery_rate=445447&cwnd=216&unsent_bytes=0&cid=35e9f8474f583708&ts=404&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/135279/135279.jpg

104.26.10.85

200 OK

248 kB

URL GET HTTPS

treeyork.com/135279/135279.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-05-12

Last Seen2025-01-08

Times Seen107

Size248 kB (247495 bytes)

MD53df899d196638a59f37795f05320c3a4

SHA11f45224cd55cbc04f8148db5ef74f66975a93107

SHA25689f283568afc50ce8a1e2a26a4e05ab4ecff1059ef549816ecaa5fc3a1001022

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /135279/135279.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 247495
cf-bgj: h2pri
etag: "3df899d196638a59f37795f05320c3a4"
last-modified: Sun, 14 Jan 2024 12:52:40 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1280
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5Qr%2FNcj8QeOpFEHETAU9X%2Fm%2BTsmv7sjIPvb5lafJZWa5lnG0j9uBXBywqTdh7JzjcCzYAjobv1%2BeG%2Fpgl8N7vD4yBDVApHFT%2BJ9YIZpBvJnrssgWgkANoLmKkk0Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ec6d847129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3394&min_rtt=410&rtt_var=2002&sent=631&recv=259&lost=0&retrans=3&sent_bytes=849493&recv_bytes=1873&delivery_rate=445447&cwnd=216&unsent_bytes=0&cid=35e9f8474f583708&ts=404&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/267021/267021.jpg

104.26.10.85

200 OK

76 kB

URL GET HTTPS

treeyork.com/267021/267021.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size76 kB (75742 bytes)

MD550b7678f338ce50c502fa8be7c1db028

SHA1a371cb65157082c80081428522dbd21fbf498218

SHA256bb53e693362ec41379ad73b79bd88e7f54dac74800d63aef6f2d0f33b6b5b160

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /267021/267021.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 75742
cf-bgj: h2pri
etag: "50b7678f338ce50c502fa8be7c1db028"
last-modified: Sun, 14 Jan 2024 16:31:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 335
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DdmquJSGfGFcHHcV98Xwi1BPXd9NSEGCaX3%2F00zGE%2Btd9wj6hs7PI9QRszbp4C1Mo180jPC4fCtzyTfkNihjsBW2%2BRJsOT0oXw9cERyXB%2BLOE3LU2rSYzowy630bkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ec7d8f7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2482&min_rtt=410&rtt_var=116&sent=877&recv=564&lost=0&retrans=3&sent_bytes=1205561&recv_bytes=1952&delivery_rate=93741046&cwnd=220&unsent_bytes=0&cid=35e9f8474f583708&ts=416&x=0"
X-Firefox-Spdy: h2

GET sorkab.com/wp-content/uploads/2022/11/0002763.jpg

104.21.234.105

200 OK

35 kB

URL GET HTTPS

sorkab.com/wp-content/uploads/2022/11/0002763.jpg

IP / ASN

104.21.234.105

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3

First Seen2024-12-07

Last Seen2025-08-05

Times Seen17

Size35 kB (35259 bytes)

MD5ba21a3ba6988a39155cd28821d5cf3b3

SHA143aff2d21d78fde21fac1d5587766597b0ba722c

SHA256771ed2d6f2c2ae3b9b60ea665046aaccf3e7c8825f4699ebc6bdbd646a35fc11

Certificate Info

IssuerGoogle Trust Services

Subjectsorkab.com

FingerprintD3:11:17:D3:EB:D7:75:32:87:93:33:0C:EE:8B:E9:79:13:66:B2:04

ValidityFri, 08 Nov 2024 02:56:19 GMT - Thu, 06 Feb 2025 02:56:18 GMT

HTTP Headers

GET /wp-content/uploads/2022/11/0002763.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 35259
cache-control: public, max-age=31536000
expires: Thu, 27 Nov 2025 18:21:19 GMT
last-modified: Wed, 22 Feb 2023 08:34:08 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 685963
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TML2z8XMakE6ybpDe5YKFG%2F%2FLRpgcSXKbP7e1d%2FOYOelgkIn%2F36XregeB99tezlJ3ZW9I2btxR0EYdUPUG8Kkynq7ASvHX8Y%2FY%2Bd%2B5teHjJvXg3bkrPnd5bZRGsI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ed0f2b652f-LHR
server-timing: cfL4;desc="?proto=TCP&rtt=22747&min_rtt=20214&rtt_var=4945&sent=72&recv=19&lost=0&retrans=0&sent_bytes=90216&recv_bytes=1276&delivery_rate=962690&cwnd=115&unsent_bytes=0&cid=b57ea78fefd72974&ts=458&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/334797/334797.jpg

104.26.10.85

200 OK

17 kB

URL GET HTTPS

treeyork.com/334797/334797.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-05-10

Last Seen2024-12-07

Times Seen3

Size17 kB (16834 bytes)

MD51c30a3d7c638fdbdfe7195c16cf4a074

SHA157b2c06b46a752390bbe23e144a587bd16dc9507

SHA256a4656363ca0014c909d118ff8da34434d8e4c6e87bf1dc6a9cea8fe5b3ce46ed

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /334797/334797.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 16834
cf-bgj: h2pri
etag: "1c30a3d7c638fdbdfe7195c16cf4a074"
last-modified: Sun, 14 Jan 2024 23:52:32 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1008
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OuI%2FGw4rs2T08AuWQdbiDUt1lrXYFq7W1kcjl2elnPRuXgEFAwkdq1jKwjrqGRmsrGMjn0HnkLSl8%2BTkH1780qK1yFrhl3yZm01GS3xy5wa2bTrvNeJYtS09UpmQ0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ecddb47129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=983&min_rtt=410&rtt_var=63&sent=932&recv=593&lost=0&retrans=3&sent_bytes=1282075&recv_bytes=2112&delivery_rate=93741046&cwnd=220&unsent_bytes=0&cid=35e9f8474f583708&ts=468&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/179519/179519.jpg

104.26.10.85

200 OK

89 kB

URL GET HTTPS

treeyork.com/179519/179519.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-11-21

Last Seen2024-12-07

Times Seen2

Size89 kB (89159 bytes)

MD5eb83d286e55f72cecf3223d61e2f64c6

SHA11f25eb58712258b73b0c42d345425882a7da9db0

SHA256a87f46ce641e168cf4a91469f5df99bae5d39615cfb9fd67f2727c405c54298a

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /179519/179519.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 89159
cf-bgj: h2pri
etag: "eb83d286e55f72cecf3223d61e2f64c6"
last-modified: Sun, 14 Jan 2024 13:31:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3473
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGM96%2B1awBxcEsl1O9Qf83Hxo3q%2FSC%2FAJ1bMBHmV%2B4p500KfQcLe14zAeb1r7S0XkIz%2FEAIeqZIhYqIocKOQUA9hOU8mWcWd5vAyFSNehRiadyOr8P2LGFLAHlX40w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ecddb37129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=983&min_rtt=410&rtt_var=63&sent=946&recv=593&lost=0&retrans=3&sent_bytes=1299525&recv_bytes=2112&delivery_rate=93741046&cwnd=220&unsent_bytes=0&cid=35e9f8474f583708&ts=469&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/291710/291710.jpg

104.26.10.85

200 OK

244 kB

URL GET HTTPS

treeyork.com/291710/291710.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-05-12

Last Seen2024-12-07

Times Seen14

Size244 kB (243654 bytes)

MD53d9c8268b21c1e74f3e1a147489c6c21

SHA1c6c119d8b0549e70681222a2d15b6451abeea89b

SHA25695843dbcc0ba4998b5022ad11147283b8fd975a5989ee42d4ebfaa335239ef7d

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /291710/291710.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 243654
cf-bgj: h2pri
etag: "3d9c8268b21c1e74f3e1a147489c6c21"
last-modified: Sun, 14 Jan 2024 18:11:32 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 285
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHyoBAk7M6WxVgSP1W25BYtT68Wt9%2BCugGzCsjDn2nDAH8NTMRFXPEmpVpWShlLV7SVnFSeinef%2FnyBX9IGvtD6QEoAM2Frob5ccQtdsAQ7gjIq4xJsABcVNBos07A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ed6de77129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=778&min_rtt=410&rtt_var=154&sent=1011&recv=633&lost=0&retrans=3&sent_bytes=1389487&recv_bytes=2191&delivery_rate=121105454&cwnd=226&unsent_bytes=0&cid=35e9f8474f583708&ts=559&x=0"
X-Firefox-Spdy: h2

GET sorkab.com/wp-content/uploads/2021/12/0000362.jpg

104.21.234.105

200 OK

33 kB

URL GET HTTPS

sorkab.com/wp-content/uploads/2021/12/0000362.jpg

IP / ASN

104.21.234.105

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, progressive, precision 8, 640x360, components 3

First Seen2024-08-19

Last Seen2025-06-22

Times Seen9

Size33 kB (33044 bytes)

MD5739446ed723c46da48b7995c725e8086

SHA12685b3b239c3ac70d39dd9be6c940aa96b3ca7ba

SHA256e7737ef38bf9a7710aa800d438f9bfb774a8b437560dfaca98885d96efa70255

Certificate Info

IssuerGoogle Trust Services

Subjectsorkab.com

FingerprintD3:11:17:D3:EB:D7:75:32:87:93:33:0C:EE:8B:E9:79:13:66:B2:04

ValidityFri, 08 Nov 2024 02:56:19 GMT - Thu, 06 Feb 2025 02:56:18 GMT

HTTP Headers

GET /wp-content/uploads/2021/12/0000362.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 33044
cache-control: public, max-age=31536000
expires: Tue, 04 Nov 2025 23:00:51 GMT
last-modified: Wed, 02 Mar 2022 06:33:35 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 678359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xLhAQ6l4hw6bwnyeQqWw3v4gv6ms765PC3siUQ42H09xxnECbMTZUPHj2xdNa2LZsiyr0k4f8rNhxOqOJq3aiw5zSG38Apff%2FLJUWOcIF3bUovrA9Wb5wxPcZZWx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ed4f46652f-LHR
server-timing: cfL4;desc="?proto=TCP&rtt=20732&min_rtt=20214&rtt_var=853&sent=98&recv=33&lost=0&retrans=0&sent_bytes=126263&recv_bytes=1370&delivery_rate=1741511&cwnd=117&unsent_bytes=0&cid=b57ea78fefd72974&ts=500&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/413257/413257.jpg

104.26.10.85

200 OK

8.3 kB

URL GET HTTPS

treeyork.com/413257/413257.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-05-15

Last Seen2025-01-18

Times Seen18

Size8.3 kB (8277 bytes)

MD5cbc76645d851e086f5d75b761da384ae

SHA14f2b3e4ad348c74191d520ede0cc6c2a58b5c11a

SHA256c22798d0470ebf8ef3e272e0e8971760f36cd6071831bae71fe14fdda1b92e28

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /413257/413257.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 8277
cf-bgj: h2pri
etag: "cbc76645d851e086f5d75b761da384ae"
last-modified: Mon, 15 Jan 2024 03:06:53 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6300
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BA1Fy18vtK25I4rKkMUFh1ZXStkABZXQuZJn%2FCzm%2F9LHpX%2B5qff%2F13gnTaa%2BdbeT5wcqvycvcxXi%2Ftiw0mskU3XHYASo7DIwZ9%2BGGBAsIG3J4NGcEk3Z%2B27Sgm4fmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183edde197129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1733&min_rtt=410&rtt_var=1286&sent=1183&recv=689&lost=0&retrans=4&sent_bytes=1635440&recv_bytes=2271&delivery_rate=15504768&cwnd=270&unsent_bytes=0&cid=35e9f8474f583708&ts=636&x=0"
X-Firefox-Spdy: h2

GET videopreview.chezcathy.com/ext/pre_1010069047.jpg

104.21.235.159

200 OK

9.8 kB

URL GET HTTPS

videopreview.chezcathy.com/ext/pre_1010069047.jpg

IP / ASN

104.21.235.159

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3

First Seen2024-12-07

Last Seen2025-07-13

Times Seen4

Size9.8 kB (9767 bytes)

MD571e63669297141d7d93bbb356c45e4ad

SHA15c3ed232f71c7b18ff3e45f87a5c23d2b2e26790

SHA256a7814e3cf9ce784996f32e139520f30585b9f24029da4464cf31d8c6185e313e

Certificate Info

IssuerGoogle Trust Services

Subjectchezcathy.com

Fingerprint10:63:8B:BE:8C:04:F0:95:FB:93:3A:FA:17:B5:45:59:47:EA:56:7A

ValidityWed, 30 Oct 2024 08:18:23 GMT - Tue, 28 Jan 2025 08:18:22 GMT

HTTP Headers

GET /ext/pre_1010069047.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 9767
last-modified: Wed, 12 Jun 2024 08:44:31 GMT
etag: "66695fef-2627"
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: Range, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-expose-headers: Content-Length, Content-Range
cf-cache-status: HIT
age: 6416
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bAeVjMvqp3MBFoZXce582jkiPwhQKyarrFhDqPpXi91ltbrvoiA%2FRs8cB%2Fd8mSAAHuXxxQJAcyFvM%2FyiMyjZWDgy4D%2B9ynsH%2F1IIqAl%2B2mGKLTWSAKlvqeXUYRw9%2B22KN6HSUfIVzOxRnerOvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183edcfa2ef3e-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20077&min_rtt=19953&rtt_var=2465&sent=8&recv=14&lost=0&retrans=0&sent_bytes=3277&recv_bytes=1394&delivery_rate=216130&cwnd=35&unsent_bytes=0&cid=e55ad0e3a443fbd3&ts=385&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/334196/334196.jpg

104.26.10.85

200 OK

17 kB

URL GET HTTPS

treeyork.com/334196/334196.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size17 kB (16838 bytes)

MD57e763211802cdc656723d0078f113dd9

SHA1108bfb162b3db0479c5b5b71bca140e09cf26e48

SHA2569c31666c03ddedfb8c1d0fff864c21042baa97c923718f32d199fddc1a6ccc4b

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /334196/334196.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 16838
cf-bgj: h2pri
etag: "7e763211802cdc656723d0078f113dd9"
last-modified: Sun, 14 Jan 2024 23:51:36 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6NA20eCpjCzs%2FjdwciqSWHK5uyiDxtU%2FOvHfcWv6D%2FrQ4qihPFTupyBmeUHwCllNTM%2FPrDh9OhS3%2BER0JyYiVhZK3roPXRWagax%2FNUCABGEtrhwTZk%2BXTG%2FRk%2BnB5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ee1e357129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1032&min_rtt=410&rtt_var=617&sent=1191&recv=698&lost=0&retrans=4&sent_bytes=1644454&recv_bytes=2351&delivery_rate=15504768&cwnd=270&unsent_bytes=0&cid=35e9f8474f583708&ts=670&x=0"
X-Firefox-Spdy: h2

GET favor.jtube.top/ch/spankbang

188.114.96.1

302 Found

27 kB

URL User Request GET HTTPS

favor.jtube.top/ch/spankbang

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typedata

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size27 kB (27210 bytes)

MD5965236e291bbd30e6fe4f29891e3acf1

SHA12f7c00f104b30ed39911e8bc72c39e014f6b672d

SHA256b099e57b46b975af63c4be2f213d62adb9ca872e4f0647f1437891c1d611f0a9

Certificate Info

IssuerGoogle Trust Services

Subjectjtube.top

Fingerprint9D:F7:B8:3A:A8:13:38:DE:74:BF:77:4B:F4:4E:53:42:62:EE:F4:9B

ValidityTue, 05 Nov 2024 14:16:24 GMT - Mon, 03 Feb 2025 14:16:23 GMT

HTTP Headers

GET /ch/spankbang HTTP/1.1
Host: favor.jtube.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://favor.jtube.top/
Cookie: cnt=0; lctcfck=NO
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: text/html
location: https://av.tub4us.top/2
x-proxy-cache-192g-la: MISS
xkey-192la: f/ch/spankbang-A-favor.jtube.top-favor.jtube.top-cacpdo2---yes
x-proxy-cache-cl-la: MISS
xkey-cl-la: f/ch/spankbang-A-favor.jtube.top--my_zone
cf-cache-status: BYPASS
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fh7K0I0ab%2BwZLZicCeRZiuq4lhMfcQ8wCDcyRO7M5vKlEbq1oRbST7SBz07CmkWFz5S7Vk9qNce3ZQ7WENFMx6WF15E3FgO0VLI5a8qch8EEgCqw7ijjBgf5NnId6jDcs0c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183e65ae1b50b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7210&min_rtt=3834&rtt_var=4115&sent=23&recv=10&lost=0&retrans=0&sent_bytes=13855&recv_bytes=1573&delivery_rate=26937&cwnd=12000&unsent_bytes=0&cid=47f280bb414274bc&ts=1181&x=1", cfExtPri, cfHdrFlush;dur=0

GET videopreview.chezcathy.com/ext/pre_6826445376.jpg

104.21.235.159

200 OK

9.6 kB

URL GET HTTPS

videopreview.chezcathy.com/ext/pre_6826445376.jpg

IP / ASN

104.21.235.159

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3

First Seen2024-12-07

Last Seen2025-07-09

Times Seen3

Size9.6 kB (9624 bytes)

MD5f62719cc03f5d6a3a315d105b9302ddc

SHA1cbadf5d30f88f8ad839f96728bb12cb7364d69a4

SHA256d4ceb1ec47d7679b14ca163be7ee47e78eec17e3ad95a8f29006e650ffc825ce

Certificate Info

IssuerGoogle Trust Services

Subjectchezcathy.com

Fingerprint10:63:8B:BE:8C:04:F0:95:FB:93:3A:FA:17:B5:45:59:47:EA:56:7A

ValidityWed, 30 Oct 2024 08:18:23 GMT - Tue, 28 Jan 2025 08:18:22 GMT

HTTP Headers

GET /ext/pre_6826445376.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 9624
last-modified: Tue, 11 Jun 2024 18:46:53 GMT
etag: "66689b9d-2598"
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
age: 1016
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k4O8E2Y%2BxqgK6YO3unTeuEQPvmKeKqOoRk76tJFRWYjPuDcbvzqjkOcu9OlIhea86w%2FXPbTxuOCwBx29PHyhrKUGKDjr%2FtuCx8%2F3ZNKMvrEBEseyYjUHkNwPUFIcASCWdzBAy%2FKLBAq3fOpfDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183edcfa1ef3e-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20077&min_rtt=19953&rtt_var=2465&sent=18&recv=14&lost=0&retrans=0&sent_bytes=14128&recv_bytes=1394&delivery_rate=216130&cwnd=35&unsent_bytes=0&cid=e55ad0e3a443fbd3&ts=386&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/594935/594935.jpg

104.26.10.85

200 OK

18 kB

URL GET HTTPS

treeyork.com/594935/594935.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size18 kB (17885 bytes)

MD54d7d5a08040caa6947988d74cb0ee20d

SHA148e4fadab9b3a0c0d6efe574de8bc4ebd1461343

SHA256b5ceab9b76b794541559ea4a69db6ed365a2c1962b121104731e88de1a70cd10

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /594935/594935.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 17885
cf-bgj: h2pri
etag: "4d7d5a08040caa6947988d74cb0ee20d"
last-modified: Mon, 15 Jan 2024 09:08:00 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1322
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIB044iivT0NnERRllics8MD6QLxOjN6MUrFdoeAfKGDCFyu0cHBfOCMOFAW8iStiNgszZk08J0CoSvT9yMDCpCXgoA6EH7bX6sUI5Kong58zGZoO%2FRChFbTWNjNnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ee2e387129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=906&min_rtt=410&rtt_var=273&sent=1206&recv=707&lost=0&retrans=4&sent_bytes=1661923&recv_bytes=2591&delivery_rate=21504950&cwnd=270&unsent_bytes=0&cid=35e9f8474f583708&ts=679&x=0"
X-Firefox-Spdy: h2

GET videopreview.chezcathy.com/ext/pre_4546859809.jpg

104.21.235.159

200 OK

13 kB

URL GET HTTPS

videopreview.chezcathy.com/ext/pre_4546859809.jpg

IP / ASN

104.21.235.159

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3

First Seen2024-12-07

Last Seen2025-05-27

Times Seen3

Size13 kB (13338 bytes)

MD5f38132ea7c0229119d5a15be554fc54d

SHA18398432d8813dbbbddb487df8fd820e8ef09fe19

SHA2561dc3dcaf79259e9ae96c0c3942dab41dbbe1f460bc365414a4e7c24e6bc35126

Certificate Info

IssuerGoogle Trust Services

Subjectchezcathy.com

Fingerprint10:63:8B:BE:8C:04:F0:95:FB:93:3A:FA:17:B5:45:59:47:EA:56:7A

ValidityWed, 30 Oct 2024 08:18:23 GMT - Tue, 28 Jan 2025 08:18:22 GMT

HTTP Headers

GET /ext/pre_4546859809.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 13338
last-modified: Tue, 11 Jun 2024 18:51:58 GMT
etag: "66689cce-341a"
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: Range, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-expose-headers: Content-Length, Content-Range
cf-cache-status: HIT
age: 1331
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JJS67dliRz3aGES5hSTCvwIIHFrrLAG8bU7w1mmGUw5Sz7Kkwe2tcUUFpVE0r2dJjde0NtFZROvylA1ZbvIKKwaHhqQyC8eJCQdmfB3%2FdKW0mWYKI9jKWk7Ux9m7xkkv0UAXmK%2FqywurGemUNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183edcfa3ef3e-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20077&min_rtt=19953&rtt_var=2465&sent=26&recv=14&lost=0&retrans=0&sent_bytes=24460&recv_bytes=1394&delivery_rate=216130&cwnd=35&unsent_bytes=112&cid=e55ad0e3a443fbd3&ts=387&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/553805/553805.jpg

104.26.10.85

200 OK

17 kB

URL GET HTTPS

treeyork.com/553805/553805.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-10

Times Seen6

Size17 kB (17315 bytes)

MD56b84342876189a5070876063b4d4789d

SHA13e2f906cf1501328ae8bbd21c05b4c79035d473b

SHA25641f4c7815e79235b21330b640324bbd30bf58f31fa098ac847dd1659e25c1f6f

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /553805/553805.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 17315
cf-bgj: h2pri
etag: "6b84342876189a5070876063b4d4789d"
last-modified: Mon, 15 Jan 2024 07:46:08 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 480
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0uZ4QIec%2Ba2fdKMcqptgXLOfgndpl24v8h9HfsyKVuzskfT3%2B0fU80GvTh1soSVHt64O8Yo0U0nTWl7s1m%2Ff%2Bq5VHfAY8pFc8nW%2BInho3owSa0giHGBVBWQ5IQQlyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ee2e3d7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=744&min_rtt=410&rtt_var=143&sent=1220&recv=714&lost=0&retrans=4&sent_bytes=1680425&recv_bytes=2591&delivery_rate=26603674&cwnd=270&unsent_bytes=0&cid=35e9f8474f583708&ts=680&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/464571/464571.jpg

104.26.10.85

200 OK

7.3 kB

URL GET HTTPS

treeyork.com/464571/464571.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-06-03

Last Seen2024-12-07

Times Seen4

Size7.3 kB (7289 bytes)

MD578f4ae4b84907c28270979a9e467ebe6

SHA1f9aba2f6af2fa4171a43dd753db2f920a982fd23

SHA256e8e51bab46d64ee103d42dd5b4c356817db3df1c84d6a45ba448d6befde8bde6

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /464571/464571.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 7289
cf-bgj: h2pri
etag: "78f4ae4b84907c28270979a9e467ebe6"
last-modified: Mon, 15 Jan 2024 05:26:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 143
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FgU9aKGAvcbcTfPgKWJY8Yzl6QT9dwVQvB9o8FCtJzsUGKROvF1SiQopPG22jT6ih1%2Fq9zO%2Ftw8Eo8qGbfsg6sZF9qZbviWFlmv6xShVEM%2FnNLCBztfKOqaMciErg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ee2e3e7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=783&min_rtt=410&rtt_var=228&sent=1234&recv=716&lost=0&retrans=4&sent_bytes=1698361&recv_bytes=2591&delivery_rate=26603674&cwnd=270&unsent_bytes=0&cid=35e9f8474f583708&ts=682&x=0"
X-Firefox-Spdy: h2

GET naturismv.com/images/latin-limbo-party-helios-natura-1997.jpg

104.21.235.25

200 OK

35 kB

URL GET HTTPS

naturismv.com/images/latin-limbo-party-helios-natura-1997.jpg

IP / ASN

104.21.235.25

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, progressive, precision 8, 400x300, components 3

First Seen2024-05-24

Last Seen2025-08-03

Times Seen25

Size35 kB (34943 bytes)

MD5edceeabc3952a423658111ccc597d462

SHA1861017c426fe4fcd114064fe5d584a17e0277198

SHA256986481c4ccf2963f9ae7c30499e39465fe6b3afd3b368f7ebd97e388461616b5

Certificate Info

IssuerGoogle Trust Services

Subjectnaturismv.com

Fingerprint9C:58:56:25:78:19:EB:E0:62:6C:2F:51:48:3D:DF:C2:55:0E:82:5B

ValidityWed, 06 Nov 2024 08:49:12 GMT - Tue, 04 Feb 2025 08:49:11 GMT

HTTP Headers

GET /images/latin-limbo-party-helios-natura-1997.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 34943
last-modified: Fri, 19 May 2023 12:04:50 GMT
etag: "646765e2-887f"
expires: Sat, 29 Nov 2025 05:12:53 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 685874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gnhg1lEbPM2KVT%2FZSCgdYdCrKQqj3%2BW6Uqsw%2FbNrpNtnNrn0EbCQwEIa3Po%2F8tDPdVVYNyiBphKOEWc9ffyTynE6bfnbI1WfLs6BPffJ1Snf8ogcqwBPeHukcnPwCeSB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183ee391bd1fd-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20002&min_rtt=17546&rtt_var=6826&sent=41&recv=16&lost=0&retrans=0&sent_bytes=44973&recv_bytes=1540&delivery_rate=1572791&cwnd=254&unsent_bytes=0&cid=5c0ec9b538a07b3d&ts=659&x=0"
X-Firefox-Spdy: h2

GET videopreview.chezcathy.com/ext/pre_3455792225.jpg

104.21.235.159

200 OK

10 kB

URL GET HTTPS

videopreview.chezcathy.com/ext/pre_3455792225.jpg

IP / ASN

104.21.235.159

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3

First Seen2024-12-06

Last Seen2025-02-12

Times Seen9

Size10 kB (10453 bytes)

MD5e7cc295e2731a091a1727a43db68ec1c

SHA1001472cea9186424486d0a09f17b1939f523097e

SHA256bda2acafc0541aaca7aa7d025ec75f66d41a8aead249f4ef46f2e6dc9503b9b7

Certificate Info

IssuerGoogle Trust Services

Subjectchezcathy.com

Fingerprint10:63:8B:BE:8C:04:F0:95:FB:93:3A:FA:17:B5:45:59:47:EA:56:7A

ValidityWed, 30 Oct 2024 08:18:23 GMT - Tue, 28 Jan 2025 08:18:22 GMT

HTTP Headers

GET /ext/pre_3455792225.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 10453
last-modified: Thu, 13 Jun 2024 23:07:55 GMT
etag: "666b7bcb-28d5"
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: Range, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-expose-headers: Content-Length, Content-Range
cf-cache-status: HIT
age: 2384
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qwsw4THeAzHpNbvs2hTHf52SgLjx4GHcmdOjIf%2BvVqGQwX6HMOTC%2BYyTXHWjC81tsaSSphnvf7jGVoPGHmy0JfFzwd6%2BK1Vagf12leBdo9XEfVZumEG0iaqAY%2BPRmL8fymahhClX4JJSrdnpig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183ee6862ef3e-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=25317&min_rtt=19953&rtt_var=12330&sent=37&recv=17&lost=0&retrans=1&sent_bytes=39848&recv_bytes=1477&delivery_rate=656923&cwnd=63&unsent_bytes=0&cid=e55ad0e3a443fbd3&ts=484&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/603754/603754.jpg

104.26.10.85

200 OK

17 kB

URL GET HTTPS

treeyork.com/603754/603754.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-06-08

Last Seen2024-12-28

Times Seen10

Size17 kB (16634 bytes)

MD5474c817a0f70480c6b1f3c729c51e4c5

SHA1ee4917222f662acd9cd72bfff36815fdc7f7586b

SHA2566c053d7693daf428f2f684369e853fe34d1761cf91db6665eb81763f45390b8b

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /603754/603754.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 16634
cf-bgj: h2pri
etag: "474c817a0f70480c6b1f3c729c51e4c5"
last-modified: Mon, 15 Jan 2024 09:25:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2470
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q3ZemVU8lwVmu5xs%2Byjbg3lMF26CEwO7IZk4W38srgHel%2B11GBHZpV2YfDwd1E5f8zp%2F0JKVOrM4sCfNAu15ti0XN0x0ikdVJshKFu2%2B0Bk%2F0pkwBp6q7wH0m0LmcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ee3e497129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=979&min_rtt=410&rtt_var=628&sent=1242&recv=719&lost=0&retrans=4&sent_bytes=1706253&recv_bytes=2671&delivery_rate=26603674&cwnd=270&unsent_bytes=0&cid=35e9f8474f583708&ts=697&x=0"
X-Firefox-Spdy: h2

GET naturismv.com/images/naked-may-day-in-odessa-enature-net-russianbare-com.jpg

104.21.235.25

200 OK

32 kB

URL GET HTTPS

naturismv.com/images/naked-may-day-in-odessa-enature-net-russianbare-com.jpg

IP / ASN

104.21.235.25

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, progressive, precision 8, 400x300, components 3

First Seen2024-04-18

Last Seen2025-07-05

Times Seen80

Size32 kB (32466 bytes)

MD5c686c7b9a7525fd358cb06c1374eb582

SHA1d7d9f9973a625ef36ebfbe5fc3c203323ecc6648

SHA2565e52c7ccbb075094cedb3560a31d68b9fdadc4eb761f2e4a885dcef19bb26648

Certificate Info

IssuerGoogle Trust Services

Subjectnaturismv.com

Fingerprint9C:58:56:25:78:19:EB:E0:62:6C:2F:51:48:3D:DF:C2:55:0E:82:5B

ValidityWed, 06 Nov 2024 08:49:12 GMT - Tue, 04 Feb 2025 08:49:11 GMT

HTTP Headers

GET /images/naked-may-day-in-odessa-enature-net-russianbare-com.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 32466
last-modified: Fri, 19 May 2023 12:04:46 GMT
etag: "646765de-7ed2"
expires: Wed, 03 Dec 2025 06:05:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 337103
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KsqDNptcjFf%2BBhpjSUhQuBR%2FFk12wE9mGx24OQyOqb5dZxxl1Mgx3rZmH4VE6PlcNODwDhQdBJEH5E1GAtTkIlu9iZFUMT%2FELs1vbF3%2B2y%2FdtKpC7FOLMiEOdxqw%2BEv3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183ee3915d1fd-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20002&min_rtt=17546&rtt_var=6826&sent=67&recv=16&lost=0&retrans=0&sent_bytes=80776&recv_bytes=1540&delivery_rate=1572791&cwnd=254&unsent_bytes=0&cid=5c0ec9b538a07b3d&ts=659&x=0"
X-Firefox-Spdy: h2

GET img2.javdove.com/media/videos/tmb/8087/default.jpg?v=1568616567

104.21.235.11

200 OK

21 kB

URL GET HTTPS

img2.javdove.com/media/videos/tmb/8087/default.jpg?v=1568616567

IP / ASN

104.21.235.11

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 640x360, components 3

First Seen2024-12-07

Last Seen2024-12-08

Times Seen2

Size21 kB (21200 bytes)

MD573d62cce338b39a3a3e013817134b910

SHA103e2c74e48cbcf64e7f9dc9407cdcd0afbfd4df7

SHA256aa4d11820ee24bb3ba05ac5293861339386afac3abe0d7d05592f0cbefa15729

Certificate Info

IssuerGoogle Trust Services

Subjectjavdove.com

Fingerprint78:D1:82:68:A9:F9:DE:2D:B4:72:87:FF:E3:70:FE:33:FC:C8:FE:F4

ValidityWed, 20 Nov 2024 21:12:31 GMT - Tue, 18 Feb 2025 21:12:30 GMT

HTTP Headers

GET /media/videos/tmb/8087/default.jpg?v=1568616567 HTTP/1.1
Host: img2.javdove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 21200
cf-bgj: h2pri
etag: "52d0-590b060ba01c0"
last-modified: Thu, 22 Aug 2019 08:21:35 GMT
cache-control: max-age=691200
cf-cache-status: HIT
age: 6400
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BuZUh%2BqAs38F%2BbBPp%2FvoSLlDDJbmvqkxWWOj3mobIkkHlAhxQj8dMjT8h%2B4EGnYHDIkO%2BURVPkqCC2w%2F3axdaCFREE6go%2FzVyND6PLmiGZdePaqEjXImIT88ayBTq6vAHqA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183ee6ace94aa-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20100&min_rtt=20084&rtt_var=3205&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3196&recv_bytes=1069&delivery_rate=215518&cwnd=34&unsent_bytes=0&cid=25e3f840854f2254&ts=389&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/300846/300846.jpg

104.26.10.85

200 OK

221 kB

URL GET HTTPS

treeyork.com/300846/300846.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-05-06

Last Seen2024-12-12

Times Seen63

Size221 kB (220558 bytes)

MD5b3af997b52ad8074b96c7850d8b85591

SHA1f136a453e36ecbfea6c9c5f7a230d4071851c2c2

SHA256857bd89493947e045d03ce09ba94b8970e48b39ecb101e5c9d502f133a854714

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /300846/300846.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 220558
cf-bgj: h2pri
etag: "b3af997b52ad8074b96c7850d8b85591"
last-modified: Sun, 14 Jan 2024 19:55:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 7186
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wI%2BBYy6XsJF7MQZPNxCvXyEd2jqFWtIk0rszzkmdNU%2BP5y3kTFPG%2BvakIuyr%2FPXR%2FU0GzzRy2Nx%2FnrpiYdUjiHffI55E4fUVr0MBtMOB7miIPJWBvC8SwKUyn4ImlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ee5e517129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1404&min_rtt=410&rtt_var=1390&sent=1256&recv=721&lost=0&retrans=4&sent_bytes=1723656&recv_bytes=2751&delivery_rate=26603674&cwnd=270&unsent_bytes=0&cid=35e9f8474f583708&ts=710&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/370295/370295.jpg

104.26.10.85

200 OK

12 kB

URL GET HTTPS

treeyork.com/370295/370295.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-08-19

Last Seen2025-01-01

Times Seen8

Size12 kB (12275 bytes)

MD566d0e7727db291d3dcdd9b5eb76275ae

SHA1cc057d1911df82e750b916345cfbb52dd2228aed

SHA256a92f1510d500c6a8482b9a8521261a282398a353b402ccd740f16aa5ca028a3d

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /370295/370295.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 12275
cf-bgj: h2pri
etag: "66d0e7727db291d3dcdd9b5eb76275ae"
last-modified: Mon, 15 Jan 2024 01:00:51 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPx0pwJmVKROKGWfJOq5ZmCiluBFeqovdNt0uxD0WYwX5Q%2BZ5%2F1wNa5bB51M%2Bs%2FeGwd4PqLu29qBlz2UKOnNZVsoWUG4wodJJZGCDCJ%2Bd8Qk16qNM1RwXB%2BEELP5dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ee8e7e7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2007&min_rtt=410&rtt_var=2375&sent=1412&recv=724&lost=0&retrans=5&sent_bytes=1945889&recv_bytes=2831&delivery_rate=31715545&cwnd=218&unsent_bytes=0&cid=35e9f8474f583708&ts=742&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/352205/352205.jpg

104.26.10.85

200 OK

17 kB

URL GET HTTPS

treeyork.com/352205/352205.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size17 kB (16878 bytes)

MD54d78020a16b0efdb2b02e84d567731f1

SHA1cfb1936802a2278dfb4e725f0a409177939fb4a0

SHA256ef08ca375f62236de227cb846517857bf7a9bb506b9c4106ce5245ef62ec73fe

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /352205/352205.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 16878
cf-bgj: h2pri
etag: "4d78020a16b0efdb2b02e84d567731f1"
last-modified: Mon, 15 Jan 2024 00:19:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tAaN6olxe2bqmOMQOAu3NpErGLuJX7jqek2HGeu5CVLdtrrzDBeTlj%2BhrDv4mNYq06k1PQMEvWiGpXVQbU66SM87o%2FlI23dgWAZrL%2F2Tm6FWCrRq5C6jvARaVwmMlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ee9e867129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1838&min_rtt=410&rtt_var=1608&sent=1423&recv=726&lost=0&retrans=5&sent_bytes=1958761&recv_bytes=2910&delivery_rate=31715545&cwnd=229&unsent_bytes=0&cid=35e9f8474f583708&ts=754&x=0"
X-Firefox-Spdy: h2

GET naturismv.com/images/a-day-in-the-city-enature-net-russianbare-com.jpg

104.21.235.25

200 OK

25 kB

URL GET HTTPS

naturismv.com/images/a-day-in-the-city-enature-net-russianbare-com.jpg

IP / ASN

104.21.235.25

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, progressive, precision 8, 400x300, components 3

First Seen2024-04-30

Last Seen2025-06-23

Times Seen21

Size25 kB (24848 bytes)

MD58f81d8d84dfd85cba106f562d2581605

SHA11392d619a082675d17c15722629c5dbe11822065

SHA256747fba5d3dc9cc378e21f7945abae3f91179968812bb9098062833109bbbae8d

Certificate Info

IssuerGoogle Trust Services

Subjectnaturismv.com

Fingerprint9C:58:56:25:78:19:EB:E0:62:6C:2F:51:48:3D:DF:C2:55:0E:82:5B

ValidityWed, 06 Nov 2024 08:49:12 GMT - Tue, 04 Feb 2025 08:49:11 GMT

HTTP Headers

GET /images/a-day-in-the-city-enature-net-russianbare-com.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 24848
last-modified: Fri, 19 May 2023 12:04:44 GMT
etag: "646765dc-6110"
expires: Thu, 20 Nov 2025 10:13:12 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 1445455
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=exCvPpXXb%2Fsjpt%2BLwWp4fMTwl9BSuGK%2BuxLV1CrVWZ4YAUVR4ws45KyHoK8CHnH3Hf%2BTsbasxByAj6p6Hn0r9jNlTgGAT%2FALUeKgZEP8YTWqIaVTn0Z0pRmn3j8VdMYx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183ee391cd1fd-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20002&min_rtt=17546&rtt_var=6826&sent=87&recv=16&lost=0&retrans=0&sent_bytes=109101&recv_bytes=1540&delivery_rate=1572791&cwnd=254&unsent_bytes=4916&cid=5c0ec9b538a07b3d&ts=659&x=0"
X-Firefox-Spdy: h2

GET sorkab.com/wp-content/uploads/2023/06/0003962.jpg

104.21.234.105

200 OK

34 kB

URL GET HTTPS

sorkab.com/wp-content/uploads/2023/06/0003962.jpg

IP / ASN

104.21.234.105

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3

First Seen2024-05-09

Last Seen2025-07-31

Times Seen60

Size34 kB (34244 bytes)

MD5a4db4bcd97499fcf5fc5fb29ef58d5a5

SHA1719798cc5447c636e6abbfe792e40632793b480e

SHA256911e0f0a47ec7e3f1d9dafc0f6124146fdfb97455de2f37bd42bb506bf5bdc74

Certificate Info

IssuerGoogle Trust Services

Subjectsorkab.com

FingerprintD3:11:17:D3:EB:D7:75:32:87:93:33:0C:EE:8B:E9:79:13:66:B2:04

ValidityFri, 08 Nov 2024 02:56:19 GMT - Thu, 06 Feb 2025 02:56:18 GMT

HTTP Headers

GET /wp-content/uploads/2023/06/0003962.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 34244
cache-control: public, max-age=31536000
expires: Fri, 28 Nov 2025 01:09:36 GMT
last-modified: Sat, 01 Jul 2023 02:50:42 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 348774
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anhvw0ykHdYxt3naw2tRc%2F62dLfE8ugt3R3Tvv9TyDupbhWhOtC%2Fv6K1OmWUFHLL%2FqdKpK8XF839vTrJMZLBamk%2FrXrobMY71T3GiR6IZkSIaGeYPDYgxzl7ni2P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ef5885652f-LHR
server-timing: cfL4;desc="?proto=TCP&rtt=20710&min_rtt=20186&rtt_var=638&sent=144&recv=69&lost=0&retrans=0&sent_bytes=188153&recv_bytes=1557&delivery_rate=1741511&cwnd=117&unsent_bytes=0&cid=b57ea78fefd72974&ts=830&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/635052/635052.jpg

104.26.10.85

200 OK

15 kB

URL GET HTTPS

treeyork.com/635052/635052.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-05-08

Last Seen2025-01-02

Times Seen55

Size15 kB (15190 bytes)

MD58191b6883479a73e59f9cbe4d878f71c

SHA160952cff8dda3e52f6fb7a188396a7644e2d3584

SHA25630f939473aa77107aaee23e2f9d2c50f58a14757c3f5427e4d354bdf3bd778a0

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /635052/635052.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 15190
cf-bgj: h2pri
etag: "8191b6883479a73e59f9cbe4d878f71c"
last-modified: Mon, 15 Jan 2024 11:00:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2593
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUzm4gG%2BMOdCUlbLGk8ylYna1SGLzHCRIi2ZXMeIG7qhVJbQacftAJyFBtdIYy4JFMyRrgJ%2FG8SPZ0T0lBXRQDp1KcllwXtK89QXKp%2F8Duqw82qT1CH15cx%2FhH1qqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ef4ec57129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2466&min_rtt=410&rtt_var=2729&sent=1438&recv=729&lost=0&retrans=6&sent_bytes=1976596&recv_bytes=2990&delivery_rate=31715545&cwnd=236&unsent_bytes=0&cid=35e9f8474f583708&ts=860&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/399096/399096.jpg

104.26.10.85

200 OK

12 kB

URL GET HTTPS

treeyork.com/399096/399096.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-05

Last Seen2024-12-07

Times Seen2

Size12 kB (11891 bytes)

MD520345adf9db50f7af39ea81befa9a599

SHA108689dabe4805c1a7f904a85fd30742ee9e737a0

SHA256450613044ae12d20a8a4d88e9dab40266c08ea537ba053bd64c7f5506582fce2

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /399096/399096.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 11891
cf-bgj: h2pri
etag: "20345adf9db50f7af39ea81befa9a599"
last-modified: Mon, 15 Jan 2024 02:21:57 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4516
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ang3qN6WMMQUdgMdVk0dW35s0YmoINsshCLOP5VtZnajy3S8AFu9up7GOujh5cCTVaLcxqV8gCOl6Wy3tWetqNRbpscakyPYDNRk5JvolbDdy5hH4cZJcUzipDfCtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ef7ed97129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1112&min_rtt=410&rtt_var=588&sent=1453&recv=746&lost=0&retrans=6&sent_bytes=1992403&recv_bytes=3310&delivery_rate=31715545&cwnd=236&unsent_bytes=0&cid=35e9f8474f583708&ts=890&x=0"
X-Firefox-Spdy: h2

GET naturismv.com/images/vivre-nu-a-la-recherche-du-paradis-1998.jpg

104.21.235.25

200 OK

37 kB

URL GET HTTPS

naturismv.com/images/vivre-nu-a-la-recherche-du-paradis-1998.jpg

IP / ASN

104.21.235.25

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, progressive, precision 8, 400x300, components 3

First Seen2024-05-12

Last Seen2025-06-21

Times Seen23

Size37 kB (37103 bytes)

MD5e5fab26546f27e19d0310de8fd869d59

SHA18e04f5a26301756f90a2042d3c4a95735a0cf1ce

SHA256cb3a11e078510c574553501d549bfdbc62faf8b010b162a5b37c5b720a1e13d8

Certificate Info

IssuerGoogle Trust Services

Subjectnaturismv.com

Fingerprint9C:58:56:25:78:19:EB:E0:62:6C:2F:51:48:3D:DF:C2:55:0E:82:5B

ValidityWed, 06 Nov 2024 08:49:12 GMT - Tue, 04 Feb 2025 08:49:11 GMT

HTTP Headers

GET /images/vivre-nu-a-la-recherche-du-paradis-1998.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 37103
last-modified: Fri, 19 May 2023 12:04:46 GMT
etag: "646765de-90ef"
expires: Sun, 30 Nov 2025 06:02:57 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 596470
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DVm7rsrQJKFYVQZ2oKARdSraF7lSLY7aadlOlYusFtp5knj77ZCyRCK6IghiINPyVQS5jwIY%2BANScvyULW1zNgeDvy%2BRxPz9KjensQZJxe6OgwO%2BF5aph8sDI45GU1GW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183ee5951d1fd-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20002&min_rtt=17546&rtt_var=6826&sent=87&recv=17&lost=0&retrans=0&sent_bytes=109101&recv_bytes=1643&delivery_rate=1572791&cwnd=254&unsent_bytes=30466&cid=5c0ec9b538a07b3d&ts=679&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/548689/548689.jpg

104.26.10.85

200 OK

19 kB

URL GET HTTPS

treeyork.com/548689/548689.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-19

Times Seen4

Size19 kB (19167 bytes)

MD5ee9ac114f48a51c845f39bf83ae6ef88

SHA113bb17e0265f26d80262b3fee072e3e4055e04cd

SHA256ba25bb7eb973986240f513469aef5cdf09860c5881908a5258db61c8c79c615d

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /548689/548689.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 19167
cf-bgj: h2pri
etag: "ee9ac114f48a51c845f39bf83ae6ef88"
last-modified: Mon, 15 Jan 2024 07:39:04 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 499
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HsBuZs7%2FYzwWxdAfxjqruUS7aVG%2BUfH%2B0x9BgHw5uoCShMrdS04S5HvZ4hntmPSEzqUljRBHZn8xWeEm1znfaOrZbzjHRzdUyAswUo4wVflH4tWJC8ngivtXEiitzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ef7edf7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=943&min_rtt=410&rtt_var=497&sent=1477&recv=749&lost=0&retrans=6&sent_bytes=2022194&recv_bytes=3310&delivery_rate=31715545&cwnd=242&unsent_bytes=65160&cid=35e9f8474f583708&ts=894&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/162435/162435.jpg

104.26.10.85

200 OK

200 kB

URL GET HTTPS

treeyork.com/162435/162435.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-09-19

Last Seen2024-12-19

Times Seen11

Size200 kB (199671 bytes)

MD5dd399fe0ec56d9fd03bfdcc2b693aebb

SHA1a031feb0a9fe9094d48a510fd28ae60f2a69caf1

SHA256e632613fcd36f5c93d1feb806c84de9dbee9cd86246619efc2aae9d4dc4387ee

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /162435/162435.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 199671
cf-bgj: h2pri
etag: "dd399fe0ec56d9fd03bfdcc2b693aebb"
last-modified: Sun, 14 Jan 2024 13:15:31 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6380
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PY5ezhQ2sM3m3a%2BiwZsj3Nzyt6OFa3yFzCMbI9F%2BG8bVD5BaeChCiM3diYW3985wYFDygo0B4Wz%2BYSTZIAF7AVWYvJFSu0l3qeVNUcHVgwWx92w%2BNcRjG1is%2FraKrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ef7ede7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=943&min_rtt=410&rtt_var=497&sent=1464&recv=749&lost=0&retrans=6&sent_bytes=2005027&recv_bytes=3310&delivery_rate=31715545&cwnd=242&unsent_bytes=0&cid=35e9f8474f583708&ts=894&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/275447/275447.jpg

104.26.10.85

200 OK

172 kB

URL GET HTTPS

treeyork.com/275447/275447.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-10-22

Last Seen2024-12-31

Times Seen10

Size172 kB (172045 bytes)

MD5abd875566f8d6db1de1b4083f845e406

SHA1772621e850735c6290a5b4e62a3a52d52c9fb376

SHA2568bd2fe0401033cb88ff5da08462767e6681f7728cf356caa3964ac2ba32292f3

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /275447/275447.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 172045
cf-bgj: h2pri
etag: "abd875566f8d6db1de1b4083f845e406"
last-modified: Sun, 14 Jan 2024 16:52:25 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2923
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDXzR8l0sjIxKo%2BOAIsij%2BoTLBsA0MFTKbw1v26I4EnNID1n4higzzmbrNXP6zuLNLI3O5izzhUJ%2Fq2PPMlHewnFzviPKBNgsW3Z%2B%2BUg9qYoDigiMK3Ps7MQ0ywgtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ef7edd7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=943&min_rtt=410&rtt_var=497&sent=1522&recv=749&lost=0&retrans=6&sent_bytes=2087354&recv_bytes=3310&delivery_rate=31715545&cwnd=242&unsent_bytes=0&cid=35e9f8474f583708&ts=894&x=0"
X-Firefox-Spdy: h2

GET naturismv.com/images/vanessa-s-first-day-at-school-naturist-freedom.jpg

104.21.235.25

200 OK

37 kB

URL GET HTTPS

naturismv.com/images/vanessa-s-first-day-at-school-naturist-freedom.jpg

IP / ASN

104.21.235.25

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, progressive, precision 8, 400x300, components 3

First Seen2024-04-21

Last Seen2025-07-23

Times Seen174

Size37 kB (36894 bytes)

MD58839b0762fc03e166bf610c0247e374a

SHA166e94776a3511b3d8948f11aa32426b1b9bc090f

SHA256a0d3402337455ff313e456c7f50208d4f33b627f21ef81f403d9d6d25e641c63

Certificate Info

IssuerGoogle Trust Services

Subjectnaturismv.com

Fingerprint9C:58:56:25:78:19:EB:E0:62:6C:2F:51:48:3D:DF:C2:55:0E:82:5B

ValidityWed, 06 Nov 2024 08:49:12 GMT - Tue, 04 Feb 2025 08:49:11 GMT

HTTP Headers

GET /images/vanessa-s-first-day-at-school-naturist-freedom.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 36894
last-modified: Fri, 19 May 2023 12:04:48 GMT
etag: "646765e0-901e"
expires: Fri, 05 Dec 2025 02:16:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 178052
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUUafy6wwmJUbubuVnTKEM6nBXlUFAo1hzyCFc7DKq087ab%2FdoPcaYiPxO3c6G%2FBPPnIn8SoD%2BH5rK6%2BGWNt58ExqWIfmpTgB1EVyOywHCrk1WieT9udmVa%2FQeLOQks9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183eea9bcd1fd-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=25126&min_rtt=17546&rtt_var=15369&sent=134&recv=21&lost=0&retrans=1&sent_bytes=173018&recv_bytes=1852&delivery_rate=1572791&cwnd=254&unsent_bytes=5304&cid=5c0ec9b538a07b3d&ts=728&x=0"
X-Firefox-Spdy: h2

GET naturismv.com/images/sweet-little-kristinka-naturist-freedom.jpg

104.21.235.25

200 OK

45 kB

URL GET HTTPS

naturismv.com/images/sweet-little-kristinka-naturist-freedom.jpg

IP / ASN

104.21.235.25

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, progressive, precision 8, 400x300, components 3

First Seen2024-05-06

Last Seen2025-07-23

Times Seen89

Size45 kB (44673 bytes)

MD553c35a1adb6dddf973faf295dfee567c

SHA1103f77982143ee6ec0f0395c534a2d574c0dddf9

SHA256345770747c5239ba0ad5045605a3922586845469758e54e0c22048dd17d20bd4

Certificate Info

IssuerGoogle Trust Services

Subjectnaturismv.com

Fingerprint9C:58:56:25:78:19:EB:E0:62:6C:2F:51:48:3D:DF:C2:55:0E:82:5B

ValidityWed, 06 Nov 2024 08:49:12 GMT - Tue, 04 Feb 2025 08:49:11 GMT

HTTP Headers

GET /images/sweet-little-kristinka-naturist-freedom.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 44673
last-modified: Fri, 19 May 2023 12:04:48 GMT
etag: "646765e0-ae81"
expires: Wed, 03 Dec 2025 03:56:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 344842
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=poQ1ROAoqragwCaZmmTM4GejFu2%2BlNRWMH9rTckJI2hnpnE8NdBUri7ux08L%2BncL1vQUKqMn9sHnb3NNFQtojm4065Y%2B4SPiLFu4VufbNYq6W0rXn%2FOrWk0JD69MEUDf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183eea9bed1fd-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=25126&min_rtt=17546&rtt_var=15369&sent=134&recv=21&lost=0&retrans=1&sent_bytes=173018&recv_bytes=1852&delivery_rate=1572791&cwnd=254&unsent_bytes=31856&cid=5c0ec9b538a07b3d&ts=728&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/557363/557363.jpg

104.26.10.85

200 OK

17 kB

URL GET HTTPS

treeyork.com/557363/557363.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-08-20

Last Seen2024-12-19

Times Seen5

Size17 kB (16867 bytes)

MD59ce397618f2b33185d4bd2eca1d23ef4

SHA1331853dae3e43f739e467d3c8765bb2f58f71c6e

SHA2563f6d4892506cf802b8915322abe226f43b373b427284acbbbc0eb9506c6812c9

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /557363/557363.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 16867
cf-bgj: h2pri
etag: "9ce397618f2b33185d4bd2eca1d23ef4"
last-modified: Mon, 15 Jan 2024 07:50:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3622
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QULL18Zg9WpsrE3Qp89e9J8dATeO3QHPF1mLq%2Fd00g26Ig6L%2Bx2H1Hx7Ptjg1gRrDTntf8hv8Wae%2FRyfHlptY%2FRkYixzACc%2F%2FVSwyx7hxodXWOm3RdJU2ejN6wEPOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183efcf0a7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5948&min_rtt=410&rtt_var=9648&sent=1737&recv=752&lost=0&retrans=6&sent_bytes=2398591&recv_bytes=3390&delivery_rate=23438848&cwnd=324&unsent_bytes=0&cid=35e9f8474f583708&ts=943&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/224529/224529.jpg

104.26.10.85

200 OK

124 kB

URL GET HTTPS

treeyork.com/224529/224529.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-09-19

Last Seen2025-01-13

Times Seen9

Size124 kB (124528 bytes)

MD537ab69cbe3ea3d9fc636a67f6a6763b7

SHA1085364adc9360cc515afc797968be1ff1670f945

SHA256166af410907c24a4d534ba737f3550c2c18c0366d2b1ceb3be251bb66d87f516

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /224529/224529.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 124528
cf-bgj: h2pri
etag: "37ab69cbe3ea3d9fc636a67f6a6763b7"
last-modified: Sun, 14 Jan 2024 14:26:40 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2448
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNTe0YjjB7BuNxbEW%2FlRkhRo%2BAC7Z2DZrn3GS5H%2BJdNLrR0Emr3zjhClFF1FmZsowjFyyzJ%2FBH5z%2FlK8lNkuHpoEf%2BJINb6%2BQ3byggaZoFdwMg3LWmL51e8gaYnwAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183efff1d7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6366&min_rtt=410&rtt_var=8617&sent=1752&recv=755&lost=0&retrans=7&sent_bytes=2416431&recv_bytes=3469&delivery_rate=1308403&cwnd=324&unsent_bytes=0&cid=35e9f8474f583708&ts=975&x=0"
X-Firefox-Spdy: h2

GET naturismv.com/images/farewell-autumn-holy-nature.jpg

104.21.235.25

200 OK

31 kB

URL GET HTTPS

naturismv.com/images/farewell-autumn-holy-nature.jpg

IP / ASN

104.21.235.25

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, progressive, precision 8, 400x300, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size31 kB (30940 bytes)

MD5ff48bc4d4400f580eb66a7d5d9c4e109

SHA176e245c92c73fc2acfa4204add62a9caa2b5eace

SHA256777586521164efc802457d5082bcfea8d216e86354c4f8fa896d4a61f6651e5f

Certificate Info

IssuerGoogle Trust Services

Subjectnaturismv.com

Fingerprint9C:58:56:25:78:19:EB:E0:62:6C:2F:51:48:3D:DF:C2:55:0E:82:5B

ValidityWed, 06 Nov 2024 08:49:12 GMT - Tue, 04 Feb 2025 08:49:11 GMT

HTTP Headers

GET /images/farewell-autumn-holy-nature.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 30940
last-modified: Fri, 19 May 2023 12:04:44 GMT
etag: "646765dc-78dc"
expires: Wed, 26 Nov 2025 22:40:41 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 882206
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ndDz81SUgbHXR9JAmXwUy5bHeGjtvkELb8XashHG2idxSz11AU9s91GsDqF4xUbTcnx0mwVeH8y4oRLbmGqzEi28KC73Z%2FQOZfCMvA1Ky%2Fd8ibeiw%2BUBIKKUCBVm9fCg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183f0cce0d1fd-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17908&min_rtt=17539&rtt_var=104&sent=197&recv=131&lost=0&retrans=1&sent_bytes=261329&recv_bytes=1946&delivery_rate=6738571&cwnd=310&unsent_bytes=0&cid=5c0ec9b538a07b3d&ts=1072&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/439090/439090.jpg

104.26.10.85

200 OK

18 kB

URL GET HTTPS

treeyork.com/439090/439090.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-05-18

Last Seen2024-12-28

Times Seen22

Size18 kB (18504 bytes)

MD5d0129b6316ea902dfaf38b886ab75416

SHA18339652e7072ea7379bc1d20ca9165a38b0d6292

SHA2565e8992d11a34d1bf93d85370ac8e33e8fd4685b164480b8e4d81aef6db0e3d71

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /439090/439090.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 18504
cf-bgj: h2pri
etag: "d0129b6316ea902dfaf38b886ab75416"
last-modified: Mon, 15 Jan 2024 04:36:02 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2872
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKwrA7c9QYbzb7jEpY68Cvym0tbqTExbm1faZeIgpHmdbLA%2FsWbTLyJheqVjTeetGB7FkBJXzNKlcot%2BbUXCnphhnUSeD%2BoPcMeDlLF5vunHgDZ6aReojrUuY%2F%2F8Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183f01f307129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3615&min_rtt=410&rtt_var=3956&sent=1854&recv=764&lost=0&retrans=7&sent_bytes=2559198&recv_bytes=3708&delivery_rate=25632442&cwnd=356&unsent_bytes=65160&cid=35e9f8474f583708&ts=999&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/109902/109902.jpg

104.26.10.85

200 OK

192 kB

URL GET HTTPS

treeyork.com/109902/109902.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-05-05

Last Seen2025-01-08

Times Seen98

Size192 kB (191559 bytes)

MD5116444c1a8066b15e67fe9b6eb56166f

SHA1fff8db0ccd6f25860c337973e0e16a7996f88c91

SHA2566e30e314e36ceb795db658dbd80259c8a56adeecc5523c6f810460d13a0d7b7f

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /109902/109902.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 191559
cf-bgj: h2pri
etag: "116444c1a8066b15e67fe9b6eb56166f"
last-modified: Sun, 14 Jan 2024 12:37:20 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 587
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alS3EsiDxcAQcgQwNl%2B%2BEXrfAyDQksmGoKetCS%2BiYlm9EJIFT%2FptakL7IGVM%2B7jhA9DmtTJTIhAI9qKiCjqDj5Ka38e5ZJt0UBrgi4bGfCDKgfV90LY9eLrjs0vZ1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183f01f2f7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3615&min_rtt=410&rtt_var=3956&sent=1841&recv=764&lost=0&retrans=7&sent_bytes=2542029&recv_bytes=3708&delivery_rate=25632442&cwnd=356&unsent_bytes=0&cid=35e9f8474f583708&ts=998&x=0"
X-Firefox-Spdy: h2

GET naturismv.com/images/junior-miss-pageant-contest-2001-7.jpg

104.21.235.25

200 OK

78 kB

URL GET HTTPS

naturismv.com/images/junior-miss-pageant-contest-2001-7.jpg

IP / ASN

104.21.235.25

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, progressive, precision 8, 400x300, components 3

First Seen2024-07-17

Last Seen2025-07-18

Times Seen20

Size78 kB (78542 bytes)

MD57e2cd3a487428ff19841022cde6030ca

SHA1325ca0413da6ca86bd6246e3783adc2f06fa3098

SHA2561aedeba4ee6ce68e7bd581adc44ef8522ba3bcb8326dced92e15cd703ce5252c

Certificate Info

IssuerGoogle Trust Services

Subjectnaturismv.com

Fingerprint9C:58:56:25:78:19:EB:E0:62:6C:2F:51:48:3D:DF:C2:55:0E:82:5B

ValidityWed, 06 Nov 2024 08:49:12 GMT - Tue, 04 Feb 2025 08:49:11 GMT

HTTP Headers

GET /images/junior-miss-pageant-contest-2001-7.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 78542
last-modified: Fri, 19 May 2023 12:04:52 GMT
etag: "646765e4-132ce"
expires: Sun, 30 Nov 2025 03:06:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 607056
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2lshqE7Lg6Sgf0rh2gHz6cFxfozmmTtcuUs8xUbTSD3Kj2CocFMHQHYgS%2BBPSobNeChtliPEoZNs1qkgkvjtgwS1rYNThqOfxbEfvXy9H2K3QSgEjMsU3OmCuDqKjnHl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183f0ed0cd1fd-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17638&min_rtt=17483&rtt_var=19&sent=221&recv=156&lost=0&retrans=1&sent_bytes=292855&recv_bytes=2044&delivery_rate=6738571&cwnd=334&unsent_bytes=0&cid=5c0ec9b538a07b3d&ts=1096&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/261739/261739.jpg

104.26.10.85

200 OK

212 kB

URL GET HTTPS

treeyork.com/261739/261739.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-09-19

Last Seen2025-01-13

Times Seen9

Size212 kB (212247 bytes)

MD52e2a6da8ed0e7aa70e365a739c211146

SHA1b85676e70106ba25fb8dca03fbafe51276cc8a0d

SHA256784af240c6a9c8fdcb9f81cfa988828f920474aa6955c623f2a64c8999aad7b1

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /261739/261739.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 212247
cf-bgj: h2pri
etag: "2e2a6da8ed0e7aa70e365a739c211146"
last-modified: Sun, 14 Jan 2024 16:10:47 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1875
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WV8CHDpDlxYrF8SPadfC7KmiuAWP3RcxKGwNeQy2XfrxBei6Ppx1p8KVJGh%2F6vzoPfcZzXkPiNeGfUEgGzhoQOknjNYuNka6FqCDTFzNH5DeToMMjAnZzL1TQfRRlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183f0df967129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4579&min_rtt=410&rtt_var=5489&sent=1990&recv=767&lost=0&retrans=8&sent_bytes=2754324&recv_bytes=3788&delivery_rate=25632442&cwnd=318&unsent_bytes=0&cid=35e9f8474f583708&ts=1118&x=0"
X-Firefox-Spdy: h2

GET treeyork.com/354480/354480.jpg

104.26.10.85

200 OK

16 kB

URL GET HTTPS

treeyork.com/354480/354480.jpg

IP / ASN

104.26.10.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size16 kB (16094 bytes)

MD5083661910cb960aa3881719e105f46e0

SHA14fe370bffbfd9b00cf7af5f02c68c7c6707d900c

SHA256a7d7e393757632e76fe13ca616b42409bdb67ff0349916a57712e2fbab3390d5

Certificate Info

IssuerGoogle Trust Services

Subjecttreeyork.com

FingerprintAB:16:54:36:C0:0F:35:75:F9:ED:EC:C5:44:62:6D:6D:56:5E:56:AD

ValidityMon, 28 Oct 2024 20:29:21 GMT - Sun, 26 Jan 2025 21:29:17 GMT

HTTP Headers

GET /354480/354480.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:08 GMT
content-type: image/jpeg
content-length: 16094
cf-bgj: h2pri
etag: "083661910cb960aa3881719e105f46e0"
last-modified: Mon, 15 Jan 2024 00:23:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FUMnSJWu6ewU3IODCRgtcZ6aPdb8MSfdAWh3doE6UC1AhRLtxv3sN7TpMm3rMGl5fJr9mAs4pFvkO8u7Wb%2BFIT9FVNnQA5ecreKb%2FK3fjoLVPLSxSKec0tCbCPRsVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183f01f2d7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2412&min_rtt=408&rtt_var=3268&sent=2140&recv=783&lost=0&retrans=9&sent_bytes=2968596&recv_bytes=3788&delivery_rate=18725931&cwnd=336&unsent_bytes=0&cid=35e9f8474f583708&ts=1525&x=0"
X-Firefox-Spdy: h2

GET naturismv.com/images/junior-miss-pageant-contest-2008-volume-2.jpg

104.21.235.25

200 OK

35 kB

URL GET HTTPS

naturismv.com/images/junior-miss-pageant-contest-2008-volume-2.jpg

IP / ASN

104.21.235.25

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x300, components 3

First Seen2024-12-07

Last Seen2025-07-31

Times Seen14

Size35 kB (34912 bytes)

MD51f0adaf0b5b37768bd3f09120004ea40

SHA1ca3f42d92d19d86ac72a0f96417d00727e0f1790

SHA256d2b5a6a7d0e07dae7ebb40af05402f35b99d811f4fb6563acd23a194ff44d70f

Certificate Info

IssuerGoogle Trust Services

Subjectnaturismv.com

Fingerprint9C:58:56:25:78:19:EB:E0:62:6C:2F:51:48:3D:DF:C2:55:0E:82:5B

ValidityWed, 06 Nov 2024 08:49:12 GMT - Tue, 04 Feb 2025 08:49:11 GMT

HTTP Headers

GET /images/junior-miss-pageant-contest-2008-volume-2.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 34912
last-modified: Wed, 08 May 2024 11:31:24 GMT
etag: "663b628c-8860"
expires: Tue, 11 Nov 2025 04:04:58 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 2245151
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5nQVp75P6JnR7WDVMr%2BtCaLdJQ7qZ%2BGuf59zzFq1D6SWhX%2Fl8YbepA0J7MemxpSi70bhwRqaGz4S8l0vptCMyL10KAYQ63qC05VfYplpT53YDhCF67Wfg4J87F95rPl8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183f87998d1fd-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17976&min_rtt=17483&rtt_var=561&sent=279&recv=208&lost=0&retrans=1&sent_bytes=372145&recv_bytes=2146&delivery_rate=6738571&cwnd=352&unsent_bytes=0&cid=5c0ec9b538a07b3d&ts=2301&x=0"
X-Firefox-Spdy: h2

GET cdn5-thumbs.motherlessmedia.com/thumbs/F56B05B.jpg

185.107.92.224

200 OK

29 kB

URL GET HTTPS

cdn5-thumbs.motherlessmedia.com/thumbs/F56B05B.jpg

IP / ASN

185.107.92.224

#43350 NForce Entertainment B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x480, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size29 kB (28791 bytes)

MD5c677287d746b8e4acd63ea57dd2454bb

SHA12bee13a0f0461018da7b37198c187671a45a5e7f

SHA2560842f71f44305232e0618cf8f0181b9363c01c4766f4018d3665367e4e47c2c6

Certificate Info

IssuerGoGetSSL

Subject*.motherlessmedia.com

Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8

ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT

HTTP Headers

GET /thumbs/F56B05B.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 28791
last-modified: Mon, 08 Oct 2018 00:23:29 GMT
etag: "1f619f949-7077-577aca16358d8"
expires: Wed, 09 Apr 2025 00:57:02 GMT
cache-control: max-age=10760901
x-cache: HIT
x-whom: cdn03
accept-ranges: bytes

GET cdn.hotscope.tv/files/thumbnail/0ebotDbaH.jpg

51.83.238.19

200 OK

8.7 kB

URL GET HTTPS

cdn.hotscope.tv/files/thumbnail/0ebotDbaH.jpg

IP / ASN

51.83.238.19

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 9575x10674, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 270x375, components 3

First Seen2024-05-13

Last Seen2024-12-07

Times Seen5

Size8.7 kB (8660 bytes)

MD5d39592b1926b75774595ac36eda123ab

SHA1a9643e1aa7408c34ede2cc24be71c9dcf8334237

SHA2564cd3c24fedce893ff84fc6cd70f440aa5c356723b07b81cbddd8dcd0427c7100

Certificate Info

IssuerLet's Encrypt

Subjecthotscope.tv

Fingerprint7C:51:3C:FB:53:1A:AC:73:83:A1:10:42:39:83:6F:B8:73:84:1E:9E

ValidityTue, 08 Oct 2024 04:25:27 GMT - Mon, 06 Jan 2025 04:25:26 GMT

HTTP Headers

GET /files/thumbnail/0ebotDbaH.jpg HTTP/1.1
Host: cdn.hotscope.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:09 GMT
Content-Type: image/jpeg
Content-Length: 8660
Last-Modified: Tue, 28 Jul 2020 11:21:35 GMT
Connection: keep-alive
ETag: "5f200a3f-21d4"
Expires: Sun, 07 Dec 2025 03:44:09 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

GET cdn5-thumbs.motherlessmedia.com/thumbs/96C18B6.jpg

185.107.92.224

200 OK

40 kB

URL GET HTTPS

cdn5-thumbs.motherlessmedia.com/thumbs/96C18B6.jpg

IP / ASN

185.107.92.224

#43350 NForce Entertainment B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 2000x2001, segment length 16, baseline, precision 8, 640x480, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size40 kB (39600 bytes)

MD53018eef261ae79b5cbece3838736152f

SHA1b3563823519f324d351b6093c9073a0b9a63c40f

SHA256a320c910c3944ee1447708758c07c9073e31350d291a2438316878e8fbe11efd

Certificate Info

IssuerGoGetSSL

Subject*.motherlessmedia.com

Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8

ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT

HTTP Headers

GET /thumbs/96C18B6.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 39600
last-modified: Fri, 05 Oct 2018 08:16:28 GMT
etag: "1eafba303-9ab0-57776e360fada"
expires: Sun, 06 Apr 2025 08:07:23 GMT
cache-control: max-age=10500701
x-cache: HIT
x-whom: cdn03
accept-ranges: bytes

GET rtgallery.net/tb/lesbi_teen.jpg

5.63.144.85

200 OK

15 kB

URL GET HTTPS

rtgallery.net/tb/lesbi_teen.jpg

IP / ASN

5.63.144.85

#13213 UK-2 Limited

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 340x240, components 3

First Seen2024-05-11

Last Seen2025-07-25

Times Seen17

Size15 kB (15147 bytes)

MD52fef24a1263e00956804c5f1f51e8796

SHA172c2b56266ac0a5994ea4faa7ede586b968a9edf

SHA25619b2d0cdb4ebbc994df914498094b745316fb21fa59854e1187fbf74dd128f0f

Certificate Info

IssuerLet's Encrypt

Subjectrtgallery.net

Fingerprint9D:AB:29:43:6F:E7:4E:6E:90:C5:1D:94:E0:DB:33:4B:0F:D5:7C:23

ValiditySat, 23 Nov 2024 00:11:51 GMT - Fri, 21 Feb 2025 00:11:50 GMT

HTTP Headers

GET /tb/lesbi_teen.jpg HTTP/1.1
Host: rtgallery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 07 Dec 2024 02:38:23 GMT
Content-Type: image/jpeg
Content-Length: 15147
Last-Modified: Fri, 02 Jun 2017 16:13:28 GMT
Connection: keep-alive
ETag: "59318ea8-3b2b"
Accept-Ranges: bytes

GET blumpkintube.com/thumbs/166/920_Private_Periscope_Hairbrush.jpg

172.67.148.206

200 OK

12 kB

URL GET HTTPS

blumpkintube.com/thumbs/166/920_Private_Periscope_Hairbrush.jpg

IP / ASN

172.67.148.206

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x208, components 3

First Seen2024-04-19

Last Seen2024-12-07

Times Seen52

Size12 kB (11490 bytes)

MD5e953a051caa9d590e4b827c5b4d11a0a

SHA158fec59b812597fed3420dbf14d7eed4dc28a2ce

SHA2560c67388c395125ce7ed30259e871bdc2b72724e9fc8efea867344dcb4ae71bdc

Certificate Info

IssuerGoogle Trust Services

Subjectblumpkintube.com

FingerprintF0:18:78:09:66:C3:98:B3:C9:80:17:A5:23:70:38:01:E6:7E:33:52

ValidityFri, 18 Oct 2024 15:02:39 GMT - Thu, 16 Jan 2025 15:02:38 GMT

HTTP Headers

GET /thumbs/166/920_Private_Periscope_Hairbrush.jpg HTTP/1.1
Host: blumpkintube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 11490
last-modified: Wed, 26 Aug 2020 13:14:38 GMT
etag: "5f46603e-2ce2"
expires: Sun, 30 Nov 2025 09:12:41 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 585088
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=le%2F1gHUIsVB3cQBnff5gCduRdmoj6%2BvLJf0G5FxtFsNRPRlM8NEX%2BoH5xJyhyVT%2B4F9lQkHGiGGhj9Gk57dD7WQ%2FLCOOjuK%2FCQxlKRu7uvHKVUzgZm%2FJ0DJhDzKJoh%2Fwgk9p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fa5945b500-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=450&min_rtt=383&rtt_var=99&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3212&recv_bytes=1068&delivery_rate=7912568&cwnd=254&unsent_bytes=0&cid=807595742e3f68d6&ts=2287&x=0"
X-Firefox-Spdy: h2

GET fmtu.sltusl.com/upload/vod/20220903-4/2abaaf538c764b213354fc9dd08e848f.jpg

156.238.196.42

404 Not Found

3 B

URL GET HTTPS

fmtu.sltusl.com/upload/vod/20220903-4/2abaaf538c764b213354fc9dd08e848f.jpg

IP / ASN

156.238.196.42

#50183 CenturyNetworks Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeASCII text, with no line terminators

First Seen2023-03-14

Last Seen2025-08-05

Times Seen1970

Size3 B (3 bytes)

MD54f4adcbf8c6f66dcfc8a3282ac2bf10a

SHA1c35a9fc52bb556c79f8fa540df587a2bf465b940

SHA2566b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Certificate Info

IssuerLet's Encrypt

Subjectfmtu.sltusl.com

Fingerprint84:47:16:D7:FF:68:5E:D4:AC:99:BC:D4:35:B4:39:BC:E4:E5:8B:C7

ValidityFri, 13 Sep 2024 04:54:10 GMT - Thu, 12 Dec 2024 04:54:09 GMT

HTTP Headers

GET /upload/vod/20220903-4/2abaaf538c764b213354fc9dd08e848f.jpg HTTP/1.1
Host: fmtu.sltusl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
content-length: 3
date: Sat, 07 Dec 2024 03:44:09 GMT
X-Firefox-Spdy: h2

GET cdn.kompoz2.com/thumbs/ca/aa/8b/caaa8bdac319bb9cf46e15cd0c02f3b1.webp

172.67.206.129

200 OK

2.8 kB

URL GET HTTPS

cdn.kompoz2.com/thumbs/ca/aa/8b/caaa8bdac319bb9cf46e15cd0c02f3b1.webp

IP / ASN

172.67.206.129

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 320x180, Scaling: [none]x[none], YUV color, decoders should clamp

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size2.8 kB (2794 bytes)

MD54d904abc60f60565168237b6f0c643d6

SHA18499e55d95bdb549fe1dd88554b7e27f8b07de0a

SHA2565a07fd5ce24a64d44f26ba9237edc9b047da8188f47ece150e4e7c4fe4ca42f7

Certificate Info

IssuerGoogle Trust Services

Subjectkompoz2.com

Fingerprint9E:EF:80:2D:49:86:85:B2:4B:3D:15:53:45:14:24:DD:2B:B0:EF:A5

ValiditySat, 23 Nov 2024 03:19:28 GMT - Fri, 21 Feb 2025 03:19:27 GMT

HTTP Headers

GET /thumbs/ca/aa/8b/caaa8bdac319bb9cf46e15cd0c02f3b1.webp HTTP/1.1
Host: cdn.kompoz2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: application/octet-stream
content-length: 2794
etag: 4d904abc60f60565168237b6f0c643d6
last-modified: Tue, 15 Oct 2024 06:26:20 GMT
x-timestamp: 1728973579.05313
x-trans-id: tx0f339620fe684c43818dd-00670e5cca
x-openstack-request-id: tx0f339620fe684c43818dd-00670e5cca
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 18:55:43 GMT
x-proxy-cache: HIT
x-cdn-host-id: ds8140,ds9225
cf-cache-status: HIT
age: 118106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W1gSfEKz179Ig0s4z1VVKZrKa85lC%2BV68euAX8m0U%2BJxPZTLhrC1GhzxydGksx8RNFKCRWesxYEhSv4f1XdbyKuvMxbDvjdYEFbICMXtciYsICLbeVSULCbXEApm9UUqw%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fabc29b51b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=776&min_rtt=485&rtt_var=627&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3197&recv_bytes=1071&delivery_rate=8386100&cwnd=254&unsent_bytes=0&cid=449b4d45ec6a825a&ts=2350&x=0"
X-Firefox-Spdy: h2

GET img.sekesporno.net/ruxp/img/9/94916_r1.jpg

172.67.214.155

200 OK

20 kB

URL GET HTTPS

img.sekesporno.net/ruxp/img/9/94916_r1.jpg

IP / ASN

172.67.214.155

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x224, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size20 kB (20473 bytes)

MD5b5cb6fcb900f4a92cbceebef06ee0f51

SHA1b74548f74fcbf6fc8744ab930992184ade13f4ff

SHA25669e17e2a421352e26abed1d2bb2fd87d77ba064866f60198bcdc4665d29c7607

Certificate Info

IssuerGoogle Trust Services

Subjectsekesporno.net

FingerprintAA:35:24:5C:60:5A:AE:AC:09:07:C5:EF:75:B5:D2:EA:0F:C7:93:32

ValidityWed, 20 Nov 2024 04:21:37 GMT - Tue, 18 Feb 2025 04:21:36 GMT

HTTP Headers

GET /ruxp/img/9/94916_r1.jpg HTTP/1.1
Host: img.sekesporno.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 20473
last-modified: Mon, 28 Dec 2020 08:14:29 GMT
etag: "5fe993e5-4ff9"
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2010450
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFSC0fPc%2FSpVMUQ4trU8yXim6z6BwBYUR2WukmLoqPfp6T85ZMegww3yY3ZTCJyjsgbdt1IlQwfE3mvr3qDvHU2toHOcluM9vSRy6Qwgh4%2FW9AvNpJaPNHmaH0AdRVCiPLnJU1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183faba4056c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1126&min_rtt=424&rtt_var=1194&sent=9&recv=11&lost=0&retrans=1&sent_bytes=3298&recv_bytes=1096&delivery_rate=8165413&cwnd=256&unsent_bytes=0&cid=76a53fbd22508d57&ts=2347&x=0"
X-Firefox-Spdy: h2

GET fmtu.sltusl.com/upload/vod/20220903-4/bb80fd6fb6b4523060283352732aa7b2.jpg

156.238.196.42

404 Not Found

3 B

URL GET HTTPS

fmtu.sltusl.com/upload/vod/20220903-4/bb80fd6fb6b4523060283352732aa7b2.jpg

IP / ASN

156.238.196.42

#50183 CenturyNetworks Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeASCII text, with no line terminators

First Seen2023-03-14

Last Seen2025-08-05

Times Seen1970

Size3 B (3 bytes)

MD54f4adcbf8c6f66dcfc8a3282ac2bf10a

SHA1c35a9fc52bb556c79f8fa540df587a2bf465b940

SHA2566b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Certificate Info

IssuerLet's Encrypt

Subjectfmtu.sltusl.com

Fingerprint84:47:16:D7:FF:68:5E:D4:AC:99:BC:D4:35:B4:39:BC:E4:E5:8B:C7

ValidityFri, 13 Sep 2024 04:54:10 GMT - Thu, 12 Dec 2024 04:54:09 GMT

HTTP Headers

GET /upload/vod/20220903-4/bb80fd6fb6b4523060283352732aa7b2.jpg HTTP/1.1
Host: fmtu.sltusl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
content-length: 3
date: Sat, 07 Dec 2024 03:44:09 GMT
X-Firefox-Spdy: h2

GET toprealincestporn.com/thumbs//768/3824942638825520768_0.jpg

172.67.216.60

200 OK

8.1 kB

URL GET HTTPS

toprealincestporn.com/thumbs//768/3824942638825520768_0.jpg

IP / ASN

172.67.216.60

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 240x180, components 3

First Seen2024-04-18

Last Seen2025-01-16

Times Seen89

Size8.1 kB (8058 bytes)

MD586c6a7cd8446fb48fe69c0c0b7027187

SHA15fc607cd9143999158cef4a76cd1fabe19306608

SHA256d2f74197e604e6723787354638cbe1b4b27b434800e54acf3ee8c6306dd1e0c1

Certificate Info

IssuerGoogle Trust Services

Subjecttoprealincestporn.com

Fingerprint8E:8A:42:D2:36:0E:F2:F7:03:46:5E:D1:47:2B:F0:7C:3D:83:69:8B

ValidityFri, 06 Dec 2024 04:18:49 GMT - Thu, 06 Mar 2025 04:18:48 GMT

HTTP Headers

GET /thumbs//768/3824942638825520768_0.jpg HTTP/1.1
Host: toprealincestporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 8058
last-modified: Thu, 05 Mar 2020 22:23:35 GMT
etag: "5e617be7-1f7a"
expires: Tue, 24 Dec 2024 00:33:15 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1134654
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4309EpHuNBS0%2BUKSCxO%2FC0T18UZ2sWbVeiFlzzR%2F6MryzB1i4yXZDx2%2B763L4Gs7KW5rqtC3rEHiII0pjhJBCMTe3L0FgcdG%2FiNtERJ3pnxU9OGPW687VtRUlTBbE%2FBUnRl2An8TBw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fb89195691-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=492&min_rtt=452&rtt_var=123&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3305&recv_bytes=1199&delivery_rate=7502590&cwnd=253&unsent_bytes=0&cid=9d8de8385df618e1&ts=2251&x=0"
X-Firefox-Spdy: h2

GET thumbs1.2beeg.net/pics/18/9d/22/189d221f0ffc5a2fbd3e6d09e20f6faf.jpg

172.67.177.188

200 OK

14 kB

URL GET HTTPS

thumbs1.2beeg.net/pics/18/9d/22/189d221f0ffc5a2fbd3e6d09e20f6faf.jpg

IP / ASN

172.67.177.188

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", progressive, precision 8, 320x180, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size14 kB (13903 bytes)

MD505cd9efba7e38b0c1380872d5c01bbb8

SHA1457682f0c494f7450cbe448d319ee1168608425b

SHA256d1583cadfd3f085e3e2b7b7000c2ce16559860af8cdd19e83239304c2fcdf1a2

Certificate Info

IssuerGoogle Trust Services

Subject2beeg.net

Fingerprint0B:5D:9E:57:81:19:1B:72:88:69:F5:0E:32:BB:F9:ED:EE:18:A8:EE

ValidityFri, 18 Oct 2024 09:29:53 GMT - Thu, 16 Jan 2025 09:29:52 GMT

HTTP Headers

GET /pics/18/9d/22/189d221f0ffc5a2fbd3e6d09e20f6faf.jpg HTTP/1.1
Host: thumbs1.2beeg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 13903
x-object-meta-mtime: 1581264542.291815
etag: 05cd9efba7e38b0c1380872d5c01bbb8
last-modified: Sun, 09 Feb 2020 16:09:05 GMT
x-timestamp: 1581264544.76206
x-trans-id: tx03e4dd0b29994d5fb4564-0065bdc68a
x-openstack-request-id: tx03e4dd0b29994d5fb4564-0065bdc68a
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
expires: Mon, 09 Dec 2024 02:03:46 GMT
x-proxy-cache: HIT
x-cdn-host-id: ds9225
cf-cache-status: HIT
age: 6023
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3EB7NjP7tOUOnmCACQMOhI7VNxoSIso7jUaozF6brlOc2IU870V2RlvlVtpadG9%2BAq24VCk2NhbwBV3t46V2whor9k4LfBUm%2F4WgrhVA%2FNgjr6dSmSq3bMbvay20KdFMSttrYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fb8e7756cb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=477&min_rtt=436&rtt_var=131&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3266&recv_bytes=1200&delivery_rate=7400340&cwnd=253&unsent_bytes=0&cid=80d4cad34a5a9021&ts=2246&x=0"
X-Firefox-Spdy: h2

GET cdn.hotscope.tv/files/thumbnail/capture(1447).jpg

51.83.238.19

200 OK

5.8 kB

URL GET HTTPS

cdn.hotscope.tv/files/thumbnail/capture(1447).jpg

IP / ASN

51.83.238.19

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 180x250, components 3

First Seen2024-08-20

Last Seen2024-12-07

Times Seen3

Size5.8 kB (5835 bytes)

MD55007cf10ba9ee2cc1d56ad3fb9f6b1e8

SHA143257674cc7f85aff9484dae07c8d16b385097e8

SHA256396ee472f75e65b1e5c0cceeb799d0f032a26810d74b66390a7f532da74c3e26

Certificate Info

IssuerLet's Encrypt

Subjecthotscope.tv

Fingerprint7C:51:3C:FB:53:1A:AC:73:83:A1:10:42:39:83:6F:B8:73:84:1E:9E

ValidityTue, 08 Oct 2024 04:25:27 GMT - Mon, 06 Jan 2025 04:25:26 GMT

HTTP Headers

GET /files/thumbnail/capture(1447).jpg HTTP/1.1
Host: cdn.hotscope.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:09 GMT
Content-Type: image/jpeg
Content-Length: 5835
Last-Modified: Sat, 22 Apr 2017 13:28:51 GMT
Connection: keep-alive
ETag: "58fb5a93-16cb"
Expires: Sun, 07 Dec 2025 03:44:09 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

GET img.sekesporno.net/ruxp/img/4/48595_r1.jpg

172.67.214.155

200 OK

21 kB

URL GET HTTPS

img.sekesporno.net/ruxp/img/4/48595_r1.jpg

IP / ASN

172.67.214.155

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x224, components 3

First Seen2024-04-24

Last Seen2025-08-03

Times Seen40

Size21 kB (21179 bytes)

MD57c2b69aea79083af4151e208884a6898

SHA1cc2eae58df467e304990527221304a3647a6f6d2

SHA256326405f70d4cdfc759d220dbb0ada82124d74155772e493c4cbab957d33d6ff7

Certificate Info

IssuerGoogle Trust Services

Subjectsekesporno.net

FingerprintAA:35:24:5C:60:5A:AE:AC:09:07:C5:EF:75:B5:D2:EA:0F:C7:93:32

ValidityWed, 20 Nov 2024 04:21:37 GMT - Tue, 18 Feb 2025 04:21:36 GMT

HTTP Headers

GET /ruxp/img/4/48595_r1.jpg HTTP/1.1
Host: img.sekesporno.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 21179
last-modified: Mon, 28 Dec 2020 08:14:22 GMT
etag: "5fe993de-52bb"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1208035
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ELQcUo37hcBUeoyQ379J8T8JTtnIBC11kWXL8utcExDa9bU0QfLzNOKZH89wIWNB7VJED2vrwBdCyjhurPxRRuTKtp3GA%2BGPMEwGBSTu4Zb4IGL2mFrOBb8Dmqg%2F6Ctj%2BAxRauc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fbdac056c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5862&min_rtt=424&rtt_var=6357&sent=27&recv=28&lost=0&retrans=1&sent_bytes=24991&recv_bytes=1225&delivery_rate=8165413&cwnd=257&unsent_bytes=0&cid=76a53fbd22508d57&ts=2524&x=0"
X-Firefox-Spdy: h2

GET ph.pornfactory.info/data/d1/ff/f1/d1fff19716a40eb4436b52f02f2d5a6e.jpg

172.67.135.246

200 OK

10 kB

URL GET HTTPS

ph.pornfactory.info/data/d1/ff/f1/d1fff19716a40eb4436b52f02f2d5a6e.jpg

IP / ASN

172.67.135.246

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", progressive, precision 8, 320x180, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size10 kB (10392 bytes)

MD5e9868c0bd4ab6d325fb8583aa7d3435c

SHA12e55709a0cae62e2ee6530f439515da8a4cc52a9

SHA25631aae34e836f83e9dfa4af2cf330c7bdfdc55123eeb8f164b2cf6822a6f235ad

Certificate Info

IssuerGoogle Trust Services

Subjectpornfactory.info

Fingerprint60:0F:08:A2:B4:0C:57:A4:D6:AE:6F:98:87:9D:6B:8E:83:49:2E:1E

ValidityFri, 18 Oct 2024 20:08:14 GMT - Thu, 16 Jan 2025 20:08:13 GMT

HTTP Headers

GET /data/d1/ff/f1/d1fff19716a40eb4436b52f02f2d5a6e.jpg HTTP/1.1
Host: ph.pornfactory.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 10392
etag: e9868c0bd4ab6d325fb8583aa7d3435c
last-modified: Fri, 03 Dec 2021 06:27:31 GMT
x-timestamp: 1638512850.30666
x-trans-id: tx0652db2e3bba49f39ea3d-00639c9860
x-openstack-request-id: tx0652db2e3bba49f39ea3d-00639c9860
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
expires: Mon, 09 Dec 2024 03:44:09 GMT
x-proxy-cache: HIT
x-cdn-host-id: ds9225
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FaRi2WWl1MQZ3XxUn1xhRbBcVsGlBPWU1rQdEtlkVbx9cUwN46EsNPxRY0EIkSB4AonVX0F7zRd4q2upApUsAtq4UMR16DfoNjn8gi%2BpxjbZgOPVQ9IDeoMWv8no02t24kjcAws"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183fbdcd556a3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2226&min_rtt=462&rtt_var=3523&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3212&recv_bytes=1104&delivery_rate=7313131&cwnd=254&unsent_bytes=0&cid=5007db67e231639e&ts=2349&x=0"
X-Firefox-Spdy: h2

GET cdn.hotscope.tv/files/thumbnail/capture(98).jpg

51.83.238.19

200 OK

6.2 kB

URL GET HTTPS

cdn.hotscope.tv/files/thumbnail/capture(98).jpg

IP / ASN

51.83.238.19

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 180x250, components 3

First Seen2024-08-20

Last Seen2024-12-07

Times Seen2

Size6.2 kB (6193 bytes)

MD5f6d96bcc992734d616da31592a9cbccc

SHA19f355d7bd53f60bd8f96cbebbacea0d57a9ad8c0

SHA256f7acf1b6d539eb8b19ae6db1eaa8d942a4e43364d7be11e924d2199ab1d73c16

Certificate Info

IssuerLet's Encrypt

Subjecthotscope.tv

Fingerprint7C:51:3C:FB:53:1A:AC:73:83:A1:10:42:39:83:6F:B8:73:84:1E:9E

ValidityTue, 08 Oct 2024 04:25:27 GMT - Mon, 06 Jan 2025 04:25:26 GMT

HTTP Headers

GET /files/thumbnail/capture(98).jpg HTTP/1.1
Host: cdn.hotscope.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:09 GMT
Content-Type: image/jpeg
Content-Length: 6193
Last-Modified: Thu, 28 Jul 2016 18:38:51 GMT
Connection: keep-alive
ETag: "579a513b-1831"
Expires: Sun, 07 Dec 2025 03:44:09 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

GET www.pornfuck.mobi/media/videos/10000/1000/www-xvideos-tamil-sex-com.jpg

104.26.1.129

301 Moved Permanently

167 B

URL GET HTTPS

www.pornfuck.mobi/media/videos/10000/1000/www-xvideos-tamil-sex-com.jpg

IP / ASN

104.26.1.129

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-05

Last Seen2025-03-02

Times Seen190492

Size167 B (167 bytes)

MD50104c301c5e02bd6148b8703d19b3a73

SHA17436e0b4b1f8c222c38069890b75fa2baf9ca620

SHA256446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

Certificate Info

IssuerGoogle Trust Services

Subjectpornfuck.mobi

Fingerprint9E:64:78:72:F5:07:C5:EB:E7:BB:C4:A1:B8:FF:D1:E0:EF:81:CF:B2

ValidityFri, 18 Oct 2024 07:06:25 GMT - Thu, 16 Jan 2025 07:06:24 GMT

HTTP Headers

GET /media/videos/10000/1000/www-xvideos-tamil-sex-com.jpg HTTP/1.1
Host: www.pornfuck.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: text/html
content-length: 167
location: https://www.pornbf.mobi/media/videos/10000/1000/www-xvideos-tamil-sex-com.jpg
cache-control: max-age=3600
expires: Sat, 07 Dec 2024 04:44:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=97rJNWSBTSiMw%2F3w0qoGai9bD7T4AxScsBUMqEEvhFY0KBT69co8SuvmJwSt0qhKra365rgCWprnLfwXeYuRUs7%2B3M3kCo3aWgr1%2B3HY4h%2FW8pUGdTOWWELgjt4VxZt%2FJ1DlXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fc59bb5685-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=432&min_rtt=395&rtt_var=111&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3204&recv_bytes=1074&delivery_rate=8619047&cwnd=253&unsent_bytes=0&cid=f586c73fcaeaf81d&ts=2312&x=0"
X-Firefox-Spdy: h2

GET cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/38/d8/05/38d805b63c11379b3efdc951a21f49a6/38d805b63c11379b3efdc951a21f49a6.8.jpg

121.127.45.89

200 OK

15 kB

URL GET HTTPS

cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/38/d8/05/38d805b63c11379b3efdc951a21f49a6/38d805b63c11379b3efdc951a21f49a6.8.jpg

IP / ASN

121.127.45.89

#60068 Datacamp Limited

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 352x198, components 3

First Seen2024-12-05

Last Seen2025-07-26

Times Seen10

Size15 kB (15287 bytes)

MD57edd32c143c7e1c13ec1e2de8481af8c

SHA1db1560d16cc4c5f57de73223e97270a1c389d7f5

SHA2565478597347943d5a8d6c3403e30973516db3bee70f2ff931b9680b1dfa6672d7

Certificate Info

IssuerSectigo Limited

Subjectxvideos.com

Fingerprint27:E9:05:C0:A5:FC:40:B1:D6:44:DC:D3:39:EE:11:78:2C:E2:F0:78

ValidityThu, 03 Oct 2024 00:00:00 GMT - Mon, 03 Nov 2025 23:59:59 GMT

HTTP Headers

GET /videos/thumbs169ll/38/d8/05/38d805b63c11379b3efdc951a21f49a6/38d805b63c11379b3efdc951a21f49a6.8.jpg HTTP/1.1
Host: cdn77-pic.xvideos-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 15287
last-modified: Wed, 19 Oct 2016 11:42:24 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-accel-expires: @1735538504
x-77-nzt: A3l/LVg3Nzf/hJx/ANRmOAFExMrvMxpFAI/0OtjzXIX/o6YEAA
x-77-nzt-ray: d37a271b5cf8f1db89c45367f820e927
x-77-cache: HIT
x-accel-date: 1725179909
x-cache-lb: HIT
x-age-lb: 4528691
x-77-age: 8363140
server: CDN77-Turbo
x-accel-date-max: 1698183206
x-cache: HIT
x-age: 8363140
accept-ranges: bytes
X-Firefox-Spdy: h2

GET uzbak.ru/files/screens/384/8.jpg

51.83.213.151

200 OK

39 kB

URL GET HTTPS

uzbak.ru/files/screens/384/8.jpg

IP / ASN

51.83.213.151

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 176 x 144, 8-bit/color RGB, non-interlaced

First Seen2024-04-24

Last Seen2025-08-03

Times Seen25

Size39 kB (38590 bytes)

MD5b7d0fa316c8d31caea3c0d560c249492

SHA13b424e97bfb4788aef6626a7509a0f430868bde8

SHA2562e7d35c24f8076c14cd9740832e793a45f6a9b2918d6088ab515d904f2c1aab2

Certificate Info

IssuerLet's Encrypt

Subjectuzbak.ru

FingerprintBA:F0:97:3F:1F:CC:48:CE:83:93:F7:2A:7D:28:F7:66:16:84:DD:19

ValidityFri, 01 Nov 2024 00:45:55 GMT - Thu, 30 Jan 2025 00:45:54 GMT

HTTP Headers

GET /files/screens/384/8.jpg HTTP/1.1
Host: uzbak.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 38590
last-modified: Mon, 12 Oct 2020 13:24:37 GMT
etag: "5f845915-96be"
expires: Sun, 07 Dec 2025 03:44:09 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

GET rtgallery.net/tb/15witherspoon.jpg

5.63.144.85

200 OK

28 kB

URL GET HTTPS

rtgallery.net/tb/15witherspoon.jpg

IP / ASN

5.63.144.85

#13213 UK-2 Limited

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 480x360, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size28 kB (28129 bytes)

MD517460dfece252d626f1ed84a3006747f

SHA10b0ad1af2621f08e80e393d0fdef9b4ea92b3001

SHA256760541208acd7d451c53cf02180b47f3a3b7dc3ee204f06d180d6e27de2ecd44

Certificate Info

IssuerLet's Encrypt

Subjectrtgallery.net

Fingerprint9D:AB:29:43:6F:E7:4E:6E:90:C5:1D:94:E0:DB:33:4B:0F:D5:7C:23

ValiditySat, 23 Nov 2024 00:11:51 GMT - Fri, 21 Feb 2025 00:11:50 GMT

HTTP Headers

GET /tb/15witherspoon.jpg HTTP/1.1
Host: rtgallery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 07 Dec 2024 02:38:23 GMT
Content-Type: image/jpeg
Content-Length: 28129
Last-Modified: Fri, 08 Mar 2019 09:58:10 GMT
Connection: keep-alive
ETag: "5c823cb2-6de1"
Accept-Ranges: bytes

GET xvideosporno.blog.br/wp-content/uploads/negra-novinha-dando-sem-parar.jpg

104.26.10.106

200 OK

25 kB

URL GET HTTPS

xvideosporno.blog.br/wp-content/uploads/negra-novinha-dando-sem-parar.jpg

IP / ASN

104.26.10.106

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 600x337, Scaling: [none]x[none], YUV color, decoders should clamp

First Seen2024-05-20

Last Seen2024-12-07

Times Seen5

Size25 kB (25340 bytes)

MD517532463ea144f7d04f2e6d16de24493

SHA162e44655c081c02b401e5fb2fdbcd623143f2598

SHA256c9ccf8bc57e53757ad96eb54785b8e7ccf8fb8c42729903f1ff9aabdef94e7e0

Certificate Info

IssuerLet's Encrypt

Subjectxvideosporno.blog.br

FingerprintC2:CA:22:3A:4B:7A:BC:60:68:FB:90:96:38:72:A1:AF:2B:0F:6F:0F

ValiditySun, 24 Nov 2024 21:26:03 GMT - Sat, 22 Feb 2025 21:26:02 GMT

HTTP Headers

GET /wp-content/uploads/negra-novinha-dando-sem-parar.jpg HTTP/1.1
Host: xvideosporno.blog.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/webp
content-length: 25340
access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
age: 688975
cache-control: max-age=315360000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=35546
content-disposition: inline; filename="negra-novinha-dando-sem-parar.webp"
etag: "5fbddff2-8ada"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 25 Nov 2020 04:39:14 GMT
vary: Accept
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8U5Meq0T6Hr64OjHR6y5th0bTwvm96AY%2BxzzWfkKtH2MvYhdOEEBpRYNDQTpqJkFdQXDUV58fFr1IB5oWKXRIOpt32SxRr3JvlvlJIfEd9jMHNB6fpFK8K2t4XxdGdIPWhlPJ0cf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183fced4856c1-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1434&min_rtt=414&rtt_var=2084&sent=5&recv=10&lost=0&retrans=0&sent_bytes=2801&recv_bytes=1106&delivery_rate=5045296&cwnd=253&unsent_bytes=0&cid=23eeb92e7d8a34c4&ts=2283&x=0"
X-Firefox-Spdy: h2

GET en.vidmo.pro/thumbs_320/ee/14/ee140ed853c8b8715a162fd14dd19017/12637642.jpg

89.248.193.244

200 OK

27 kB

URL GET HTTPS

en.vidmo.pro/thumbs_320/ee/14/ee140ed853c8b8715a162fd14dd19017/12637642.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 320x240, components 3

First Seen2024-04-24

Last Seen2025-07-20

Times Seen15

Size27 kB (26960 bytes)

MD5196132c7344d297b1f245fd60466e8f7

SHA1330fc3f9c4226abe4adf9769f074adf2128aed8a

SHA256040d6fe0d9c11e18c63f941ce9e9eea206755f27623f022b767d06a97a6ed866

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/ee/14/ee140ed853c8b8715a162fd14dd19017/12637642.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 26960
last-modified: Mon, 14 Dec 2020 14:12:42 GMT
expires: Mon, 09 Oct 2023 19:16:54 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn5-thumbs.motherlessmedia.com/thumbs/A95280D.jpg

185.107.92.224

200 OK

23 kB

URL GET HTTPS

cdn5-thumbs.motherlessmedia.com/thumbs/A95280D.jpg

IP / ASN

185.107.92.224

#43350 NForce Entertainment B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3

First Seen2024-09-19

Last Seen2024-12-07

Times Seen3

Size23 kB (22764 bytes)

MD52f85b49fffca3798bf2113d33ca65e05

SHA1b8ef520985f58a0960abedc45dee9f8001089463

SHA25669f22276517cdcdf3c403c621f1b5a3440bcaed14cb4374501fba9c9baf3bff7

Certificate Info

IssuerGoGetSSL

Subject*.motherlessmedia.com

Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8

ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT

HTTP Headers

GET /thumbs/A95280D.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 22764
last-modified: Thu, 14 May 2020 15:45:35 GMT
etag: "1f8335c1f-58ec-5a59d9667dbc3"
expires: Sat, 05 Apr 2025 09:44:25 GMT
cache-control: max-age=10480466
x-cache: HIT
x-whom: cdn05
accept-ranges: bytes

GET av.tub4us.top/2

104.21.60.213

200 OK

87 kB

URL GET HTTPS

av.tub4us.top/2

IP / ASN

104.21.60.213

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text, with very long lines (50091), with CRLF line terminators

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size87 kB (87426 bytes)

MD5a583e04ac381e24c627275cbb67fc073

SHA1cae8f1c8eeeb1d33157f6c9213aa089bab2b42fa

SHA25602490008c8a80fdb446facee12544aac9671f525d46744bc3d1d3d174a87f166

Certificate Info

IssuerGoogle Trust Services

Subjecttub4us.top

FingerprintDD:79:1A:1D:57:11:E8:11:7E:2E:78:0F:D2:DE:CB:A4:11:08:BB:6F

ValidityTue, 05 Nov 2024 23:03:19 GMT - Mon, 03 Feb 2025 23:03:18 GMT

HTTP Headers

GET /2 HTTP/1.1
Host: av.tub4us.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://favor.jtube.top/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: text/html; charset=UTF-8
pdojs-line8: host-av.tub4us.top4.194.8.20-myhost-av.tub4us.top38.220.248/2
phost: av.tub4us.top
pdojs-line354: notjp--myhost-av.tub4us.top-filteron-
line1430: notjp--myhost-av.tub4us.top-filteron-/2
line1433: notjp--myhost-av.tub4us.top-filteron-
line1741: notjp-/2-myhost-av.tub4us.top-filteron-
line1865: 
line1900: -
xline: 1965host-186060
pdojs-line1976: ibig--chname--filteron--txtlang-Array
cache-control: public, max-age=14400
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
x-proxy-cache-192g-la: EXPIRED
xkey-192la: av./2-A-av.tub4us.top-av.tub4us.top-cacpdo2---yes
x-proxy-cache-g-la: HIT
xkey-g-la: av./2-A-av.tub4us.top--my_zone
cf-cache-status: HIT
age: 3
last-modified: Sat, 07 Dec 2024 03:44:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fo01Zbto9%2BGnY17aRTX2%2FESqNh%2BLwbrkepP2f6vqOyrSxREMU%2F0WHbXYc9ebdmLArkKeIFOoqsmGDRX8MA5HtxIP6k4uu%2FGlRe2%2B3Wj9Xu2Fx03hgOYPT3PHd75lNeL5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183e8ad3756bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=519&min_rtt=483&rtt_var=106&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3200&recv_bytes=1137&delivery_rate=7841155&cwnd=253&unsent_bytes=0&cid=89e591ba0151c2e5&ts=37&x=0"
X-Firefox-Spdy: h2

GET fapdig.com/media/videos/tmb/000/037/550/player.jpg

104.21.6.130

200 OK

28 kB

URL GET HTTPS

fapdig.com/media/videos/tmb/000/037/550/player.jpg

IP / ASN

104.21.6.130

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 1280x720, components 3

First Seen2024-08-19

Last Seen2025-07-06

Times Seen7

Size28 kB (27799 bytes)

MD5282cfb9280bea3d51f2e5328363dff39

SHA1cafadc4547c2b84242b1b680b6d1374bc246d7e9

SHA25681b850d06841b8d7dcde175c93db0b0d1fdf0f9f0e50f02d980701982ff00c79

Certificate Info

IssuerGoogle Trust Services

Subjectfapdig.com

Fingerprint3D:E1:B1:4D:BD:9F:ED:36:05:28:1A:3C:A6:02:EE:0E:85:BA:67:2A

ValidityThu, 21 Nov 2024 13:40:59 GMT - Wed, 19 Feb 2025 13:40:58 GMT

HTTP Headers

GET /media/videos/tmb/000/037/550/player.jpg HTTP/1.1
Host: fapdig.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 27799
last-modified: Wed, 25 Mar 2020 03:30:20 GMT
etag: "6c97-5a1a57cdbab00"
cache-control: max-age=1209600
expires: Sun, 08 Dec 2024 05:00:37 GMT
cf-cache-status: HIT
age: 1118612
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdHUofijE5S3Mg%2B%2FpwC5BibREAJ95dz4zOwdY0boDqEUBnVg6VZEnZ6bi5h8ejymj%2FvlQci28JreXp4oaMdZSVIIpHucJ1QuK%2FMTAg6O7ZRZ11JQqC7I4a1Wqod9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fd4e4d1c16-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=559&min_rtt=407&rtt_var=153&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3195&recv_bytes=1058&delivery_rate=7812949&cwnd=253&unsent_bytes=0&cid=ca64b8d647b9ad6f&ts=2315&x=0"
X-Firefox-Spdy: h2

GET pic4.cdnclouder.com/img6/c/j/a/s/w/-xxjodn_legitimate_yr_elderly_gal_is_in_doggy_style_free_pornography_80-2_big.jpg

78.140.183.240

200 OK

12 kB

URL GET HTTPS

pic4.cdnclouder.com/img6/c/j/a/s/w/-xxjodn_legitimate_yr_elderly_gal_is_in_doggy_style_free_pornography_80-2_big.jpg

IP / ASN

78.140.183.240

#35415 Webzilla B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 800x480, components 3

First Seen2024-12-07

Last Seen2025-07-27

Times Seen15

Size12 kB (12016 bytes)

MD57394ac2b7d123a25bc89b79265b61a33

SHA190325972abcc9a8677ecf7bd71114c3a24aab785

SHA2561c3c01f800d41433148501e73b04d3567620baa2c21fa67fe5cfb1d66aabf8c9

Certificate Info

IssuerZeroSSL

Subjectpic3.cdnclouder.com

Fingerprint19:FC:27:17:35:81:A1:6A:F4:B6:D0:E5:CD:F4:F4:7D:B8:C8:89:12

ValiditySun, 17 Nov 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT

HTTP Headers

GET /img6/c/j/a/s/w/-xxjodn_legitimate_yr_elderly_gal_is_in_doggy_style_free_pornography_80-2_big.jpg HTTP/1.1
Host: pic4.cdnclouder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:09 GMT
Content-Type: image/jpeg
Content-Length: 12016
Last-Modified: Wed, 21 Jun 2023 13:42:34 GMT
Connection: keep-alive
ETag: "6492fe4a-2ef0"
Expires: Mon, 06 Jan 2025 03:44:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

GET rtgallery.net/tb/teens-violens.jpg

5.63.144.85

200 OK

20 kB

URL GET HTTPS

rtgallery.net/tb/teens-violens.jpg

IP / ASN

5.63.144.85

#13213 UK-2 Limited

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3

First Seen2024-04-25

Last Seen2025-07-20

Times Seen19

Size20 kB (20355 bytes)

MD5bc8d583de3d68adb68948ed1a0b81091

SHA1c897a7d80c27af96738f8dd6883df3553da9cb7d

SHA2561e78c477f2fcdbcede8e2953936b6e95177c359f59c38705b932866661096b48

Certificate Info

IssuerLet's Encrypt

Subjectrtgallery.net

Fingerprint9D:AB:29:43:6F:E7:4E:6E:90:C5:1D:94:E0:DB:33:4B:0F:D5:7C:23

ValiditySat, 23 Nov 2024 00:11:51 GMT - Fri, 21 Feb 2025 00:11:50 GMT

HTTP Headers

GET /tb/teens-violens.jpg HTTP/1.1
Host: rtgallery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 07 Dec 2024 02:38:23 GMT
Content-Type: image/jpeg
Content-Length: 20355
Last-Modified: Fri, 02 Jun 2017 16:13:28 GMT
Connection: keep-alive
ETag: "59318ea8-4f83"
Accept-Ranges: bytes

GET en.vidmo.pro/thumbs_320/08/93/08936753b13e586ef02acecee0a47ae8/13172265.jpg

89.248.193.244

200 OK

40 kB

URL GET HTTPS

en.vidmo.pro/thumbs_320/08/93/08936753b13e586ef02acecee0a47ae8/13172265.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeGIF image data, version 87a, 320 x 236

First Seen2024-08-19

Last Seen2025-07-25

Times Seen13

Size40 kB (40318 bytes)

MD591d30f5b174b00af07ab3aa4325a17b8

SHA1fc575efcfd21494165c873890617423270b1766c

SHA256aeb99e85ef2ba1336fc79800c54f6774a13a3a74f675c82c359556070d44d9af

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/08/93/08936753b13e586ef02acecee0a47ae8/13172265.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 40318
last-modified: Sun, 23 May 2021 15:39:12 GMT
expires: Mon, 09 Oct 2023 19:13:44 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET vidmo.pro/thumbs_320/d0/21/d021a75f602e5858d29ea5e41b83b837/15912919.jpg

89.248.193.244

200 OK

17 kB

URL GET HTTPS

vidmo.pro/thumbs_320/d0/21/d021a75f602e5858d29ea5e41b83b837/15912919.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3

First Seen2024-04-27

Last Seen2025-03-25

Times Seen24

Size17 kB (16687 bytes)

MD5e6e0cfda88b27c1c5ac59f9ca04da417

SHA14f275a0206af197b0ecf1955989e59b03e3a0b49

SHA2568b7e70783c2a36b69e6f463a65d78023ab5093cbddcc08cd55e8fed484e07c57

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/d0/21/d021a75f602e5858d29ea5e41b83b837/15912919.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 16687
last-modified: Mon, 08 Jan 2024 03:12:17 GMT
expires: Sat, 30 Mar 2024 10:58:03 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.youhu.com/img/videos_screenshots/165000/165987/preview.jpg

15.197.148.33

200 OK

114 B

URL GET HTTPS

www.youhu.com/img/videos_screenshots/165000/165987/preview.jpg

IP / ASN

15.197.148.33

#16509 AMAZON-02

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with no line terminators

First Seen2024-03-15

Last Seen2025-08-06

Times Seen24865

Size114 B (114 bytes)

MD5e89f75f918dbdcee28604d4e09dd71d7

SHA1f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

SHA2566dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

Certificate Info

IssuerGoDaddy.com, Inc.

Subjectwww.youhu.com

Fingerprint9B:DC:E7:AE:64:4C:75:7D:AB:D3:A5:BB:6D:A3:4E:C4:63:12:B4:31

ValiditySun, 08 Sep 2024 17:51:50 GMT - Mon, 08 Sep 2025 17:51:50 GMT

HTTP Headers

GET /img/videos_screenshots/165000/165987/preview.jpg HTTP/1.1
Host: www.youhu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 114
date: Sat, 07 Dec 2024 03:44:09 GMT
X-Firefox-Spdy: h2

GET vidmo.pro/thumbs_320/1c/c0/1cc0d800dcd14a199783879ad4307f0a/15613374.jpg

89.248.193.244

200 OK

15 kB

URL GET HTTPS

vidmo.pro/thumbs_320/1c/c0/1cc0d800dcd14a199783879ad4307f0a/15613374.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3

First Seen2024-04-19

Last Seen2025-08-03

Times Seen54

Size15 kB (15379 bytes)

MD599c1ac3d4a0054437ddff254cb3a14b6

SHA173c7af71634699f608e19f6f732a3c654f1a23ec

SHA256abbfe903fbb9fe91192226e44296efc26e2c48f738f7c03a33ec98679c84a1dc

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/1c/c0/1cc0d800dcd14a199783879ad4307f0a/15613374.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 15379
last-modified: Sat, 24 Jun 2023 13:06:37 GMT
expires: Tue, 21 Nov 2023 16:22:06 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET vidmo.pro/thumbs_320/b6/02/b6027c4b17efb5a1abe1b0ce775bcce3/15806015.jpg

89.248.193.244

200 OK

16 kB

URL GET HTTPS

vidmo.pro/thumbs_320/b6/02/b6027c4b17efb5a1abe1b0ce775bcce3/15806015.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3

First Seen2024-04-26

Last Seen2025-07-16

Times Seen12

Size16 kB (15541 bytes)

MD545fc3d11f00ec64ebae2a5da80ffa466

SHA1e6ecbc54e16e3dc01190e18635325896edd479a8

SHA2567e8c41eb7bf04220c71a5db923acb52a7351107ce5e68842caf1e5cf06923b82

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/b6/02/b6027c4b17efb5a1abe1b0ce775bcce3/15806015.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 15541
last-modified: Wed, 15 Nov 2023 18:56:45 GMT
expires: Wed, 22 Nov 2023 19:08:24 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET vidmo.pro/thumbs_320/cf/ef/cfefb703bb786664ce6962322c2a2179/12992253.jpg

89.248.193.244

200 OK

40 kB

URL GET HTTPS

vidmo.pro/thumbs_320/cf/ef/cfefb703bb786664ce6962322c2a2179/12992253.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-08-20

Last Seen2025-06-02

Times Seen5

Size40 kB (40463 bytes)

MD545b89d58fa77a8034b5c005fb80c1cac

SHA14dd0e344559d42f8669c3d657e50e976dda394ae

SHA256dd2bcbd5bb78e12a98bbb8371ad80ebe266f61f99a21877ba9c8b8f4ff20a1cc

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/cf/ef/cfefb703bb786664ce6962322c2a2179/12992253.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 40463
last-modified: Fri, 19 Feb 2021 21:28:21 GMT
expires: Sun, 21 Apr 2024 00:29:40 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.cmav.net/contents/videos_screenshots/43000/43757/preview.jpg

104.21.56.121

200 OK

111 kB

URL GET HTTPS

www.cmav.net/contents/videos_screenshots/43000/43757/preview.jpg

IP / ASN

104.21.56.121

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1920x1080, components 3

First Seen2024-04-26

Last Seen2024-12-07

Times Seen19

Size111 kB (111026 bytes)

MD599128031ec83c0c238ff14eee601d00b

SHA101ad4fbea98ab69d55c7247033e62a31447126d4

SHA256f53fa168f726695898ae2e2f3f64670ee22bb9bac3d7365aae0ec195de2a857e

Certificate Info

IssuerGoogle Trust Services

Subjectcmav.net

Fingerprint08:A9:8F:C6:AC:3F:5B:2E:BF:5A:8D:98:58:58:CE:2C:A0:9B:B8:8F

ValidityFri, 25 Oct 2024 16:26:43 GMT - Thu, 23 Jan 2025 16:26:42 GMT

HTTP Headers

GET /contents/videos_screenshots/43000/43757/preview.jpg HTTP/1.1
Host: www.cmav.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 111026
last-modified: Thu, 11 Jun 2020 02:20:07 GMT
etag: "5ee194d7-1b1b2"
expires: Fri, 27 Dec 2024 01:52:03 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 870726
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZ8SvpuO%2FvqVVZ3YJKbzrDz74ShTXzYvemClXS31qXtAUeyq%2BxBeCThdW%2B87mVA7gk8uXOqxvEnjAwKBIVEjgNpAYJDghXZ6aRa57z7RuX49mPPM%2FXM75H%2F9sTZXQWA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fe3ca85684-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=674&min_rtt=414&rtt_var=417&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3188&recv_bytes=1068&delivery_rate=3497584&cwnd=253&unsent_bytes=0&cid=b59e2ce3db592608&ts=2414&x=0"
X-Firefox-Spdy: h2

GET fapdig.com/media/videos/tmb/000/024/285/1.jpg

104.21.6.130

200 OK

13 kB

URL GET HTTPS

fapdig.com/media/videos/tmb/000/024/285/1.jpg

IP / ASN

104.21.6.130

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 320x240, components 3

First Seen2024-06-16

Last Seen2025-07-26

Times Seen4

Size13 kB (12966 bytes)

MD5fe8c99f44a09f1eee484a0d3425258a3

SHA175d12358445933a7e73708f3cd092ff40d9e1926

SHA25629c553593bffbd8d9a57e6ca59e46cb4dd31219242c062a2f62f0cfcbe75ebd6

Certificate Info

IssuerGoogle Trust Services

Subjectfapdig.com

Fingerprint3D:E1:B1:4D:BD:9F:ED:36:05:28:1A:3C:A6:02:EE:0E:85:BA:67:2A

ValidityThu, 21 Nov 2024 13:40:59 GMT - Wed, 19 Feb 2025 13:40:58 GMT

HTTP Headers

GET /media/videos/tmb/000/024/285/1.jpg HTTP/1.1
Host: fapdig.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 12966
last-modified: Wed, 08 Jun 2016 05:03:01 GMT
cache-control: max-age=1209600
expires: Fri, 28 Jun 2024 02:54:50 GMT
cf-cache-status: HIT
age: 671
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BW1S7GsDdDZ0KMNJPPu3sjcugtXk7juK%2BUPqYiAxky6NRQbUkoJUPFYZRXX1NLtKDcUgAj%2B4Z3m6FEJtizuS%2FC%2FycPZcEZ3TXSI8n%2F%2B4h95M68OOzxGbWgdidfG7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fedef31c16-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2239&min_rtt=407&rtt_var=3475&sent=31&recv=13&lost=0&retrans=1&sent_bytes=32480&recv_bytes=1180&delivery_rate=7812949&cwnd=253&unsent_bytes=0&cid=ca64b8d647b9ad6f&ts=2564&x=0"
X-Firefox-Spdy: h2

GET img.mamaporno.net/ph/img/25/254710931_th.jpg

172.67.210.146

200 OK

52 kB

URL GET HTTPS

img.mamaporno.net/ph/img/25/254710931_th.jpg

IP / ASN

172.67.210.146

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 595x335, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size52 kB (52044 bytes)

MD527f0fdc3c94b4f9e81cd984489aaaf7d

SHA174a6732dbecdb1a3138610b646cdc95b99762e3d

SHA256074edac4fb4b3091a7a561abcdf0fe0041a390a333e708aa8c38f66b4ce94887

Certificate Info

IssuerGoogle Trust Services

Subjectmamaporno.net

Fingerprint26:BF:E0:B6:24:24:17:3B:30:D6:97:9C:70:B1:7B:91:40:1E:CE:4D

ValidityFri, 22 Nov 2024 06:21:56 GMT - Thu, 20 Feb 2025 06:21:55 GMT

HTTP Headers

GET /ph/img/25/254710931_th.jpg HTTP/1.1
Host: img.mamaporno.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 52044
last-modified: Fri, 04 Sep 2020 06:41:09 GMT
etag: "5f51e185-cb4c"
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUTNGoGcXrpz9NEDJRcyj7EXThunS60Gw5dQrzZQbXNJXJrqaZwF2iPVdv%2F4Kt10oG2FZKrZsKZJddT7NpLvqDRYKvea8mpad0dvpm8j%2BqaA6j7PnhSWtT%2BkigGcG7Cmard2UA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183feca30b4ed-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=518&min_rtt=369&rtt_var=239&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3223&recv_bytes=1097&delivery_rate=7375212&cwnd=255&unsent_bytes=0&cid=4eeb106b4c24c0e6&ts=2379&x=0"
X-Firefox-Spdy: h2

GET dsx.obmenvsemfiles.net/fo/files_attachments/1e9/a66/1e9a66944d4a77b0220bddf936e21664.jpg

85.17.28.58

200 OK

33 kB

URL GET HTTPS

dsx.obmenvsemfiles.net/fo/files_attachments/1e9/a66/1e9a66944d4a77b0220bddf936e21664.jpg

IP / ASN

85.17.28.58

#60781 LeaseWeb Netherlands B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 426x240, components 3

First Seen2024-05-09

Last Seen2025-08-04

Times Seen8

Size33 kB (33137 bytes)

MD51e9a66944d4a77b0220bddf936e21664

SHA122957ae77516f7373e78d14d9eb2bce3998d26d3

SHA2563376f42a0711de67ce5f2d15f9d1dd7c6318be5a74a5e3c1ddb181293e5c6bc5

Certificate Info

IssuerLet's Encrypt

Subjectds.obmenvsemfiles.net

FingerprintD9:3C:F2:CA:91:CD:5D:41:D2:C9:E9:78:E1:AA:52:D5:64:FB:47:DB

ValidityThu, 07 Nov 2024 20:44:15 GMT - Wed, 05 Feb 2025 20:44:14 GMT

HTTP Headers

GET /fo/files_attachments/1e9/a66/1e9a66944d4a77b0220bddf936e21664.jpg HTTP/1.1
Host: dsx.obmenvsemfiles.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 33137
last-modified: Mon, 11 May 2015 21:23:45 GMT
etag: "55511de1-8171"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn5-thumbs.motherlessmedia.com/thumbs/6BEEBD3.jpg

185.107.92.224

200 OK

21 kB

URL GET HTTPS

cdn5-thumbs.motherlessmedia.com/thumbs/6BEEBD3.jpg

IP / ASN

185.107.92.224

#43350 NForce Entertainment B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 8000x8001, segment length 16, baseline, precision 8, 640x480, components 3

First Seen2024-05-17

Last Seen2024-12-08

Times Seen4

Size21 kB (21341 bytes)

MD5541f7c4e6d407321f8623bec5a315c46

SHA1c1e686d73d847150bcae8de3cc3bcc54c3b2d90b

SHA2563aa05f41302cbfa57d769c13b6825afc31f0589eedb54c8af682f702aa2039af

Certificate Info

IssuerGoGetSSL

Subject*.motherlessmedia.com

Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8

ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT

HTTP Headers

GET /thumbs/6BEEBD3.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 21341
last-modified: Thu, 04 Oct 2018 09:18:39 GMT
etag: "1ec1c053f-535d-57763a3f7ea59"
expires: Thu, 03 Apr 2025 15:55:04 GMT
cache-control: max-age=10383745
x-cache: HIT
x-whom: cdn01
accept-ranges: bytes

GET www.rbe66.com/contents/videos_screenshots/64000/64937/preview.jpg

104.21.15.99

200 OK

32 kB

URL GET HTTPS

www.rbe66.com/contents/videos_screenshots/64000/64937/preview.jpg

IP / ASN

104.21.15.99

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 580x400, components 3

First Seen2024-04-20

Last Seen2024-12-07

Times Seen26

Size32 kB (31874 bytes)

MD548ae6cdbbb77ffcfcdbce4fbf55e3de7

SHA1d333ce473cef15a25833cd9241d8e2d0c861019b

SHA256185e1e647a6367c1ac131f57e83eb71bf386cc92a8fb9d9e708f417e456f226b

Certificate Info

IssuerGoogle Trust Services

Subjectrbe66.com

Fingerprint9E:3C:82:44:D6:58:6C:4F:17:FD:A1:E8:9A:BC:72:78:59:85:9A:D0

ValidityFri, 06 Dec 2024 11:55:48 GMT - Thu, 06 Mar 2025 11:55:47 GMT

HTTP Headers

GET /contents/videos_screenshots/64000/64937/preview.jpg HTTP/1.1
Host: www.rbe66.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 31874
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=2592000
etag: "5fdac685-7c82"
expires: Thu, 26 Dec 2024 00:20:02 GMT
last-modified: Tue, 26 Nov 2024 00:20:02 GMT
x-cache: HIT, policy, disk
cf-cache-status: HIT
age: 959510
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FEMBjzbNu%2BBpHhirxmfbNxNHPhhLifkqolxz1ZJ4RaaHJ%2F9nMPo57qZcXmxC2HgMKEKjnX2%2B3dTyqqn40inoUeWBzNVzV7tLR%2FjuSY5AsPHSqh6KZR%2BJonvOSzEic55V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183ff7ce856c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=477&min_rtt=435&rtt_var=124&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3268&recv_bytes=1195&delivery_rate=7621052&cwnd=253&unsent_bytes=0&cid=a7c03d2c0233e2ab&ts=2327&x=0"
X-Firefox-Spdy: h2

GET vidmo.pro/thumbs_320/aa/f9/aaf9d63a7c09d69bd16aa1e6091ca427/12463848.jpg

89.248.193.244

200 OK

20 kB

URL GET HTTPS

vidmo.pro/thumbs_320/aa/f9/aaf9d63a7c09d69bd16aa1e6091ca427/12463848.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-04-25

Last Seen2025-08-04

Times Seen20

Size20 kB (20468 bytes)

MD5f2c3e5d6cc3e8dbef78a0aaae32a36eb

SHA110f4a57706554d68c6d1bdae2f08f7a23945c3cf

SHA256e8d9218eb2438316c1071f84e30b438e3304879e325f8169c4556d13b23d13dd

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/aa/f9/aaf9d63a7c09d69bd16aa1e6091ca427/12463848.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 20468
last-modified: Sun, 01 Nov 2020 20:37:38 GMT
expires: Mon, 09 Oct 2023 19:17:42 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET pornohub24.ru/erosceny/screen/otec-torguet-svoimi-maloletnimi-dochkami-0.jpg

193.163.7.2

200 OK

18 kB

URL GET HTTPS

pornohub24.ru/erosceny/screen/otec-torguet-svoimi-maloletnimi-dochkami-0.jpg

IP / ASN

193.163.7.2

#204601 Zomro B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3

First Seen2024-12-07

Last Seen2025-07-23

Times Seen8

Size18 kB (17818 bytes)

MD5234e5b2a3b00fd5dc920cae013094a26

SHA172ba236ac99c6e82c7486ae3e04f803f61809d79

SHA25623a8380728a59cba08018288de6043dd906913a159721a3d4ae2ff0fd174caad

Certificate Info

IssuerLet's Encrypt

Subjectpornohub24.ru

Fingerprint16:59:1E:F3:1A:6B:29:1A:5D:B8:52:4F:D0:8F:54:B2:CD:EE:1B:57

ValidityMon, 02 Dec 2024 06:01:45 GMT - Sun, 02 Mar 2025 06:01:44 GMT

HTTP Headers

GET /erosceny/screen/otec-torguet-svoimi-maloletnimi-dochkami-0.jpg HTTP/1.1
Host: pornohub24.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 17818
last-modified: Sat, 06 Apr 2024 17:38:40 GMT
etag: "661188a0-459a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn5-thumbs.motherlessmedia.com/thumbs/F62CA57-small-10.jpg

185.107.92.224

200 OK

5.9 kB

URL GET HTTPS

cdn5-thumbs.motherlessmedia.com/thumbs/F62CA57-small-10.jpg

IP / ASN

185.107.92.224

#43350 NForce Entertainment B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1280x1281, segment length 16, baseline, precision 8, 320x180, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size5.9 kB (5907 bytes)

MD524116b5c216fa12aa55c4637b1de53c2

SHA19342c05e3be0f044dc03939f6e046593cc5cf4ad

SHA256a0cf6aa6e5ff432f2efd5b3e09c1da12a8cba411c334f9ccbd3b6d7324c0e705

Certificate Info

IssuerGoGetSSL

Subject*.motherlessmedia.com

Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8

ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT

HTTP Headers

GET /thumbs/F62CA57-small-10.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 5907
last-modified: Mon, 24 Apr 2023 20:27:45 GMT
etag: "1ef9c1e27-1713-5fa1ad6f1c50f"
expires: Mon, 07 Apr 2025 00:15:05 GMT
cache-control: max-age=10681086
x-cache: HIT
x-whom: cdn05
accept-ranges: bytes

GET img.sekesporno.net/ruxp/img/4/48391_r1.jpg

172.67.214.155

200 OK

16 kB

URL GET HTTPS

img.sekesporno.net/ruxp/img/4/48391_r1.jpg

IP / ASN

172.67.214.155

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x224, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size16 kB (15959 bytes)

MD57a8313bd031077d849b74b626a171331

SHA1ce8ec86ec43e1e21734582a7ca960d958914735b

SHA25635009e5aecd92ced5f6e76e4f4c12bd21ba1f10594839339a9c58bbc808396d2

Certificate Info

IssuerGoogle Trust Services

Subjectsekesporno.net

FingerprintAA:35:24:5C:60:5A:AE:AC:09:07:C5:EF:75:B5:D2:EA:0F:C7:93:32

ValidityWed, 20 Nov 2024 04:21:37 GMT - Tue, 18 Feb 2025 04:21:36 GMT

HTTP Headers

GET /ruxp/img/4/48391_r1.jpg HTTP/1.1
Host: img.sekesporno.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 15959
last-modified: Mon, 28 Dec 2020 08:14:22 GMT
etag: "5fe993de-3e57"
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1932991
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQRQ5DhzERJzCuscmF1g0eP6hnd3%2FLNYLLvRFh2Avi37K%2BkJLcOgxAEmh8anzKSD%2ByU39m6W6ZFCAm3EiXaYHuuMAMgMaM0ChpJi9fSiI3jxTJFPlbEnlR0JwLBu%2B%2FW5NOlXIKk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183ffcd1c56c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5602&min_rtt=424&rtt_var=5287&sent=44&recv=30&lost=0&retrans=1&sent_bytes=47185&recv_bytes=1316&delivery_rate=8165413&cwnd=257&unsent_bytes=0&cid=76a53fbd22508d57&ts=3155&x=0"
X-Firefox-Spdy: h2

GET vidmo.pro/thumbs_320/cf/36/cf3612e9b7989311d84f836adae048a0/13854546.jpg

89.248.193.244

200 OK

20 kB

URL GET HTTPS

vidmo.pro/thumbs_320/cf/36/cf3612e9b7989311d84f836adae048a0/13854546.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3

First Seen2024-04-18

Last Seen2025-07-13

Times Seen5

Size20 kB (20002 bytes)

MD50edcecc726649427f9cc39e2daf315cb

SHA19b2532cd1108f1f809f8d9661007a5ed1c6d1dff

SHA256b456e1ce78caf7fb0c685d3bb06c2d4a3314ad0ce51f8debf15c92afb0fc4a6c

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/cf/36/cf3612e9b7989311d84f836adae048a0/13854546.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 20002
last-modified: Wed, 05 Jan 2022 23:16:35 GMT
expires: Sun, 14 Apr 2024 13:53:22 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET meetcdn.com/vs/68429355.jpg

104.21.48.1

200 OK

22 kB

URL GET HTTPS

meetcdn.com/vs/68429355.jpg

IP / ASN

104.21.48.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.64.101", baseline, precision 8, 264x480, components 3

First Seen2024-08-19

Last Seen2025-08-05

Times Seen7

Size22 kB (21783 bytes)

MD5361bce050f7591edc74283aea74f8dfe

SHA1a6c4ebea846f6353373fe89bbddf16e0d656008e

SHA256781c0881078c30a49ffd19aff31f45aba60ad034e16ba8ea2621a41ac7ea86d0

Certificate Info

IssuerGoogle Trust Services

Subjectmeetcdn.com

Fingerprint08:05:21:57:DD:EE:05:FE:3A:67:C3:EC:7D:85:A5:8E:88:75:66:3D

ValidityMon, 11 Nov 2024 23:46:50 GMT - Sun, 09 Feb 2025 23:46:49 GMT

HTTP Headers

GET /vs/68429355.jpg HTTP/1.1
Host: meetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 21783
last-modified: Fri, 27 Mar 2020 09:14:32 GMT
etag: "5e7dc3f8-5517"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT, HIT
cf-cache-status: HIT
age: 2094323
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ex4ThY8ZsZH9NyOr0v7vZ1%2FjX817G0JjtfADB5JNBwZOHnqmzRXoiK6E89teYazBN4SP7ASGbvS9zvJRXvmJjSwRc%2BCyAX3nMpFcFCtLs%2B4ErbX4zSfr6MkCFuZOPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184000dfdb4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1429&min_rtt=392&rtt_var=2087&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1197&delivery_rate=8758064&cwnd=254&unsent_bytes=0&cid=4589b3e29d0cb4d1&ts=2260&x=0"
X-Firefox-Spdy: h2

GET images.lourmel.nl/213548_CLA305.webp

104.21.64.1

200 OK

8.9 kB

URL GET HTTPS

images.lourmel.nl/213548_CLA305.webp

IP / ASN

104.21.64.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp

First Seen2024-12-07

Last Seen2025-03-12

Times Seen6

Size8.9 kB (8910 bytes)

MD542716573ce322fb1e9cfe9b0e9e4c149

SHA18af2b8dbc3f44fe89cea9b29e2818645a4e5f988

SHA256f3a6037b7838cf74368291e32e08bcd2cf7be0c6097992dd8c89345d68634f4f

Certificate Info

IssuerGoogle Trust Services

Subjectlourmel.nl

Fingerprint41:6E:3F:F7:C2:85:BF:72:40:5A:0B:E7:F7:AC:7A:1B:A3:05:B5:A4

ValidityTue, 29 Oct 2024 22:27:26 GMT - Mon, 27 Jan 2025 22:27:25 GMT

HTTP Headers

GET /213548_CLA305.webp HTTP/1.1
Host: images.lourmel.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/webp
content-length: 8910
cache-control: max-age=31536000
strict-transport-security: max-age=63072000
last-modified: Wed, 24 Jul 2024 09:56:26 GMT
cf-cache-status: HIT
age: 6851026
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aghzXQMKv4%2BXpDy%2BYiAJCN15GmqVdM7%2BcbnooQg%2FbyVUozGLpNDbf6oRLYjMquBT4a6pYJUQrLNaYRModEmi7s4Aln6htfEryLyT26I9S9oDFE8jYBV1mw5sXDvZfQSngTZVsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1840039800b61-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=826&min_rtt=383&rtt_var=834&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3267&recv_bytes=1210&delivery_rate=8484375&cwnd=254&unsent_bytes=0&cid=576616ce3751c691&ts=2303&x=0"
X-Firefox-Spdy: h2

GET vjav2.com/images/db/1f/46161027_pha-trinh-em-gai-lon-non-thumb.jpg

104.21.65.63

200 OK

13 kB

URL GET HTTPS

vjav2.com/images/db/1f/46161027_pha-trinh-em-gai-lon-non-thumb.jpg

IP / ASN

104.21.65.63

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.64.101", baseline, precision 8, 640x360, components 3

First Seen2024-04-28

Last Seen2025-08-02

Times Seen16

Size13 kB (12896 bytes)

MD5fd8c1a76e80685bd7ba6cc6a8c8f076d

SHA1b6fb27f81d1c6b98e2951afe0d0f758ba154c846

SHA256cc5cea9a82a3ad6c58b9ef4bc2675ca840bae1d668665fde6e76dc55e9edb570

Certificate Info

IssuerGoogle Trust Services

Subjectvjav2.com

FingerprintA4:51:C9:87:1D:92:1D:13:D0:8B:6B:B9:1A:64:9B:D2:F8:68:EB:B1

ValidityThu, 28 Nov 2024 22:15:05 GMT - Wed, 26 Feb 2025 22:15:04 GMT

HTTP Headers

GET /images/db/1f/46161027_pha-trinh-em-gai-lon-non-thumb.jpg HTTP/1.1
Host: vjav2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 12896
last-modified: Thu, 10 Sep 2020 15:28:02 GMT
etag: "5f5a4602-3260"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000; includeSubdomains; preload
content-security-policy: block-all-mixed-content
x-frame-options: DENY
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1288464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QmWPU3ONaLYL3CP1atwqLz6%2BOffLjtTRCFiwvQz7bsvlbmmX3WKBz585B1FXcV3g7dm2%2FcsUr7XYrnEClfG4pVRbNw1BR8J7mt41I0YYFvckoNrFzjlWuVwQ%2Bxk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184008a2e568a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=476&min_rtt=449&rtt_var=107&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3269&recv_bytes=1192&delivery_rate=7927007&cwnd=253&unsent_bytes=0&cid=8cd494f08f4aa306&ts=2222&x=0"
X-Firefox-Spdy: h2

GET vidmo.pro/thumbs_320/e4/bf/e4bf07dd9fcad728d7b56db1b4fac512/15460373.jpg

89.248.193.244

200 OK

14 kB

URL GET HTTPS

vidmo.pro/thumbs_320/e4/bf/e4bf07dd9fcad728d7b56db1b4fac512/15460373.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3

First Seen2024-12-07

Last Seen2025-01-01

Times Seen3

Size14 kB (14066 bytes)

MD528a4275b402d14dce72867e2ba74b917

SHA156d15f29b492a8ddc2027986f435a796e918dbaf

SHA256b5ed9d799648d00f7827697bd9a6463ea28b5c5e21263e20a5d6edf2f883e86c

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/e4/bf/e4bf07dd9fcad728d7b56db1b4fac512/15460373.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 14066
last-modified: Sat, 04 Mar 2023 17:15:02 GMT
expires: Mon, 09 Oct 2023 19:21:53 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET vidmo.pro/thumbs_320/4f/b0/4fb056a159c8ed7dba3a100dbd2d9663/12478831.jpg

89.248.193.244

200 OK

24 kB

URL GET HTTPS

vidmo.pro/thumbs_320/4f/b0/4fb056a159c8ed7dba3a100dbd2d9663/12478831.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-04-27

Last Seen2025-08-03

Times Seen21

Size24 kB (23826 bytes)

MD5521d6cde7d60efe07f0a378851f300cf

SHA1360b7bcbbcb7e13be383f921ae7998f58b5b877f

SHA2564620991e3e22a057cb44ce433d60166d25c4bea464f44ec181f7650d1c9b46c9

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/4f/b0/4fb056a159c8ed7dba3a100dbd2d9663/12478831.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 23826
last-modified: Thu, 05 Nov 2020 08:33:52 GMT
expires: Mon, 09 Oct 2023 19:21:18 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.clporn.com/thumbs/786/535-nwv-please-daddy.jpg

172.67.222.7

200 OK

22 kB

URL GET HTTPS

www.clporn.com/thumbs/786/535-nwv-please-daddy.jpg

IP / ASN

172.67.222.7

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 312x208, components 3

First Seen2024-12-07

Last Seen2025-07-24

Times Seen12

Size22 kB (21821 bytes)

MD5f5b165b8099d583c388574a57ef7c762

SHA187dda2eebff6a6c122fdceb1ce00e0c0194f976a

SHA256ce1b3d2732acb9a6f52b1a81483f4dd5a3ff8b6df50c08d70f7b747a3ce3706a

Certificate Info

IssuerGoogle Trust Services

Subjectclporn.com

FingerprintB6:5C:97:0A:F8:D6:AC:1A:76:B6:D7:C7:D3:68:68:39:0D:98:5C:D4

ValiditySat, 19 Oct 2024 13:15:48 GMT - Fri, 17 Jan 2025 13:15:47 GMT

HTTP Headers

GET /thumbs/786/535-nwv-please-daddy.jpg HTTP/1.1
Host: www.clporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 21821
last-modified: Tue, 16 Mar 2021 06:47:28 GMT
etag: "60505480-553d"
expires: Mon, 24 Nov 2025 07:15:50 GMT
cache-control: public, max-age=31536000, no-transform
x-cache-status: HIT
cf-cache-status: HIT
age: 1110500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eiCFgzg7nXz2DhojTdf18XUXnnRcgPVUnZCZs6qLWcFCbNeHp0YGQ5A%2Fh%2FxGPlCCAG5IX8%2FHnEclPbPr1BmnGhVJZZUzI6EPIeSmgTRUVD%2BwXclzqgry%2BBVVcFxEaGnYyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18400bdfcb4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=905&min_rtt=426&rtt_var=967&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3195&recv_bytes=1091&delivery_rate=7594405&cwnd=254&unsent_bytes=0&cid=202a17d80c38f617&ts=2242&x=0"
X-Firefox-Spdy: h2

GET area51.porn/static/images/logo.svg

104.21.235.119

200 OK

1.5 kB

URL GET HTTPS

area51.porn/static/images/logo.svg

IP / ASN

104.21.235.119

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2023-05-10

Last Seen2025-08-05

Times Seen23

Size1.5 kB (1454 bytes)

MD53b607fed75b73190410b56d567432ed2

SHA14e26d5ebc16252425f75f037c9bf0d5f6fb53482

SHA256bd509a93e20f6b999cc5572412bc35ce89814f958e89e20799919b72f6863a05

Certificate Info

IssuerGoogle Trust Services

Subjectarea51.porn

Fingerprint6D:41:11:95:AA:89:BA:C7:D3:0A:C0:C3:1C:1D:84:9A:8C:16:34:35

ValiditySat, 16 Nov 2024 06:13:20 GMT - Fri, 14 Feb 2025 06:13:19 GMT

HTTP Headers

GET /static/images/logo.svg HTTP/1.1
Host: area51.porn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/svg+xml
last-modified: Mon, 01 Mar 2021 12:57:09 GMT
etag: W/"603ce4a5-901"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 597738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ffe8jLyt4TfauoA4G8aWDAwzXVVWcMTtGA6xSHUUbqMLeBTfoJmJnXo%2FOYZr1%2Bg47oHVZbNdI97qxP42v14s5Ma0AixmiY8wysaU7rcdHeRrPu%2FHki78NMYtxe39Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fdec0171c6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=18837&min_rtt=18768&rtt_var=3033&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3198&recv_bytes=1046&delivery_rate=229622&cwnd=34&unsent_bytes=0&cid=ef988a4bb535ad7a&ts=2363&x=0"
X-Firefox-Spdy: h2

GET stickamvids.net/photos/2019/03/10379_0_300.jpg

80.92.205.167

200 OK

8.6 kB

URL GET HTTPS

stickamvids.net/photos/2019/03/10379_0_300.jpg

IP / ASN

80.92.205.167

#44477 Stark Industries Solutions Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 230x172, components 3

First Seen2024-12-07

Last Seen2025-08-02

Times Seen4

Size8.6 kB (8611 bytes)

MD5b7a9c761055749a4957511143bf3f6a5

SHA1c1657f89a322fafd9f43ed1e9914619dd51cffbf

SHA2561fc72489a0cc6c8b9d4358d2351962af3420aecdcbc0ab0537dba27aba27c98b

Certificate Info

IssuerLet's Encrypt

Subjectstickamvids.net

Fingerprint15:D4:79:CE:92:44:E7:77:D4:AA:72:8F:2D:95:B9:CD:49:27:9C:31

ValidityMon, 25 Nov 2024 00:23:03 GMT - Sun, 23 Feb 2025 00:23:02 GMT

HTTP Headers

GET /photos/2019/03/10379_0_300.jpg HTTP/1.1
Host: stickamvids.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 07 Dec 2024 03:44:10 GMT
Content-Type: image/jpeg
Content-Length: 8611
Last-Modified: Wed, 14 Feb 2024 13:08:39 GMT
Connection: keep-alive
ETag: "65ccbb57-21a3"
Expires: Sun, 08 Dec 2024 03:44:10 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

GET obmenvsemfiles.net/fo/files_attachments/ab7/bb7/ab7bb7ef42d3f95b8553f981a0c24bf5.jpg

82.192.80.149

200 OK

34 kB

URL GET HTTPS

obmenvsemfiles.net/fo/files_attachments/ab7/bb7/ab7bb7ef42d3f95b8553f981a0c24bf5.jpg

IP / ASN

82.192.80.149

#60781 LeaseWeb Netherlands B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x393, components 3

First Seen2024-09-19

Last Seen2025-07-30

Times Seen18

Size34 kB (33736 bytes)

MD5ab7bb7ef42d3f95b8553f981a0c24bf5

SHA18f9e0dcbaa41411ec3413c01197fcede0d2a0f2b

SHA2560b111410abb1afecdca6e8a4bcbed7b09de0431fc04f200e3851f003eccb5bc8

Certificate Info

IssuerLet's Encrypt

Subjectobmenvsemfiles.net

FingerprintD8:98:DA:84:B6:07:68:49:BB:68:EE:4F:A6:77:73:92:48:BF:6D:66

ValidityMon, 18 Nov 2024 20:46:21 GMT - Sun, 16 Feb 2025 20:46:20 GMT

HTTP Headers

GET /fo/files_attachments/ab7/bb7/ab7bb7ef42d3f95b8553f981a0c24bf5.jpg HTTP/1.1
Host: obmenvsemfiles.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 33736
last-modified: Tue, 06 Jun 2023 18:39:26 GMT
etag: "647f7d5e-83c8"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET en.vidmo.pro/thumbs_320/4c/f4/4cf41cfb04803086fc7302706ec525ba/11889633.jpg

89.248.193.244

200 OK

27 kB

URL GET HTTPS

en.vidmo.pro/thumbs_320/4c/f4/4cf41cfb04803086fc7302706ec525ba/11889633.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 320x240, components 3

First Seen2024-04-24

Last Seen2025-07-28

Times Seen10

Size27 kB (26645 bytes)

MD5d3e91848081f57e6a5bab981c2d69040

SHA1053f10c4e406a33e1d5737e27d69a635712a8643

SHA256b0204f750e3309382f0cf307b6a3bc3394593fc5a7c5eaa3ac1b6a2f2a3e6a38

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/4c/f4/4cf41cfb04803086fc7302706ec525ba/11889633.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 26645
last-modified: Tue, 26 May 2020 03:45:57 GMT
expires: Wed, 10 Apr 2024 12:45:17 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET jpgjingpinx.com/upload/vod/20240108-1/3f24a2f36b61cf4150c982bc26202418.jpg

137.175.7.66

200 OK

59 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240108-1/3f24a2f36b61cf4150c982bc26202418.jpg

IP / ASN

137.175.7.66

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 828x465, components 3

First Seen2024-12-07

Last Seen2024-12-28

Times Seen4

Size59 kB (59082 bytes)

MD5b80c4146df4e4ac4fe6aab7a740e912b

SHA135c6f2fce4c2e0061d32e1af99c17c5f439be02e

SHA256f43a66f8b891d35f026db5857b0dcdeeb22063c92111fcf118669701ea47d737

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240108-1/3f24a2f36b61cf4150c982bc26202418.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 59082
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:29:08 GMT
Etag: "659b8f70-e6ca"
Expires: Sat, 16 Nov 2024 20:29:08 GMT
Last-Modified: Thu, 17 Oct 2024 20:29:08 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET cdn5-thumbs.motherlessmedia.com/thumbs/425BCE9.jpg

185.107.92.224

200 OK

22 kB

URL GET HTTPS

cdn5-thumbs.motherlessmedia.com/thumbs/425BCE9.jpg

IP / ASN

185.107.92.224

#43350 NForce Entertainment B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x480, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size22 kB (21622 bytes)

MD5b3166b29cdde596d17b8da7c9ba96002

SHA126313cd77a776bf331d6416f1d932fb97b276b1a

SHA2564897a79c04bf81607511a7af45a3cd8771ce85296ced8ae71e1b36fa7f0be573

Certificate Info

IssuerGoGetSSL

Subject*.motherlessmedia.com

Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8

ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT

HTTP Headers

GET /thumbs/425BCE9.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 21622
last-modified: Wed, 03 Oct 2018 10:57:45 GMT
etag: "1ebc9538e-5476-57750e87c9fe1"
expires: Sun, 06 Apr 2025 07:56:35 GMT
cache-control: max-age=10635864
x-cache: HIT
x-whom: cdn05
accept-ranges: bytes

GET cdn1.hotmoza.tv/thumb/d3/c4/f8/d3c4f8b9b0c6e431ccd094e179510b00.jpg

172.67.217.174

200 OK

22 kB

URL GET HTTPS

cdn1.hotmoza.tv/thumb/d3/c4/f8/d3c4f8b9b0c6e431ccd094e179510b00.jpg

IP / ASN

172.67.217.174

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-05-11

Last Seen2025-07-24

Times Seen8

Size22 kB (21554 bytes)

MD58210d1939985b0e9112b73416df1e61d

SHA1ac894ff570ddcd3bdbf8ffc0c8dfabb4d2de6674

SHA256e0beea472ade34970aea860a8380a7dde76f4c3a0324c89b4fb337f5395391ac

Certificate Info

IssuerGoogle Trust Services

Subjecthotmoza.tv

FingerprintE3:06:3B:68:CE:47:76:70:A9:16:AF:3D:D5:41:69:7A:89:52:4B:1A

ValidityWed, 30 Oct 2024 14:13:06 GMT - Tue, 28 Jan 2025 14:13:05 GMT

HTTP Headers

GET /thumb/d3/c4/f8/d3c4f8b9b0c6e431ccd094e179510b00.jpg HTTP/1.1
Host: cdn1.hotmoza.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 21554
x-object-meta-mtime: 1581304657.258632
etag: 8210d1939985b0e9112b73416df1e61d
last-modified: Mon, 10 Feb 2020 03:17:42 GMT
x-timestamp: 1581304661.83348
x-trans-id: tx7626b8f6664a40e689feb-0063d1ec1e
x-openstack-request-id: tx7626b8f6664a40e689feb-0063d1ec1e
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
expires: Sun, 08 Dec 2024 08:38:34 GMT
x-proxy-cache: HIT
cf-cache-status: HIT
age: 68736
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JLV5jZMFM6iUO3ue53EZm%2BIP8j9Yp9Ac2kD9l3KE2inSAbRC9t37B1HqNM%2FR6rN7kyKeh1HjagDGpht5hMLVPc0DHkREJzitHoxxDfDIZnOMIlk25w9KoaiyqzVzDQVQaXQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184015d96b500-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=507&min_rtt=451&rtt_var=170&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3192&recv_bytes=1071&delivery_rate=8434951&cwnd=253&unsent_bytes=0&cid=1a6c06eb33aed26f&ts=1827&x=0"
X-Firefox-Spdy: h2

GET rtgallery.net/tb/1109110037206.jpg

5.63.144.85

200 OK

37 kB

URL GET HTTPS

rtgallery.net/tb/1109110037206.jpg

IP / ASN

5.63.144.85

#13213 UK-2 Limited

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 480x360, components 3

First Seen2024-08-19

Last Seen2024-12-07

Times Seen3

Size37 kB (36666 bytes)

MD5c81964c3159bec695947a7eaf96899d6

SHA13e182e6b59d44e66dd2cf0c6a3ba8dcb586fff16

SHA256b7a67c1d8c66b8f28311579bde44fd1c9c5114f45e93df8a9fd7f6bb25993ece

Certificate Info

IssuerLet's Encrypt

Subjectrtgallery.net

Fingerprint9D:AB:29:43:6F:E7:4E:6E:90:C5:1D:94:E0:DB:33:4B:0F:D5:7C:23

ValiditySat, 23 Nov 2024 00:11:51 GMT - Fri, 21 Feb 2025 00:11:50 GMT

HTTP Headers

GET /tb/1109110037206.jpg HTTP/1.1
Host: rtgallery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 07 Dec 2024 02:38:24 GMT
Content-Type: image/jpeg
Content-Length: 36666
Last-Modified: Sat, 15 Dec 2018 09:40:41 GMT
Connection: keep-alive
ETag: "5c14cc19-8f3a"
Accept-Ranges: bytes

GET cdn1.hotmoza.tv/thumb/07/a3/fd/07a3fd36983f159d0b079930725845e0.jpg

172.67.217.174

200 OK

19 kB

URL GET HTTPS

cdn1.hotmoza.tv/thumb/07/a3/fd/07a3fd36983f159d0b079930725845e0.jpg

IP / ASN

172.67.217.174

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 320x180, components 3

First Seen2024-08-20

Last Seen2024-12-07

Times Seen2

Size19 kB (18691 bytes)

MD5250fedc98fdbc304711632202470a794

SHA171f86ff1007b42b842b7a328d4e4fc0e9a5d6bf4

SHA2561880c07e4095fe42dea44a2a593ef65691860d28ca0361b77312de6a4601119f

Certificate Info

IssuerGoogle Trust Services

Subjecthotmoza.tv

FingerprintE3:06:3B:68:CE:47:76:70:A9:16:AF:3D:D5:41:69:7A:89:52:4B:1A

ValidityWed, 30 Oct 2024 14:13:06 GMT - Tue, 28 Jan 2025 14:13:05 GMT

HTTP Headers

GET /thumb/07/a3/fd/07a3fd36983f159d0b079930725845e0.jpg HTTP/1.1
Host: cdn1.hotmoza.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 18691
last-modified: Mon, 10 Feb 2020 05:10:07 GMT
etag: 250fedc98fdbc304711632202470a794
x-timestamp: 1581311406.37221
x-object-meta-mtime: 1581311404.799508
x-trans-id: txb851918ed27d46979242d-005e64ae24
x-openstack-request-id: txb851918ed27d46979242d-005e64ae24
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 08 Dec 2024 04:47:56 GMT
x-proxy-cache: HIT
x-cdn-host-id: ds9225
cf-cache-status: HIT
age: 82574
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ty1i0Oy08ey58054TboMjt1KaFSaMDFXxmxoC8FdYRCxDcO60JjqHoX0OxXVO9CDwr7QGAI4VTgKbRvS2gjLUFiC1%2FrALiX3WBXZZ6nvRcuKbNpmy0PMZU%2F9Ax%2B15MF1eVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184016d9db500-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1867&min_rtt=451&rtt_var=2846&sent=26&recv=12&lost=0&retrans=0&sent_bytes=26253&recv_bytes=1206&delivery_rate=8434951&cwnd=253&unsent_bytes=0&cid=1a6c06eb33aed26f&ts=1841&x=0"
X-Firefox-Spdy: h2

GET emb4.teensexadd.com/x-vids/73/e5/1544916903.31911.jpg?e=4843842647&hash=vicONlm_gtUneI-yRKLuTw

213.174.142.67

200 OK

9.3 kB

URL GET HTTPS

emb4.teensexadd.com/x-vids/73/e5/1544916903.31911.jpg?e=4843842647&hash=vicONlm_gtUneI-yRKLuTw

IP / ASN

213.174.142.67

#39572 DataWeb Global Group B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 720x406, components 3

First Seen2024-05-06

Last Seen2025-06-25

Times Seen30

Size9.3 kB (9319 bytes)

MD51242f5395c6cd7c60dcb9c4e5d8971e9

SHA15ed1a3bac1089ef000058db33cfdd264835d7575

SHA256596ba40b08df6eebe095215f0669589eb7177cc28f2dfb604e4b443b65653f2e

Certificate Info

IssuerLet's Encrypt

Subjectemb4.teensexadd.com

Fingerprint5F:9C:8E:29:64:59:53:9E:76:F8:D6:07:84:07:64:8A:37:50:D4:AD

ValiditySat, 26 Oct 2024 23:16:14 GMT - Fri, 24 Jan 2025 23:16:13 GMT

HTTP Headers

GET /x-vids/73/e5/1544916903.31911.jpg?e=4843842647&hash=vicONlm_gtUneI-yRKLuTw HTTP/1.1
Host: emb4.teensexadd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 9319
last-modified: Sat, 15 Dec 2018 23:35:09 GMT
expires: Mon, 06 Jan 2025 03:44:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=15768000; includeSubDomains
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-robots-tag: none
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET jpgjingpinx.com/upload/vod/20240107-1/5ca956188044b48fd00a906a0834a0ff.jpg

192.74.233.14

200 OK

100 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240107-1/5ca956188044b48fd00a906a0834a0ff.jpg

IP / ASN

192.74.233.14

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 718x404, components 3

First Seen2024-10-11

Last Seen2024-12-28

Times Seen7

Size100 kB (100059 bytes)

MD5ff24f9d1eace6c937254bc3573d6a4b1

SHA13525ae29b321178f1bc052a94eb4ab6a1b77b069

SHA256269da2fc1080f567813c55150f6230c36ef78e1f31333dd930510d9b125e9f76

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240107-1/5ca956188044b48fd00a906a0834a0ff.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 100059
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:07:57 GMT
Etag: "659a3bb6-186db"
Expires: Sat, 16 Nov 2024 20:07:57 GMT
Last-Modified: Thu, 17 Oct 2024 20:07:57 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET cdn.hotscope.tv/files/thumbnail/size_thumb_xC51uYB-pCO.jpg

51.83.238.19

200 OK

9.7 kB

URL GET HTTPS

cdn.hotscope.tv/files/thumbnail/size_thumb_xC51uYB-pCO.jpg

IP / ASN

51.83.238.19

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 270x375, components 3

First Seen2024-12-06

Last Seen2024-12-07

Times Seen2

Size9.7 kB (9687 bytes)

MD52bbf127cc806d1c87bab1b137780589d

SHA181f447cfda0f540886ad9befeedc26de502f8f4f

SHA25657bfe08d310d39b672cbc123e4473cef9b46587211a76690401b36f339e8654e

Certificate Info

IssuerLet's Encrypt

Subjecthotscope.tv

Fingerprint7C:51:3C:FB:53:1A:AC:73:83:A1:10:42:39:83:6F:B8:73:84:1E:9E

ValidityTue, 08 Oct 2024 04:25:27 GMT - Mon, 06 Jan 2025 04:25:26 GMT

HTTP Headers

GET /files/thumbnail/size_thumb_xC51uYB-pCO.jpg HTTP/1.1
Host: cdn.hotscope.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:10 GMT
Content-Type: image/jpeg
Content-Length: 9687
Last-Modified: Thu, 30 Sep 2021 07:23:08 GMT
Connection: keep-alive
ETag: "615565dc-25d7"
Expires: Sun, 07 Dec 2025 03:44:10 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

GET filmesporno.xxx/wp-content/uploads/2023/02/e4b9b1e4bca6e6af8de5ad90-a3c.jpg

172.67.218.93

200 OK

12 kB

URL GET HTTPS

filmesporno.xxx/wp-content/uploads/2023/02/e4b9b1e4bca6e6af8de5ad90-a3c.jpg

IP / ASN

172.67.218.93

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3

First Seen2024-12-07

Last Seen2025-02-14

Times Seen4

Size12 kB (12432 bytes)

MD58712e7c31f90b2e367f01d159f9bc54c

SHA1ba4d31866d3043727f08311838d86d8113f36f8f

SHA256eb13d1cd5ec96d4a95763dddb16c2696191ee9abe1b01ae9e7dc300132eccfbb

Certificate Info

IssuerGoogle Trust Services

Subjectfilmesporno.xxx

FingerprintAB:08:04:5C:1B:01:B3:F8:37:DB:E6:AF:81:61:BD:CA:DC:C4:89:79

ValidityWed, 04 Dec 2024 07:01:32 GMT - Tue, 04 Mar 2025 07:01:31 GMT

HTTP Headers

GET /wp-content/uploads/2023/02/e4b9b1e4bca6e6af8de5ad90-a3c.jpg HTTP/1.1
Host: filmesporno.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 12432
last-modified: Thu, 16 Feb 2023 14:10:17 GMT
etag: "63ee3949-3090"
version: MS24092601
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 24 Oct 2025 19:00:57 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17651
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x4XUKpVfiir6QW1jlyOP4phD%2FuzitAKGQOMHTJvKRIeSok4VYdGVCDnZm97ik0mK1FJYjo205%2FV%2FYcr2jNm9LPzs0sVOohHfhVYY2E5xkE50x84HAsh765GK6SLMP35dn3M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18401cc25b4ff-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=481&min_rtt=461&rtt_var=102&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3286&recv_bytes=1204&delivery_rate=8014760&cwnd=245&unsent_bytes=0&cid=7653b109cf84415f&ts=1868&x=0"
X-Firefox-Spdy: h2

GET jpgjingpinx.com/upload/vod/20240326-1/66aa8e878e1a4cb08f69cbd0935f5aed.jpg

192.74.233.14

200 OK

379 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240326-1/66aa8e878e1a4cb08f69cbd0935f5aed.jpg

IP / ASN

192.74.233.14

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 800 x 450, 8-bit/color RGBA, non-interlaced

First Seen2024-12-07

Last Seen2024-12-10

Times Seen2

Size379 kB (379019 bytes)

MD5fdb5cb8172df1af8ea29b3d1da6bbaa7

SHA1541fe2daeaf0ad1912cc1d4f19f961889349d04a

SHA2561082104f78b790e91711d47115fa8df87ec06fd62abdf2a6b05de6a44460f924

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240326-1/66aa8e878e1a4cb08f69cbd0935f5aed.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 379019
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:21:41 GMT
Etag: "66025332-5c88b"
Expires: Sat, 16 Nov 2024 20:21:41 GMT
Last-Modified: Thu, 17 Oct 2024 20:21:42 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/3f/8e/79/3f8e79000a896caa96ce55f4f9b82c0b-1/3f8e79000a896caa96ce55f4f9b82c0b.15.jpg

121.127.45.89

200 OK

14 kB

URL GET HTTPS

cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/3f/8e/79/3f8e79000a896caa96ce55f4f9b82c0b-1/3f8e79000a896caa96ce55f4f9b82c0b.15.jpg

IP / ASN

121.127.45.89

#60068 Datacamp Limited

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size14 kB (14432 bytes)

MD51330e383992504b0522f590b31136b50

SHA1a8607fbead4ffcf7a60c66154d37a16eae9731fa

SHA256f91fff181872fda697fc9183bc872ced61ae8b1f5fef9228d6058f6c43b28fea

Certificate Info

IssuerSectigo Limited

Subjectxvideos.com

Fingerprint27:E9:05:C0:A5:FC:40:B1:D6:44:DC:D3:39:EE:11:78:2C:E2:F0:78

ValidityThu, 03 Oct 2024 00:00:00 GMT - Mon, 03 Nov 2025 23:59:59 GMT

HTTP Headers

GET /videos/thumbs169ll/3f/8e/79/3f8e79000a896caa96ce55f4f9b82c0b-1/3f8e79000a896caa96ce55f4f9b82c0b.15.jpg HTTP/1.1
Host: cdn77-pic.xvideos-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 14432
last-modified: Mon, 17 Oct 2016 06:14:08 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-accel-expires: @1739740926
x-77-nzt: A3l/LVg3Nzf/wdIQANRmOJljF+r/BhaaAI/0Ot0K/njvkxEFAA
x-77-nzt-ray: d37a271b5cf8f1db8ac453670bf7961f
x-77-cache: HIT
x-accel-date: 1732440521
x-cache-lb: HIT
x-age-lb: 10098182
x-77-age: 1102529
server: CDN77-Turbo
x-accel-date-max: 1698092197
x-cache: HIT
x-age: 1102529
accept-ranges: bytes
X-Firefox-Spdy: h2

GET rrs1.xyz/contents/videos_screenshots/65000/65796/preview.jpg

104.21.235.159

200 OK

15 kB

URL GET HTTPS

rrs1.xyz/contents/videos_screenshots/65000/65796/preview.jpg

IP / ASN

104.21.235.159

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 320x180, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size15 kB (14973 bytes)

MD595c9603763a5f939a8a951620afc100d

SHA11bb5db151e250008f70747a1e09d963f1bd9a162

SHA2569023355ff596b9ddd9dca8ca74174f3a832e39f3cfe9974db96340c12fb771de

Certificate Info

IssuerGoogle Trust Services

Subjectrrs1.xyz

Fingerprint47:F9:58:2A:6C:28:D2:A8:4E:E4:ED:BD:02:79:02:F1:1F:58:58:57

ValidityWed, 16 Oct 2024 01:45:01 GMT - Tue, 14 Jan 2025 01:45:00 GMT

HTTP Headers

GET /contents/videos_screenshots/65000/65796/preview.jpg HTTP/1.1
Host: rrs1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 14973
last-modified: Fri, 27 Mar 2020 05:01:17 GMT
etag: "5e7d889d-3a7d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2366
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9GNV7ouqagSCJCtc0dyeB7ykXBdvKEz08NjmlwUilQ%2FXxdXDWzlOaRwWCt%2BB4re9CVGSXKI0rCNrZkJ0nh%2Fkv5qaHa5h9ghlUFMFVhcoYS7Dc2zOw3aXioLEFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184020f46ef41-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=18695&min_rtt=18616&rtt_var=3042&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3189&recv_bytes=1066&delivery_rate=230634&cwnd=34&unsent_bytes=0&cid=bf4049f997b0aa85&ts=1854&x=0"
X-Firefox-Spdy: h2

GET jpgjingpinx.com/upload/vod/20240107-1/65d1e7a7cfecd09c7d7e618cb8b58c4c.jpg

137.175.7.66

200 OK

85 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240107-1/65d1e7a7cfecd09c7d7e618cb8b58c4c.jpg

IP / ASN

137.175.7.66

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 718x404, components 3

First Seen2024-12-07

Last Seen2024-12-28

Times Seen4

Size85 kB (84687 bytes)

MD53fce2684384a55827978e6a83a9ea503

SHA1e349ebf2f8bccaafc4a50b32dc0be4da82b83d61

SHA256b2c71545ca9258248d15642689edb440ec1d1dbe0cd6510e16bd9e554f9a0d69

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240107-1/65d1e7a7cfecd09c7d7e618cb8b58c4c.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 84687
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:26:39 GMT
Etag: "659a3b56-14acf"
Expires: Sat, 16 Nov 2024 20:26:39 GMT
Last-Modified: Thu, 17 Oct 2024 20:26:39 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET img.russkie.tv/ruxp/img/8/81702_r1.jpg

104.21.56.138

200 OK

11 kB

URL GET HTTPS

img.russkie.tv/ruxp/img/8/81702_r1.jpg

IP / ASN

104.21.56.138

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x224, components 3

First Seen2024-04-21

Last Seen2025-08-04

Times Seen22

Size11 kB (11165 bytes)

MD5465086d6d1be4eb1bcbc5de8cc9f0b6b

SHA169a042144ce70c006e5c851e9e3e2dd11d4d8393

SHA25652675fa2ed9920c35afb0674452ae07640c55875095f2932796033e784c35c4a

Certificate Info

IssuerGoogle Trust Services

Subjectrusskie.tv

FingerprintF7:18:F1:F2:CD:80:4E:91:AA:A9:35:3E:4F:A9:22:24:1A:4E:49:B6

ValidityThu, 21 Nov 2024 08:27:14 GMT - Wed, 19 Feb 2025 08:27:13 GMT

HTTP Headers

GET /ruxp/img/8/81702_r1.jpg HTTP/1.1
Host: img.russkie.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 11165
last-modified: Mon, 28 Dec 2020 08:14:27 GMT
etag: "5fe993e3-2b9d"
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 857215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCRELLaqjo4zYSVq9e4iSlT625YEnLKtUr4QOBza4zzWxCsXo0UTjqAO2ZttQj%2FkzbhDomIbZGdSkObbk84cq2OXika90AMfGN2Yp41nAyRrQnkXIbU4WKiv6CSmIM1rXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184026c5b0b45-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=551&min_rtt=437&rtt_var=118&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3217&recv_bytes=1093&delivery_rate=6995169&cwnd=255&unsent_bytes=0&cid=27b2b2659040c790&ts=1917&x=0"
X-Firefox-Spdy: h2

GET jpgjingpinx.com/upload/vod/20240108-1/f3a16f391f8be6500bbda9d025720e14.jpg

192.74.233.14

200 OK

184 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240108-1/f3a16f391f8be6500bbda9d025720e14.jpg

IP / ASN

192.74.233.14

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3

First Seen2024-12-07

Last Seen2025-02-04

Times Seen2

Size184 kB (183583 bytes)

MD5934642c4accc386d768c363851da8d72

SHA17b3c437e107f40bb39d713a9053caa21a27ecbcf

SHA256dc84e8385ad69306d420b9e8b17dfc5848a88e77b76298f3fa1a593cc3edce3a

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240108-1/f3a16f391f8be6500bbda9d025720e14.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 183583
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:08:39 GMT
Etag: "659b901c-2cd1f"
Expires: Sat, 16 Nov 2024 20:08:39 GMT
Last-Modified: Thu, 17 Oct 2024 20:08:39 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET thumbs.xnxx-xxx.pro/pictures/198/447_dan-sini-bokeppbaruuu.webp

172.67.185.134

200 OK

8.8 kB

URL GET HTTPS

thumbs.xnxx-xxx.pro/pictures/198/447_dan-sini-bokeppbaruuu.webp

IP / ASN

172.67.185.134

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 270x161, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size8.8 kB (8763 bytes)

MD5fcc493e45dda8d1516631fc9d7aa004d

SHA16b599669db8ad7b7066fad65c8e93145e8a6319a

SHA2565e6305cebe5ec03ef4cc1100759974288861fbf43d824e7d8ad634d7b87c9f83

Certificate Info

IssuerGoogle Trust Services

Subjectxnxx-xxx.pro

Fingerprint02:5D:25:2E:90:34:89:2D:37:1A:63:1C:FF:A7:E1:AB:11:9B:EF:5E

ValiditySun, 13 Oct 2024 08:07:33 GMT - Sat, 11 Jan 2025 08:07:32 GMT

HTTP Headers

GET /pictures/198/447_dan-sini-bokeppbaruuu.webp HTTP/1.1
Host: thumbs.xnxx-xxx.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/webp
content-length: 8763
last-modified: Mon, 23 Aug 2021 22:22:28 GMT
etag: "61241fa4-223b"
expires: Fri, 13 Dec 2024 01:10:44 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 95606
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=03HSOukFb8H1Xp3Z5gEnGsR1lOR1Rt6AFy3pKCfzB%2FFQB8ghATPS6GBeC8b5%2BgrM30XNFYI6uYfHjiV2IeQWI%2BQmuSNtIU%2FI4fCAuJ7X4B22HO55z6PEBth6lmhex4ThlmpCDsQ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184028c5656c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=472&min_rtt=410&rtt_var=150&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3199&recv_bytes=1069&delivery_rate=6983922&cwnd=253&unsent_bytes=0&cid=69c45f761424d7a5&ts=1847&x=0"
X-Firefox-Spdy: h2

GET cdn.onlyindianporn.tv/000/009/9966/9966.webp

172.67.183.233

200 OK

5.4 kB

URL GET HTTPS

cdn.onlyindianporn.tv/000/009/9966/9966.webp

IP / ASN

172.67.183.233

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x214, Scaling: [none]x[none], YUV color, decoders should clamp

First Seen2024-05-09

Last Seen2025-07-28

Times Seen12

Size5.4 kB (5448 bytes)

MD51046cfed7e929744892aeb89dfa64c67

SHA1d822a70f73574d3e8d1306ec36188ba150772415

SHA256719eb9ec4b3ef9513d0ea5477ff1d9f465662c3cc44dc936599be146a81a9476

Certificate Info

IssuerGoogle Trust Services

Subjectonlyindianporn.tv

Fingerprint01:B9:96:4F:85:E9:6D:64:44:C4:16:06:C3:C8:38:46:C1:0E:A2:B4

ValidityMon, 25 Nov 2024 07:44:58 GMT - Sun, 23 Feb 2025 07:44:57 GMT

HTTP Headers

GET /000/009/9966/9966.webp HTTP/1.1
Host: cdn.onlyindianporn.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: application/octet-stream
content-length: 5448
etag: 1046cfed7e929744892aeb89dfa64c67
last-modified: Tue, 04 Oct 2022 00:11:13 GMT
x-timestamp: 1664842272.99339
x-trans-id: tx9a252db8019c4809b8841-00635167a1
x-openstack-request-id: tx9a252db8019c4809b8841-00635167a1
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=31536000
expires: Sun, 08 Dec 2024 08:43:37 GMT
x-proxy-cache: HIT
x-cdn-host-id: ds9225
cf-cache-status: HIT
age: 68433
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cMeF%2FAxB1s2NWXoFFerZRhAM7Ld6nWKiVoj7oVu6mraSA5ML62%2B0TvKvvvhSWSAiJWoRtmOUnwuWySgjX2OzWp78pOq57RxmaDEwzP%2F9JnQCj66EJDiZ62W3DPrbkxpUD36ABEK9FRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184028ea4569c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=532&min_rtt=397&rtt_var=144&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3290&recv_bytes=1189&delivery_rate=7144736&cwnd=253&unsent_bytes=0&cid=8ad188c18c261287&ts=1843&x=0"
X-Firefox-Spdy: h2

GET thumb.aporntv.com/thumbs/5/d/c/a/a/5dca7b4f1f917REAL%20INCEST%20Father%20Daughter%20Pron.mp4/5dca7b4f1f917REAL%20INCEST%20Father%20Daughter%20Pron.mp4-3.jpg

104.26.0.238

200 OK

5.7 kB

URL GET HTTPS

thumb.aporntv.com/thumbs/5/d/c/a/a/5dca7b4f1f917REAL%20INCEST%20Father%20Daughter%20Pron.mp4/5dca7b4f1f917REAL%20INCEST%20Father%20Daughter%20Pron.mp4-3.jpg

IP / ASN

104.26.0.238

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x150, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size5.7 kB (5743 bytes)

MD57f96f7b2a6f64d861445cf8982ce1992

SHA1dc86e551add384ebcdfcfc2ba40d741fb2fe7bba

SHA2563e3314be9e46b49ec4da9f5f46d316a2f948e0b430891f1b2f03025688aacbad

Certificate Info

IssuerLet's Encrypt

Subjectaporntv.com

FingerprintBB:58:9C:AA:4A:C5:8C:B8:91:78:3F:FD:BA:6C:F4:85:48:3C:BE:E6

ValiditySun, 27 Oct 2024 23:47:18 GMT - Sat, 25 Jan 2025 23:47:17 GMT

HTTP Headers

GET /thumbs/5/d/c/a/a/5dca7b4f1f917REAL%20INCEST%20Father%20Daughter%20Pron.mp4/5dca7b4f1f917REAL%20INCEST%20Father%20Daughter%20Pron.mp4-3.jpg HTTP/1.1
Host: thumb.aporntv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 5743
cache-control: public, max-age=16070400
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "5dcaa3e4-166f"
expires: Fri, 13 Dec 2024 10:04:27 GMT
last-modified: Tue, 12 Nov 2019 12:21:56 GMT
cf-cache-status: HIT
age: 63583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xrGBAziowByFPp%2BAom8YD8jdW72xYH2ReyoHATDrH2G5EXzQZtpcOnZROCcXs8AT%2FmY7EVBtEINFsAZ3oPIOFKPe5A8xcT7V7ZmVigMZF%2BhPsh9uGOzgDf0otcGeDjLnmsko"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18402b8957128-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=496&min_rtt=443&rtt_var=145&sent=5&recv=9&lost=0&retrans=0&sent_bytes=2850&recv_bytes=1267&delivery_rate=4958904&cwnd=252&unsent_bytes=0&cid=b223e68e931efcac&ts=1868&x=0"
X-Firefox-Spdy: h2

GET en.vidmo.pro/thumbs_320/1f/2d/1f2d2efec3c082f87c8469d0d03ff94a/15613584.jpg

89.248.193.244

200 OK

12 kB

URL GET HTTPS

en.vidmo.pro/thumbs_320/1f/2d/1f2d2efec3c082f87c8469d0d03ff94a/15613584.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3

First Seen2024-04-21

Last Seen2025-03-21

Times Seen38

Size12 kB (12249 bytes)

MD5f1e7cf8503aea15586eaf0be22743c7a

SHA109744c02673aac7d5891e4aa565fe121e7b52c84

SHA25690f4788de462545134f2bbf85ae3943ee7cf928b3afd4cd1a03be71eda908655

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/1f/2d/1f2d2efec3c082f87c8469d0d03ff94a/15613584.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 12249
last-modified: Sat, 24 Jun 2023 19:01:51 GMT
expires: Mon, 20 Nov 2023 19:08:17 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET thumb.aporntv.com/thumbs/5/d/e/7/c/5de7700f15bd6Real%20father%20daughter%20confirmed%20sex%20(talking).mp4/5de7700f15bd6Real%20father%20daughter%20confirmed%20sex%20(talking).mp4-3.jpg

104.26.0.238

200 OK

3.3 kB

URL GET HTTPS

thumb.aporntv.com/thumbs/5/d/e/7/c/5de7700f15bd6Real%20father%20daughter%20confirmed%20sex%20(talking).mp4/5de7700f15bd6Real%20father%20daughter%20confirmed%20sex%20(talking).mp4-3.jpg

IP / ASN

104.26.0.238

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x150, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size3.3 kB (3340 bytes)

MD54e903e5bcc3f33266cd3ef6557283f46

SHA19153d9cb4882edeef638220c68c495c8348ae462

SHA2563f2b0ee6ba99f7e91acc0b553718a99912794ac4c7ce5fe1fcec0d4975b2d6cc

Certificate Info

IssuerLet's Encrypt

Subjectaporntv.com

FingerprintBB:58:9C:AA:4A:C5:8C:B8:91:78:3F:FD:BA:6C:F4:85:48:3C:BE:E6

ValiditySun, 27 Oct 2024 23:47:18 GMT - Sat, 25 Jan 2025 23:47:17 GMT

HTTP Headers

GET /thumbs/5/d/e/7/c/5de7700f15bd6Real%20father%20daughter%20confirmed%20sex%20(talking).mp4/5de7700f15bd6Real%20father%20daughter%20confirmed%20sex%20(talking).mp4-3.jpg HTTP/1.1
Host: thumb.aporntv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 3340
cache-control: public, max-age=16070400
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "5de7c203-d0c"
expires: Fri, 13 Dec 2024 20:14:42 GMT
last-modified: Wed, 04 Dec 2019 14:26:11 GMT
cf-cache-status: HIT
age: 26968
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxunbPVY%2FbwlOsD4y3uxv9zc6DKvPYEU9qJ9ixfb6KAw1yQ4Z8ujboHGVtsKbxNHPj%2BlXO3QruMffQr7BwbRBpOVAt9xynO3u68v5gaw2OkxOcBgqfIEczWLk9iCqyQxWHkC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18402d8a17128-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2151&min_rtt=443&rtt_var=3418&sent=13&recv=11&lost=0&retrans=0&sent_bytes=9500&recv_bytes=1484&delivery_rate=4958904&cwnd=252&unsent_bytes=0&cid=b223e68e931efcac&ts=1881&x=0"
X-Firefox-Spdy: h2

GET rule34porn.net/web/21334.jpg

172.67.132.222

200 OK

44 kB

URL GET HTTPS

rule34porn.net/web/21334.jpg

IP / ASN

172.67.132.222

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.3.11], baseline, precision 8, 600x337, components 3

First Seen2024-12-07

Last Seen2024-12-13

Times Seen2

Size44 kB (44302 bytes)

MD5a55c9790451f639dd23213edde8b6541

SHA1e361b3f31902da3aca90eee4af3ac670c8040a3e

SHA256e8f024b375c7c8f6fbcd65a137e9f2ddf8375ce4ce0f46d82b88a868a718b80a

Certificate Info

IssuerGoogle Trust Services

Subjectrule34porn.net

Fingerprint14:34:D6:7B:67:DC:A2:11:E1:0E:26:AA:61:A4:35:4A:24:95:D5:FD

ValidityMon, 18 Nov 2024 05:23:48 GMT - Sun, 16 Feb 2025 05:23:47 GMT

HTTP Headers

GET /web/21334.jpg HTTP/1.1
Host: rule34porn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 44302
last-modified: Mon, 29 May 2023 10:43:07 GMT
cache-control: max-age=30d
expires: Sun, 07 Dec 2025 03:44:13 GMT
etag: "647481bb-ad0e"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HuyVT9uyKOKXY0r0VPXDByw2VlwxfKPvC2xwd7hPNwB9uR9lV7N8uj9sllNP3gOHVlsGzzpTB1ZNnfJ2wuPktN0Trh5lV80hc7zyAI0h9VC7p%2FYx3myKmlCwUpLcMGEh5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183ff3d43b4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1544&min_rtt=405&rtt_var=2244&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3203&recv_bytes=1074&delivery_rate=8134831&cwnd=254&unsent_bytes=0&cid=a09867f5e0f2ccac&ts=2616&x=0"
X-Firefox-Spdy: h2

GET static.themebuilder.aws.arc.pub/newr7/1715348366997.jpg

143.204.55.98

200 OK

39 kB

URL GET HTTPS

static.themebuilder.aws.arc.pub/newr7/1715348366997.jpg

IP / ASN

143.204.55.98

#16509 AMAZON-02

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size39 kB (38751 bytes)

MD5cdb12c881cab70a635f36bb01238804e

SHA11ee25c901cee96451df332c1b16530605d9b986d

SHA25653d3e9f01e67c3f6bbf160d9d45b990ccf0f51509819ec59ab2e1bc846c3880a

Certificate Info

IssuerAmazon

Subjectstatic.themebuilder.aws.arc.pub

Fingerprint51:E9:5A:33:A3:77:6B:41:79:C4:0C:67:16:54:4D:2C:47:F7:23:8C

ValiditySat, 08 Jun 2024 00:00:00 GMT - Sun, 06 Jul 2025 23:59:59 GMT

HTTP Headers

GET /newr7/1715348366997.jpg HTTP/1.1
Host: static.themebuilder.aws.arc.pub
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 38751
last-modified: Fri, 10 May 2024 13:39:29 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 06 Dec 2024 07:33:04 GMT
etag: "cdb12c881cab70a635f36bb01238804e"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ECWbYxzSw934uyYBWSovNUJgfkyHezHLLur7gmwidBWN8lMETlKNBA==
age: 72667
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

GET www.91rb.net/contents/videos_screenshots/55000/55943/preview.jpg

172.67.204.28

200 OK

33 kB

URL GET HTTPS

www.91rb.net/contents/videos_screenshots/55000/55943/preview.jpg

IP / ASN

172.67.204.28

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 544x960, components 3

First Seen2024-04-16

Last Seen2025-01-08

Times Seen69

Size33 kB (33358 bytes)

MD5a487958b1a6e961851419242c194898a

SHA1f1e1318b5ac386bb663c24df52f5ff9aeaa74de2

SHA256fead233729a07ca425c25be7d51b4401712cba371a1c71cd2d84b4db9fd78a41

Certificate Info

IssuerGoogle Trust Services

Subject91rb.net

FingerprintCD:09:2C:3C:7F:47:F8:71:00:9B:15:E7:D8:4F:4D:E5:D1:A1:44:D2

ValidityMon, 11 Nov 2024 09:30:39 GMT - Sun, 09 Feb 2025 09:30:38 GMT

HTTP Headers

GET /contents/videos_screenshots/55000/55943/preview.jpg HTTP/1.1
Host: www.91rb.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 33358
last-modified: Tue, 03 Nov 2020 03:15:01 GMT
etag: "5fa0cb35-824e"
expires: Sat, 07 Dec 2024 23:56:39 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 2519251
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YG4R01bbCbkfwkI%2BMZgiZ80Qy%2FRS0U522Rym4%2BAhTZ6exsOWrHtb75FQwK7lCizKuBrXRhkFV%2B%2F3NHNHiQUOVa7mPsDNNG3Nrs9fIjiCbuKv5hZBq19UpsPFaVWm9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18402fcedb4ee-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=579&min_rtt=446&rtt_var=141&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3190&recv_bytes=1068&delivery_rate=6884310&cwnd=253&unsent_bytes=0&cid=642e174419db9251&ts=1892&x=0"
X-Firefox-Spdy: h2

GET vtb.akamaized.net/image/image/396768/2019/04/14/5cb3be5bca90846a40000123/95e949c6c2514d7a919d7c3f9fa7c7eb__ER7_RE_DE_ENXURRADA_2030kbps_2019_04_14_thumb_thumb.jpg

95.101.11.74

200 OK

25 kB

URL GET HTTPS

vtb.akamaized.net/image/image/396768/2019/04/14/5cb3be5bca90846a40000123/95e949c6c2514d7a919d7c3f9fa7c7eb__ER7_RE_DE_ENXURRADA_2030kbps_2019_04_14_thumb_thumb.jpg

IP / ASN

95.101.11.74

#20940 Akamai International B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 2559x2560, segment length 16, comment: "Lavc57.64.101", baseline, precision 8, 768x432, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size25 kB (25168 bytes)

MD58671215198cbef079edafde8260a5e2a

SHA1d004719b4ccb3c8e25a28d7b973721a782e7962d

SHA2568b3db60563cc536b12feaf793c3600c611231baed4b133072455af769d4eac9c

Certificate Info

IssuerDigiCert Inc

Subjecta248.e.akamai.net

Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A

ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

HTTP Headers

GET /image/image/396768/2019/04/14/5cb3be5bca90846a40000123/95e949c6c2514d7a919d7c3f9fa7c7eb__ER7_RE_DE_ENXURRADA_2030kbps_2019_04_14_thumb_thumb.jpg HTTP/1.1
Host: vtb.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/jpeg
ETag: "8671215198cbef079edafde8260a5e2a:1555283916.331928"
Last-Modified: Sun, 14 Apr 2019 23:18:36 GMT
Server: AkamaiNetStorage
Content-Length: 25168
Cache-Control: max-age=30712137
Date: Sat, 07 Dec 2024 03:44:10 GMT
Connection: keep-alive
Akamai-Request-BC: [a=95.101.11.70,b=23095410,c=g,n=NO__OSLO,o=20940]
Akamai-Mon-Iucid-Del: 1296472
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Akamai-Cache-Status: Hit from child
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *

GET meetcdn.com/vs/58099031.jpg

104.21.48.1

200 OK

45 kB

URL GET HTTPS

meetcdn.com/vs/58099031.jpg

IP / ASN

104.21.48.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 852x480, components 3

First Seen2024-08-20

Last Seen2025-04-11

Times Seen5

Size45 kB (44590 bytes)

MD50297e3d5fef9258e642d4930a803d71c

SHA14e19c0e9b0c9be6392462c3b5198956b338985b5

SHA25688831f1541347e5099e3252312f0c8ba4e76f0299dc471bfe9ce6729e9d0e11e

Certificate Info

IssuerGoogle Trust Services

Subjectmeetcdn.com

Fingerprint08:05:21:57:DD:EE:05:FE:3A:67:C3:EC:7D:85:A5:8E:88:75:66:3D

ValidityMon, 11 Nov 2024 23:46:50 GMT - Sun, 09 Feb 2025 23:46:49 GMT

HTTP Headers

GET /vs/58099031.jpg HTTP/1.1
Host: meetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 44590
last-modified: Tue, 05 Nov 2019 00:08:04 GMT
etag: "5dc0bd64-ae2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT, HIT
cf-cache-status: HIT
age: 733918
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zyq3La2I9XJp4eQJh6hG4vncsgYi%2FbxdMMgt4uNI5g42550AKDyvGJiuOk9o2CrnVs5Bm2nWg7yAG1F7RGvDQtByBYzvF1tSJRrePvMJWUlSljD75yKx1XiZaA97BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184034ff8b4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1639&min_rtt=392&rtt_var=1987&sent=25&recv=13&lost=0&retrans=0&sent_bytes=26169&recv_bytes=1275&delivery_rate=8758064&cwnd=254&unsent_bytes=0&cid=4589b3e29d0cb4d1&ts=2778&x=0"
X-Firefox-Spdy: h2

GET www.effedupmovies.com/wp-content/uploads/2023/05/mdpope13.jpg

101.99.88.242

200 OK

14 kB

URL GET HTTPS

www.effedupmovies.com/wp-content/uploads/2023/05/mdpope13.jpg

IP / ASN

101.99.88.242

#45839 Shinjiru Technology Sdn Bhd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 270x360, components 3

First Seen2024-12-07

Last Seen2025-02-21

Times Seen2

Size14 kB (13727 bytes)

MD57518f931c134134d0edf318de9f5a1fd

SHA107ffc05eecca47c84ea8432d34e289448ecc78f3

SHA2561d36d7705b3ae42c3e70bb954ca67e3e01d3fd90d6e39c0ee563b004ffb788c4

Certificate Info

IssuerLet's Encrypt

Subjecteffedupmovies.com

Fingerprint7C:76:8E:FB:95:40:49:23:DF:F1:9B:9B:FE:6F:68:DE:CD:5E:7C:BF

ValidityTue, 05 Nov 2024 04:34:39 GMT - Mon, 03 Feb 2025 04:34:38 GMT

HTTP Headers

GET /wp-content/uploads/2023/05/mdpope13.jpg HTTP/1.1
Host: www.effedupmovies.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 13727
last-modified: Fri, 16 Feb 2024 18:30:59 GMT
etag: "65cfa9e3-359f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

GET kubrick.htvapps.com/vidthumb/aa53730a-d35f-426a-bad0-c0f2c52feda2/aa53730a-d35f-426a-bad0-c0f2c52feda2_image.jpg?crop=1.00xw:1.00xh;0,0&resize=640:*

151.101.129.114

200 OK

10 kB

URL GET HTTPS

kubrick.htvapps.com/vidthumb/aa53730a-d35f-426a-bad0-c0f2c52feda2/aa53730a-d35f-426a-bad0-c0f2c52feda2_image.jpg?crop=1.00xw:1.00xh;0,0&resize=640:*

IP / ASN

151.101.129.114

#54113 FASTLY

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3

First Seen2024-12-07

Last Seen2025-06-23

Times Seen7

Size10 kB (10178 bytes)

MD5cf535170295a568a1a98846b07b4e5c2

SHA1eecc8806aad360f0100b8db839fcb303488c0d10

SHA2564a9c83679f17d42951c7a6b4aed7ae726ea420d03137bd416d7e512e98f810c0

Certificate Info

IssuerGlobalSign nv-sa

Subject*.4029tv.com

Fingerprint74:71:E3:2A:32:E6:20:01:21:C6:A0:33:7C:5A:A7:FE:4D:D8:7A:CB

ValidityMon, 25 Nov 2024 19:58:57 GMT - Sat, 27 Dec 2025 19:58:56 GMT

HTTP Headers

GET /vidthumb/aa53730a-d35f-426a-bad0-c0f2c52feda2/aa53730a-d35f-426a-bad0-c0f2c52feda2_image.jpg?crop=1.00xw:1.00xh;0,0&resize=640:* HTTP/1.1
Host: kubrick.htvapps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: gunicorn
cache-control: max-age=31536000, stale-while-revalidate=604800
x-animated: 0
x-image-dimensions: 640:360
x-source-image-dimensions: 1280:720
x-canonical-ops: crop=1280:720;0,0&resize=640:360
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 07 Dec 2024 03:44:10 GMT
age: 3947795
x-served-by: cache-iad-kiad7000056-IAD, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 15886, 39
x-timer: S1733543051.807879,VS0,VE0
vary: Origin,Origin
content-length: 10178
X-Firefox-Spdy: h2

GET www.clporn.com/thumbs/292/677-private-periscope.jpg

172.67.222.7

200 OK

12 kB

URL GET HTTPS

www.clporn.com/thumbs/292/677-private-periscope.jpg

IP / ASN

172.67.222.7

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x208, components 3

First Seen2024-04-19

Last Seen2025-07-27

Times Seen83

Size12 kB (12500 bytes)

MD5cd63fe2e439af7dbad2469ea2f378c97

SHA165e75370f019ed6d288fb60324e2d8eee976c7af

SHA256a9bff27d02fcebe11745f34e67a848649d830150fcabf68838c14816fab48665

Certificate Info

IssuerGoogle Trust Services

Subjectclporn.com

FingerprintB6:5C:97:0A:F8:D6:AC:1A:76:B6:D7:C7:D3:68:68:39:0D:98:5C:D4

ValiditySat, 19 Oct 2024 13:15:48 GMT - Fri, 17 Jan 2025 13:15:47 GMT

HTTP Headers

GET /thumbs/292/677-private-periscope.jpg HTTP/1.1
Host: www.clporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 12500
last-modified: Tue, 06 Oct 2020 20:46:25 GMT
etag: "5f7cd7a1-30d4"
expires: Mon, 24 Nov 2025 01:30:25 GMT
cache-control: public, max-age=31536000, no-transform
x-cache-status: HIT
cf-cache-status: HIT
age: 1131225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yzm24qmD2HICdLfp%2F%2FjSKz5uIQiokWh7qLYNTB7bkCcIXoUk4PDOPF0GMzJLq0H6167%2FMHtMS03DaWdI6ziimzliiia5dxMbKPfcqmKJcDU0Ci4OudwyN4prYncxylaTcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18403988cb4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1542&min_rtt=426&rtt_var=1999&sent=26&recv=13&lost=0&retrans=1&sent_bytes=26177&recv_bytes=1184&delivery_rate=7594405&cwnd=254&unsent_bytes=0&cid=202a17d80c38f617&ts=2707&x=0"
X-Firefox-Spdy: h2

GET image.fmkorea.com/files/attach/new/20200325/486616/177783486/2844942421/4947458b31b5b6031a0745f98bce426b.gif.thumb.jpg?c=20200325214236

93.184.223.182

302 Found

0 B

URL GET HTTPS

image.fmkorea.com/files/attach/new/20200325/486616/177783486/2844942421/4947458b31b5b6031a0745f98bce426b.gif.thumb.jpg?c=20200325214236

IP / ASN

93.184.223.182

#15133 EDGECAST

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGlobalSign nv-sa

Subject*.fmkorea.com

Fingerprint43:64:F9:03:3E:53:D3:11:A8:2B:17:F3:31:4B:83:11:5E:18:E8:FE

ValidityTue, 20 Aug 2024 07:13:03 GMT - Sun, 21 Sep 2025 07:13:02 GMT

HTTP Headers

GET /files/attach/new/20200325/486616/177783486/2844942421/4947458b31b5b6031a0745f98bce426b.gif.thumb.jpg?c=20200325214236 HTTP/1.1
Host: image.fmkorea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 03:44:10 GMT
location: https://ext.fmkorea.com/files/attach/new/20200325/486616/177783486/2844942421/4947458b31b5b6031a0745f98bce426b.gif.thumb.jpg?c=20200325214236
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=415d7b58-f1a9-4aa6-9f06-7f05aeb31698&pop=ska"}]}
server: ECAcc (ska/F730)
server-timing: edgio_cache;desc=
x-edg-mr: 204:0;204:1;
x-edg-version: 217 204 221 NA 2024-09-06T05:54:14Z 2ce255c5-e6d1-44cb-834f-7c6fcaf652cd
x-request-id: 117988770817297014309524681652373865132
content-length: 0
X-Firefox-Spdy: h2

GET www.apornvideo.com/thumb/mia-khalifa-sexy-nangi.jpg

104.21.95.144

200 OK

8.3 kB

URL GET HTTPS

www.apornvideo.com/thumb/mia-khalifa-sexy-nangi.jpg

IP / ASN

104.21.95.144

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size8.3 kB (8284 bytes)

MD57328cd97657dce7de32f53af5b500e59

SHA1ec085d0afe89a60930a932866fb572bdf85cdd5c

SHA2567d2969221710d5d1f6eed98d70580ac0c38c43e519a520c5c836afe0add4d81f

Certificate Info

IssuerGoogle Trust Services

Subjectapornvideo.com

Fingerprint1C:02:02:7D:A6:88:58:BD:31:79:74:CB:B0:5F:B0:90:BB:B0:C4:59

ValidityTue, 29 Oct 2024 19:08:32 GMT - Mon, 27 Jan 2025 19:08:31 GMT

HTTP Headers

GET /thumb/mia-khalifa-sexy-nangi.jpg HTTP/1.1
Host: www.apornvideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 8284
cache-control: public, max-age=604800
expires: Tue, 10 Dec 2024 23:08:36 GMT
last-modified: Wed, 17 Jul 2024 21:09:29 GMT
cf-cache-status: HIT
age: 275734
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sEkxNOPTxQ%2F%2BiuQWz45wkwrbYz4b1IcgKKU0Bw601%2Fh56X1ziON0lRJZPFysjAXaZuu9qpMfPNNCiVBoxWa5J4roayHm%2BJjl0Tejz5WNh2pvOcr3FmGj4LipHsND0YiS4S4%2B9%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184040d2f0b45-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1177&min_rtt=469&rtt_var=1394&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3283&recv_bytes=1222&delivery_rate=7784946&cwnd=254&unsent_bytes=0&cid=8f554d697f4dd565&ts=1927&x=0"
X-Firefox-Spdy: h2

GET p21-kimg.kwai.net/kimg/EKzM1y8qmgEKAnMzEg1waG90by1vdmVyc2VhGoQBdXBpYy8yMDI0LzAxLzIyLzA5L0JNakF5TkRBeE1qSXdPVE01TkRkZk1UVXdNREF3TWpFNE16TTFNelF4WHpFMU1ERXdOVEV3TlRBeE9ETTVObDh5WHpNPV9vZmZuX0I0ZjdmNGMxNTBmZDk2MGZlMDhlODE5OWNhNGU1ZTk5Ni53ZWJw.webp

104.18.48.7

200 OK

11 kB

URL GET HTTPS

p21-kimg.kwai.net/kimg/EKzM1y8qmgEKAnMzEg1waG90by1vdmVyc2VhGoQBdXBpYy8yMDI0LzAxLzIyLzA5L0JNakF5TkRBeE1qSXdPVE01TkRkZk1UVXdNREF3TWpFNE16TTFNelF4WHpFMU1ERXdOVEV3TlRBeE9ETTVObDh5WHpNPV9vZmZuX0I0ZjdmNGMxNTBmZDk2MGZlMDhlODE5OWNhNGU1ZTk5Ni53ZWJw.webp

IP / ASN

104.18.48.7

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 322x574, Scaling: [none]x[none], YUV color, decoders should clamp

First Seen2024-06-16

Last Seen2024-12-07

Times Seen4

Size11 kB (10562 bytes)

MD5136c1f1d4265a205df8e4020c77455be

SHA112676860593bfe0f38e2b9f647408414f7436356

SHA256f4ddac48db9a698e43e2be0ce832baad442eb50b90056419cd6cd73aa38cd650

Certificate Info

IssuerGlobalSign nv-sa

Subject*.kwai.net

Fingerprint55:3D:47:75:CD:99:64:ED:1B:F0:25:7F:54:76:E2:9E:07:93:CF:62

ValidityThu, 24 Oct 2024 06:41:09 GMT - Tue, 25 Nov 2025 06:41:08 GMT

HTTP Headers

GET /kimg/EKzM1y8qmgEKAnMzEg1waG90by1vdmVyc2VhGoQBdXBpYy8yMDI0LzAxLzIyLzA5L0JNakF5TkRBeE1qSXdPVE01TkRkZk1UVXdNREF3TWpFNE16TTFNelF4WHpFMU1ERXdOVEV3TlRBeE9ETTVObDh5WHpNPV9vZmZuX0I0ZjdmNGMxNTBmZDk2MGZlMDhlODE5OWNhNGU1ZTk5Ni53ZWJw.webp HTTP/1.1
Host: p21-kimg.kwai.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/webp
content-length: 10562
cf-ray: 8ee18403e8cbabcc-CPH
cf-cache-status: HIT
accept-ranges: bytes
age: 1217913
cache-control: max-age=2592000
expires: Sun, 07 Dec 2025 03:44:10 GMT
last-modified: Wed, 20 Nov 2024 21:38:25 GMT
vary: Accept-Encoding
via: 1.1 410991d185a8360cd416b5fbcf493074.cloudfront.net (CloudFront)
krtid: gw2a9c806eb67f48469e89925eccf09bc6
x-amz-cf-id: Odm0Ws9n4NriD9hLMDMEfJ6klqBj60I-moNn1ApbFg-QZAchG-02cA==
x-amz-cf-pop: ARN53-P1
x-cache: Hit from cloudfront
access-control-allow-origin: *
x-ks-cache: HIT
x-ks-client-ip: 91.90.42.154
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET c.anhmoecdn.biz/50z26.jpeg?blur=t

104.21.59.150

200 OK

40 kB

URL GET HTTPS

c.anhmoecdn.biz/50z26.jpeg?blur=t

IP / ASN

104.21.59.150

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x1278, components 3

First Seen2024-12-06

Last Seen2025-01-02

Times Seen6

Size40 kB (39958 bytes)

MD59e47897f6484df2c32fdf3a81543c82e

SHA1e042882f94c2591b3c8ca465ebc0764bb5a268fe

SHA256377f1f3349ff6021acb9e652cfe8f44b2ffe5ef3624676a8e87b7f41dc81af20

Certificate Info

IssuerGoogle Trust Services

Subject10fd8b42.sni.cloudflaressl.com

FingerprintC2:81:4E:60:CB:C0:12:15:03:40:16:5D:44:32:96:CD:F8:F7:55:9B

ValiditySat, 09 Nov 2024 04:23:56 GMT - Fri, 07 Feb 2025 05:23:53 GMT

HTTP Headers

GET /50z26.jpeg?blur=t HTTP/1.1
Host: c.anhmoecdn.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 39958
etag: "9e47897f6484df2c32fdf3a81543c82e"
last-modified: Fri, 08 Nov 2024 06:42:04 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4006
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UvdzWoOqihwQzNdeelY%2Bf2PmtvRm1p9ANPZYXOtlbDitmfwBdl%2FW4fza3Yiw8B1iLrKux2zPpAAjxXqQEGPpHagZrWJuUVco6fhvP%2FGLNY8qW83y6sebM%2Fg%2FqfNZq9VnboE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee184041ffc569c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1229&min_rtt=452&rtt_var=1507&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3312&recv_bytes=1206&delivery_rate=6295652&cwnd=254&unsent_bytes=0&cid=bc079318054a62d8&ts=1936&x=0"
X-Firefox-Spdy: h2

GET realincestvideos.org/thumbs//970/3824942639621101970_0.jpg

172.67.128.128

200 OK

10 kB

URL GET HTTPS

realincestvideos.org/thumbs//970/3824942639621101970_0.jpg

IP / ASN

172.67.128.128

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 240x180, components 3

First Seen2024-04-21

Last Seen2025-08-03

Times Seen84

Size10 kB (10272 bytes)

MD5df9640571f32a92ca04af356412a71f4

SHA1e7426a31be23115259796c21fe764d98111f7803

SHA25663da2d279b00f8b0ab8fbdd6ba41f3e4551b3ea92ac5de759111c16cf8debfb8

Certificate Info

IssuerGoogle Trust Services

Subjectrealincestvideos.org

Fingerprint68:37:55:EF:87:96:77:E7:14:3C:29:1E:3B:A8:89:0E:16:5B:3F:95

ValidityWed, 20 Nov 2024 16:58:02 GMT - Tue, 18 Feb 2025 16:58:01 GMT

HTTP Headers

GET /thumbs//970/3824942639621101970_0.jpg HTTP/1.1
Host: realincestvideos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 10272
last-modified: Tue, 25 Feb 2020 16:27:32 GMT
etag: "5e554af4-2820"
expires: Sun, 08 Dec 2024 05:56:02 GMT
cache-control: max-age=259200
cf-cache-status: HIT
age: 164888
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D9ZCBQqswPZ7QIZO4TW4uubBW3lYOC56TG4B9XGDDxuFRe%2FDGV6F6%2Beoxn8zL59M1rATGZYyr2CKouxkY7Qj1XN%2F%2FyHEKCNhVXcPv4jZu%2F3MVi9LqkS2VmQX95f6BQqW9iHh2VYhug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18404294256a8-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1302&min_rtt=411&rtt_var=1701&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3302&recv_bytes=1228&delivery_rate=5433395&cwnd=254&unsent_bytes=0&cid=cbb01bbe03b7cdfa&ts=1947&x=0"
X-Firefox-Spdy: h2

GET pics.x-xx.pro/thumbs/124/357_shaving-in.jpg

104.21.70.153

200 OK

7.0 kB

URL GET HTTPS

pics.x-xx.pro/thumbs/124/357_shaving-in.jpg

IP / ASN

104.21.70.153

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 270x158, components 3

First Seen2024-12-07

Last Seen2025-07-31

Times Seen12

Size7.0 kB (6991 bytes)

MD5e5f4e7f3e1e745685f5233b7ef9d17e0

SHA1256ce49b9c19b546e16c4e2587bdaac0bb1c893f

SHA256635922010472b939b2f8a9193d52c443db732a88effc067481dc7685eac1a04d

Certificate Info

IssuerGoogle Trust Services

Subjectx-xx.pro

Fingerprint93:00:23:A1:EA:6A:D9:28:D1:53:2B:C7:10:A0:CD:8C:C6:49:9D:DF

ValidityTue, 19 Nov 2024 17:27:34 GMT - Mon, 17 Feb 2025 17:27:33 GMT

HTTP Headers

GET /thumbs/124/357_shaving-in.jpg HTTP/1.1
Host: pics.x-xx.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 6991
last-modified: Mon, 14 Dec 2020 11:33:57 GMT
etag: "5fd74da5-1b4f"
expires: Sun, 08 Dec 2024 01:15:15 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 527335
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fERayExoaXoXWUyfJfrh%2FuaZUoiD3fxQWumRj6MHROSFWWDwmLkR62CPlMEdQrtpZjy9eztGhqg4puRvrseNqeU5Ws7SZmi1mpYGhSOl6JXbenPihgBBzmpSyd%2B%2BVP7M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184044c1556b7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1305&min_rtt=433&rtt_var=1755&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3188&recv_bytes=1085&delivery_rate=7051948&cwnd=254&unsent_bytes=0&cid=14ba7564a749d4e2&ts=1952&x=0"
X-Firefox-Spdy: h2

GET sycdn.ddljsytt.com/upload/vod/20210420-1/e1a66426bac27d1d5b9c5fa7ddae90bc.jpg

104.26.15.52

200 OK

18 kB

URL GET HTTPS

sycdn.ddljsytt.com/upload/vod/20210420-1/e1a66426bac27d1d5b9c5fa7ddae90bc.jpg

IP / ASN

104.26.15.52

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.105.100", baseline, precision 8, 634x352, components 3

First Seen2024-12-07

Last Seen2025-07-22

Times Seen3

Size18 kB (18148 bytes)

MD556c6f4f98be3a902fa7f37674a9edfd5

SHA16a5a15d4f45aaf6685e6444c3cf6a87986775322

SHA25640faab9ca6e47175644ce4db2f569db05938c70d5c804f58b0e9a9c95e47d8a1

Certificate Info

IssuerGoogle Trust Services

Subjectddljsytt.com

FingerprintC1:27:50:F9:50:E5:8B:80:04:66:A2:62:5C:9E:E2:42:27:60:AE:BD

ValidityTue, 22 Oct 2024 05:02:56 GMT - Mon, 20 Jan 2025 05:02:55 GMT

HTTP Headers

GET /upload/vod/20210420-1/e1a66426bac27d1d5b9c5fa7ddae90bc.jpg HTTP/1.1
Host: sycdn.ddljsytt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 18148
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "607dac8c-46e4"
expires: Tue, 10 Dec 2024 13:41:15 GMT
last-modified: Mon, 19 Apr 2021 16:15:08 GMT
strict-transport-security: max-age=31536000
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 2296974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pScdmnCROD%2BUE6RffEEOYzBDGS7WMiCy3IPtAPvmhWgcfEyBa9t3A%2FTWJaOagarCxZvTWly%2BWZQCoEMd7%2F%2FGbFLoMwLLNCJbGHo%2FFl03hPjpoeJQYDZUL2bnPJFSN3%2BKOa8OSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18404685c56b9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1123&min_rtt=419&rtt_var=1376&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1239&delivery_rate=7841155&cwnd=254&unsent_bytes=0&cid=05a9c5eb89b00aeb&ts=1965&x=0"
X-Firefox-Spdy: h2

GET icdn05.boy18tube.com/63035/3151703_5.jpg

45.133.44.6

200 OK

14 kB

URL GET HTTPS

icdn05.boy18tube.com/63035/3151703_5.jpg

IP / ASN

45.133.44.6

#39572 DataWeb Global Group B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, components 3

First Seen2024-12-07

Last Seen2025-07-10

Times Seen5

Size14 kB (13490 bytes)

MD526d9f547cba17e17ebc04e7683277789

SHA13e6aa6f7cbbd92a92d5e483b44e11415ff11e80e

SHA25670f7fcad6da718f4649fbeefe08fd31b17a2cf6e749a88a9867dac436d62ef18

Certificate Info

IssuerLet's Encrypt

Subjecticdn05.boy18tube.com

FingerprintCF:16:D1:D9:48:22:DB:42:79:71:37:E8:9A:04:AE:50:33:7A:A1:5F

ValidityMon, 04 Nov 2024 03:03:32 GMT - Sun, 02 Feb 2025 03:03:31 GMT

HTTP Headers

GET /63035/3151703_5.jpg HTTP/1.1
Host: icdn05.boy18tube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 13490
server: nginx/1.24.0
x-object-meta-mtime: 1601443437.504234834
etag: 26d9f547cba17e17ebc04e7683277789
last-modified: Sun, 11 Sep 2022 07:59:38 GMT
x-timestamp: 1662883177.48153
x-trans-id: txaf7026e9fcad4142ac32e-0066f39743
x-openstack-request-id: txaf7026e9fcad4142ac32e-0066f39743
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=2592000
expires: Mon, 06 Jan 2025 03:44:10 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
x-cdn-host-id: ds8139,ds9225
accept-ranges: bytes
X-Firefox-Spdy: h2

GET porno-incest.tv/video/2019/jan/28.webp

185.162.11.82

200 OK

20 kB

URL GET HTTPS

porno-incest.tv/video/2019/jan/28.webp

IP / ASN

185.162.11.82

#207728 EUROHOSTER Ltd.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeRIFF (little-endian) data, Web/P image

First Seen2024-05-08

Last Seen2025-08-03

Times Seen11

Size20 kB (20328 bytes)

MD5812e96f6c469e12e5a4faae4010891d0

SHA1c744e8c918e4c9094b037cf701e98972fe3f01d4

SHA256d79d60b9c7e09d5803b9bfb9b6afa11ce7331d8ae867acce7a8f1484e0a2c893

Certificate Info

IssuerLet's Encrypt

Subjectporno-incest.tv

Fingerprint41:18:95:E9:74:97:78:68:04:30:E9:93:B9:E6:DA:0B:79:70:7C:BF

ValidityWed, 30 Oct 2024 00:22:51 GMT - Tue, 28 Jan 2025 00:22:50 GMT

HTTP Headers

GET /video/2019/jan/28.webp HTTP/1.1
Host: porno-incest.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Dec 2024 03:44:10 GMT
Content-Length: 20328
Connection: keep-alive
Last-Modified: Wed, 11 Mar 2020 09:33:46 GMT
ETag: "4f68-5a090eed8865d"
Accept-Ranges: bytes
Cache-Control: max-age=9720000

GET stickamvids.net/photos/2020/03/11158_0_300.jpg

80.92.205.167

200 OK

7.3 kB

URL GET HTTPS

stickamvids.net/photos/2020/03/11158_0_300.jpg

IP / ASN

80.92.205.167

#44477 Stark Industries Solutions Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size7.3 kB (7256 bytes)

MD5dfbd173d436de6fca939a89824cba4d9

SHA1e8f1b95fc49046cb04ae2b7af550c9b9f5b45cbf

SHA25691132d2f438c5f96688a06d98ff473d7e00b67de5a424bfa0628805578138a86

Certificate Info

IssuerLet's Encrypt

Subjectstickamvids.net

Fingerprint15:D4:79:CE:92:44:E7:77:D4:AA:72:8F:2D:95:B9:CD:49:27:9C:31

ValidityMon, 25 Nov 2024 00:23:03 GMT - Sun, 23 Feb 2025 00:23:02 GMT

HTTP Headers

GET /photos/2020/03/11158_0_300.jpg HTTP/1.1
Host: stickamvids.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 07 Dec 2024 03:44:10 GMT
Content-Type: image/jpeg
Content-Length: 7256
Last-Modified: Wed, 14 Feb 2024 13:08:40 GMT
Connection: keep-alive
ETag: "65ccbb58-1c58"
Expires: Sun, 08 Dec 2024 03:44:10 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

GET cdn.hotscope.tv/files/thumbnail/capture(1507).jpg

51.83.238.19

200 OK

6.5 kB

URL GET HTTPS

cdn.hotscope.tv/files/thumbnail/capture(1507).jpg

IP / ASN

51.83.238.19

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 300x361, segment length 16, comment: "Lavc57.93.100", baseline, precision 8, 180x250, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size6.5 kB (6479 bytes)

MD5e0cf5c713a7944b8137eb572e45a714e

SHA1a21a8e33b5aa4b33b0d30d90e8856d596a2d3a4e

SHA256b7676d8a012fba33984560f64292d4a75bf436de902f5a9ab248c0ce2cb47901

Certificate Info

IssuerLet's Encrypt

Subjecthotscope.tv

Fingerprint7C:51:3C:FB:53:1A:AC:73:83:A1:10:42:39:83:6F:B8:73:84:1E:9E

ValidityTue, 08 Oct 2024 04:25:27 GMT - Mon, 06 Jan 2025 04:25:26 GMT

HTTP Headers

GET /files/thumbnail/capture(1507).jpg HTTP/1.1
Host: cdn.hotscope.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:11 GMT
Content-Type: image/jpeg
Content-Length: 6479
Last-Modified: Tue, 09 May 2017 18:12:01 GMT
Connection: keep-alive
ETag: "59120671-194f"
Expires: Sun, 07 Dec 2025 03:44:11 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

GET www.coolsexnew.com/images/29157973-secret-african-sex-rituals.jpg

104.21.233.126

200 OK

5.1 kB

URL GET HTTPS

www.coolsexnew.com/images/29157973-secret-african-sex-rituals.jpg

IP / ASN

104.21.233.126

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size5.1 kB (5054 bytes)

MD5149669236cc0599891afeb15d18dd791

SHA1ed45104824096f1282033cb0599670d91cfdee47

SHA2560457565e1ba8e6802936233ff675d9087b0f1466cdd3454b41621ab4391ebd38

Certificate Info

IssuerGoogle Trust Services

Subjectcoolsexnew.com

FingerprintE9:CD:2C:35:B1:5F:42:9A:75:15:3D:B1:A8:03:0B:C6:A2:A2:E3:46

ValidityFri, 22 Nov 2024 14:14:34 GMT - Thu, 20 Feb 2025 14:14:33 GMT

HTTP Headers

GET /images/29157973-secret-african-sex-rituals.jpg HTTP/1.1
Host: www.coolsexnew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: image/jpeg
content-length: 5054
last-modified: Sun, 25 Dec 2022 14:57:00 GMT
etag: "63a864bc-13be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1102
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JpV%2BSJ%2Bpub%2BWlGm%2Bq93n%2BJRnFWQHmXjDdb%2FahUxdpYSLoemVtHVv%2BrtpJSfeFTwUG2KR1kqH6%2FiAChSeyVvj%2Bmfnw7d53izXHwffKb0EaPIRo5AwAN6wJxuT0XLBOdonnVipLK0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184052ed0942d-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20156&min_rtt=20137&rtt_var=4260&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3280&recv_bytes=1200&delivery_rate=215380&cwnd=33&unsent_bytes=0&cid=083dd6a0dad94562&ts=1932&x=0"
X-Firefox-Spdy: h2

GET 1top.club/uploads/posts/2023-07/9373-309937-3774-999.jpg

54.38.205.67

200 OK

39 kB

URL GET HTTPS

1top.club/uploads/posts/2023-07/9373-309937-3774-999.jpg

IP / ASN

54.38.205.67

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3

First Seen2024-12-07

Last Seen2025-07-17

Times Seen4

Size39 kB (38660 bytes)

MD5076b127f0e89e60bfa59f52ce95d52f3

SHA1c8fa41f674d6f7f2cdf57e541e12f04266e8476f

SHA25631bb16ecc98512dbd0054dcb0cb492f0957de1a46f0cd4ad75230b56a2f0b926

Certificate Info

IssuerLet's Encrypt

Subject1top.club

Fingerprint2D:0D:62:96:B1:54:D5:4A:B1:48:52:37:53:AD:27:77:25:69:79:2D

ValiditySun, 20 Oct 2024 10:12:25 GMT - Sat, 18 Jan 2025 10:12:24 GMT

HTTP Headers

GET /uploads/posts/2023-07/9373-309937-3774-999.jpg HTTP/1.1
Host: 1top.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
content-length: 38660
last-modified: Mon, 17 Jul 2023 12:04:53 GMT
etag: "64b52e65-9704"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

GET rolotube.com/images/

104.21.233.145

403 Forbidden

603 B

URL GET HTTPS

rolotube.com/images/

IP / ASN

104.21.233.145

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-05

Last Seen2025-08-06

Times Seen3312

Size603 B (603 bytes)

MD58b181bb6767bc5795dcf17341a387e5b

SHA1b5e2a9fb1f8a4aad3c7127c769af4c780b47bef4

SHA25632cbc376cd769a26d108ae31678f975b863b7066e110c59d9a212c7281bd8c81

Certificate Info

IssuerGoogle Trust Services

Subjectrolotube.com

FingerprintC8:07:CC:8B:E0:0F:95:7B:5F:75:38:C9:01:14:10:AF:A0:EC:99:2D

ValidityMon, 28 Oct 2024 05:14:50 GMT - Sun, 26 Jan 2025 05:14:49 GMT

HTTP Headers

GET /images/ HTTP/1.1
Host: rolotube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: text/html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UTgw79cbDJTyeKuajzV7JdyJUkLvNmLf1uiQM3tO1MbXaSkjFf6ElEccYQ%2FMzygQQAuS%2BiJq5p%2BPYxqHsn4x0RC9ijcU1f7tX2dw5Qk0ZbEtTvifuw%2BWx9jI0Ibx84o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee18404983dbd7c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=18925&min_rtt=18858&rtt_var=3058&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3198&recv_bytes=1068&delivery_rate=228259&cwnd=34&unsent_bytes=0&cid=b15625063cfcd67b&ts=1920&x=0"
X-Firefox-Spdy: h2

GET www.youxvids.com/thumbs/her-narrow-pink-slit.jpg

104.21.234.160

403 Forbidden

2.4 kB

URL GET HTTPS

www.youxvids.com/thumbs/her-narrow-pink-slit.jpg

IP / ASN

104.21.234.160

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with very long lines (501)

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size2.4 kB (2367 bytes)

MD52cbd7e444d9d1e849b42c8387a160611

SHA1d5b259614a7d48b0a399f56e99abcd9b1c404266

SHA25625fe7b70d540ef62fb593d63b5251a7dc70657519e87a465e9925f3f5adc330a

Certificate Info

IssuerGoogle Trust Services

Subjectyouxvids.com

FingerprintFD:3B:5D:E9:11:BE:BB:B6:E7:73:59:82:58:04:CE:E9:00:7D:11:27

ValidityWed, 30 Oct 2024 20:04:46 GMT - Tue, 28 Jan 2025 20:04:45 GMT

HTTP Headers

GET /thumbs/her-narrow-pink-slit.jpg HTTP/1.1
Host: www.youxvids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dhwn7YM%2FO0BJ23WttpsoFomDIxCLVDSwNQ3GsdVtgQfOn9NU%2BKBvsESng2bKYySLY3nB3loGdU154zXVxw2zN7N2Yg4RblYsMMRWEEA%2BVtja8w3iaz06%2FYCDa8vHre3rcan8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee18404df746343-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17519&min_rtt=17498&rtt_var=3726&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3275&recv_bytes=1188&delivery_rate=247070&cwnd=38&unsent_bytes=0&cid=c6c9b1833b5ec929&ts=1911&x=0"
X-Firefox-Spdy: h2

GET img.qianju.cc/upload/vod/20230127-2/51b2cfb45ffb7b248f621446fff404fc.jpg

49.12.170.211

404 Not Found

146 B

URL GET HTTPS

img.qianju.cc/upload/vod/20230127-2/51b2cfb45ffb7b248f621446fff404fc.jpg

IP / ASN

49.12.170.211

#24940 Hetzner Online GmbH

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-06

Times Seen212621

Size146 B (146 bytes)

MD58eec510e57f5f732fd2cce73df7b73ef

SHA13c0af39ecb3753c5fee3b53d063c7286019eac3b

SHA25655f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Certificate Info

IssuerLet's Encrypt

Subjectimg.qianju.cc

Fingerprint17:AD:52:9A:CB:A4:28:F7:DA:91:9F:F9:6D:D1:AB:F3:D0:82:2E:EF

ValiditySat, 21 Sep 2024 09:59:02 GMT - Fri, 20 Dec 2024 09:59:01 GMT

HTTP Headers

GET /upload/vod/20230127-2/51b2cfb45ffb7b248f621446fff404fc.jpg HTTP/1.1
Host: img.qianju.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 07 Dec 2024 03:44:10 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

GET cdn2-thumbs.worldsex.com/4/e/8/6/c/4e86c847924fe/4e86c847924fe.flv-4-240x135.jpg

64.210.135.115

200 OK

7.2 kB

URL GET HTTPS

cdn2-thumbs.worldsex.com/4/e/8/6/c/4e86c847924fe/4e86c847924fe.flv-4-240x135.jpg

IP / ASN

64.210.135.115

#30361 SWIFTWILL2

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 240x135, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size7.2 kB (7242 bytes)

MD50405329d96c4884eba04d1eb949315a7

SHA1abc0a98ddffdb4135df72b66bf6204cf9afa5778

SHA2568c14f656c3635f34ebb97065ff9410cdd34eb9b7c92b15b8638f26ac5cb1ece1

Certificate Info

IssuerLet's Encrypt

Subjectworldsex.com

FingerprintC9:54:97:D6:1E:9C:39:F7:9E:95:40:EC:33:D5:AF:75:82:2E:91:C0

ValidityFri, 06 Dec 2024 02:52:50 GMT - Thu, 06 Mar 2025 02:52:49 GMT

HTTP Headers

GET /4/e/8/6/c/4e86c847924fe/4e86c847924fe.flv-4-240x135.jpg HTTP/1.1
Host: cdn2-thumbs.worldsex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: image/jpeg
content-length: 7242
last-modified: Thu, 07 Jan 2016 12:53:24 GMT
etag: "1c54-528bdf4c47900-gzip"
cache-control: max-age=1814400
expires: Tue, 25 Jun 2024 13:12:50 GMT
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6141-3-5557-h-0-0---;6141-234-99889----0-0-1
X-Firefox-Spdy: h2

GET img.qianju.cc/upload/vod/20220821-1/aff1bacf4359201a362e4f955db32d94.jpg

49.12.170.211

404 Not Found

146 B

URL GET HTTPS

img.qianju.cc/upload/vod/20220821-1/aff1bacf4359201a362e4f955db32d94.jpg

IP / ASN

49.12.170.211

#24940 Hetzner Online GmbH

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-06

Times Seen212621

Size146 B (146 bytes)

MD58eec510e57f5f732fd2cce73df7b73ef

SHA13c0af39ecb3753c5fee3b53d063c7286019eac3b

SHA25655f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Certificate Info

IssuerLet's Encrypt

Subjectimg.qianju.cc

Fingerprint17:AD:52:9A:CB:A4:28:F7:DA:91:9F:F9:6D:D1:AB:F3:D0:82:2E:EF

ValiditySat, 21 Sep 2024 09:59:02 GMT - Fri, 20 Dec 2024 09:59:01 GMT

HTTP Headers

GET /upload/vod/20220821-1/aff1bacf4359201a362e4f955db32d94.jpg HTTP/1.1
Host: img.qianju.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 07 Dec 2024 03:44:10 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

GET javp1.cc/https://jpgjingpinx.com/upload/vod/20240111-1/cf1a7921438d2d3a5b121ce02ee32f12.jpg

172.67.162.226

404 Not Found

2.2 kB

URL GET HTTPS

javp1.cc/https://jpgjingpinx.com/upload/vod/20240111-1/cf1a7921438d2d3a5b121ce02ee32f12.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text

First Seen2024-07-17

Last Seen2025-02-14

Times Seen40

Size2.2 kB (2232 bytes)

MD58b84299af6ecfda46caeec465e583926

SHA10c754ab8a0ab65b10030e7b7d5a67495ad6adc99

SHA2563890dbe7bb19792178e8f1fe940d43831ac81925f5e9276b687d7faa2e8a3c8d

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /https://jpgjingpinx.com/upload/vod/20240111-1/cf1a7921438d2d3a5b121ce02ee32f12.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAoCrN4TqxNkvIXLnhfnheXCEPD%2FqiVRHRbqUDe%2BQx7TTD5xkKX%2Fw%2BpCcNYQ1RPtPx2pdMYN%2FOVZUnJuoRyPOeZQ0jMPiFH3YCFh6VHje%2B26swu5X95bEZjnzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183fffc2e5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1569&min_rtt=429&rtt_var=2055&sent=22&recv=26&lost=0&retrans=1&sent_bytes=12915&recv_bytes=1677&delivery_rate=8074349&cwnd=254&unsent_bytes=0&cid=40ea2862d3916f43&ts=2966&x=0"
X-Firefox-Spdy: h2

GET javp1.cc/https://img.caoliuzywimg.com:188/20230220/EnEqwnDJ/1.jpg

172.67.162.226

404 Not Found

2.2 kB

URL GET HTTPS

javp1.cc/https://img.caoliuzywimg.com:188/20230220/EnEqwnDJ/1.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text

First Seen2024-07-17

Last Seen2025-02-14

Times Seen40

Size2.2 kB (2232 bytes)

MD58b84299af6ecfda46caeec465e583926

SHA10c754ab8a0ab65b10030e7b7d5a67495ad6adc99

SHA2563890dbe7bb19792178e8f1fe940d43831ac81925f5e9276b687d7faa2e8a3c8d

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /https://img.caoliuzywimg.com:188/20230220/EnEqwnDJ/1.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8GFc%2Bp6bTjqj3uMVoDnokiUmkgroVKAmpLM0KKlOS8butln607qvAoNYpopGst1g%2BttuD7sGNP%2BndtPFhyIkugpIJLSjg%2F%2Bq0g4vtIlv9%2BKJY%2F%2BzLO9LqQuqXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee184019d2a5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=979&min_rtt=404&rtt_var=424&sent=32&recv=37&lost=0&retrans=1&sent_bytes=19805&recv_bytes=1893&delivery_rate=8901639&cwnd=254&unsent_bytes=0&cid=40ea2862d3916f43&ts=3567&x=0"
X-Firefox-Spdy: h2

GET www.po-kaki-to.com/wp-content/uploads/2024/01/1704259728.jpg

104.21.233.244

200 OK

54 kB

URL GET HTTPS

www.po-kaki-to.com/wp-content/uploads/2024/01/1704259728.jpg

IP / ASN

104.21.233.244

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 47x47, segment length 16, progressive, precision 8, 650x534, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size54 kB (53743 bytes)

MD597c1c28bfb5ee222ab5395c428d6b20a

SHA1572addc881066477dd7fad7fb7e665b0cc3f045d

SHA256c35155ba1220675289859bb188047f6c9ab0d80d8e8bba59a9f8865ceb3cbafa

Certificate Info

IssuerGoogle Trust Services

Subjectpo-kaki-to.com

Fingerprint75:1E:31:F5:6F:AF:87:77:F8:D5:B8:F7:B2:CB:BB:FE:2F:C4:9D:1C

ValiditySat, 19 Oct 2024 18:28:50 GMT - Fri, 17 Jan 2025 18:28:49 GMT

HTTP Headers

GET /wp-content/uploads/2024/01/1704259728.jpg HTTP/1.1
Host: www.po-kaki-to.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: image/jpeg
content-length: 53743
last-modified: Wed, 03 Jan 2024 05:28:48 GMT
etag: "6594f090-d1ef"
expires: Tue, 17 Dec 2024 23:54:18 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4247393
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kfPH%2FTnXVOxkmEoC1DZGt%2BInNqkqaPgyfoemvR%2FHFVdTnuNx28775%2B6M3PbMX4%2FX%2FpKHXfqiFYV%2B0lXAVcNFwV0%2FIpd%2BR197EpTxP8aasWK2iku7HJB06yvEOP1ovUFFqk%2BTtsc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184064f58417c-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=18788&min_rtt=18767&rtt_var=3994&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3207&recv_bytes=1066&delivery_rate=230377&cwnd=33&unsent_bytes=0&cid=4718cf23a7e65971&ts=2108&x=0"
X-Firefox-Spdy: h2

GET img.siwazywimg2.com:5278/cvguochanzipai/wQV9RNyH/2.png

208.64.218.245

200 OK

381 kB

URL GET HTTPS

img.siwazywimg2.com:5278/cvguochanzipai/wQV9RNyH/2.png

IP / ASN

208.64.218.245

#6939 HURRICANE

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 698 x 394, 8-bit/color RGB, non-interlaced

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size381 kB (381122 bytes)

MD574a8a7e056b744c47269156dd1628c2e

SHA1e6d37d488374690b690ac27d268873e42782aca2

SHA256ef51caaed3a8ae50b65d37a80521a0434c033abf39a0fac207fecc7df373bfca

Certificate Info

IssuerSectigo Limited

Subjectimg.siwazywimg2.com

Fingerprint78:64:EE:FD:DE:BE:D8:29:2C:C8:57:FD:EE:29:09:92:7F:C2:BB:4B

ValiditySun, 19 May 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT

HTTP Headers

GET /cvguochanzipai/wQV9RNyH/2.png HTTP/1.1
Host: img.siwazywimg2.com:5278
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/png
content-length: 381122
last-modified: Tue, 11 Oct 2022 01:20:02 GMT
etag: "6344c4c2-5d0c2"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET emb4.youngtube.one/top-videos/8b/9d/1497189740.05329.jpg?e=4843653839&hash=VnepYjxtOtp82J5o6H5S_w

213.174.142.70

200 OK

13 kB

URL GET HTTPS

emb4.youngtube.one/top-videos/8b/9d/1497189740.05329.jpg?e=4843653839&hash=VnepYjxtOtp82J5o6H5S_w

IP / ASN

213.174.142.70

#39572 DataWeb Global Group B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1281x1280, segment length 16, comment: "Lavc54.92.100", baseline, precision 8, 640x360, components 3

First Seen2024-12-07

Last Seen2025-07-26

Times Seen18

Size13 kB (13067 bytes)

MD587d2396b9e8c586940bc391e89c82f46

SHA18c44fd4a12a16648d0f82b7d564b7e37363d5576

SHA2567610e7b398186b8d75b795832b473789394726fd862244733acf6a1250c8b179

Certificate Info

IssuerLet's Encrypt

Subjectemb4.youngtube.one

Fingerprint1D:9B:8B:91:D3:AC:79:B4:BE:9C:37:51:68:FE:7E:0C:DF:9D:31:E0

ValiditySat, 12 Oct 2024 23:10:08 GMT - Fri, 10 Jan 2025 23:10:07 GMT

HTTP Headers

GET /top-videos/8b/9d/1497189740.05329.jpg?e=4843653839&hash=VnepYjxtOtp82J5o6H5S_w HTTP/1.1
Host: emb4.youngtube.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: image/jpeg
content-length: 13067
last-modified: Sun, 11 Jun 2017 14:02:20 GMT
expires: Mon, 06 Jan 2025 03:44:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=15768000; includeSubDomains
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
x-robots-tag: none
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

104.18.187.31

200 OK

66 kB

URL GET HTTPS

cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

IP / ASN

104.18.187.31

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (659)

First Seen2024-12-05

Last Seen2024-12-21

Times Seen35

Size66 kB (65829 bytes)

MD5a53fd1c25bdcc991151d6896c68df2ee

SHA17f9795055441c5c2c2a0023b2139fea43bf94e8e

SHA256e94c365917b5b18aa3e8771d2f165c3b5b3f8079bc30172117e196f4724113f3

Certificate Info

IssuerSectigo Limited

Subject*.jsdelivr.net

Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE

ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

HTTP Headers

GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 65829
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.352.0
x-jsd-version-type: version
etag: W/"29fd1-f5eVBVRBxcLCoAI7ITn+pDv5To4"
content-encoding: br
x-served-by: cache-fra-eddf8230153-FRA, cache-lga21936-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 33437
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElmPEArq%2BNw1TCHjmnuCx3gSuychC3xOHVp1ZLMGbPGHrVuHL5nxY0nDSvxD%2BVDFDQfgxXdfAJN%2BTO12IGl%2BJ4n%2FtIINMjBpv%2BNDu1%2F5mw6echz4oHBjFndBuyaWjUjIy0Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee184075ea8568a-OSL
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js

104.17.24.14

200 OK

4.0 kB

URL GET HTTPS

cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js

IP / ASN

104.17.24.14

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJavaScript source, ASCII text, with very long lines (10613)

First Seen2023-03-07

Last Seen2025-08-05

Times Seen1678

Size4.0 kB (3953 bytes)

MD5ea77f824de2ef57acb12e7cb6596365e

SHA110bad0dbdf30a0471c2c786b349daeb1dd19180e

SHA2562b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c

Certificate Info

IssuerGoogle Trust Services

Subjectcdnjs.cloudflare.com

Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02

ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

HTTP Headers

GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 704051
expires: Thu, 27 Nov 2025 03:44:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nORBwCqBQh0Uq93GK%2Bic5mUnoqop%2Fu8m%2FRMBw1iaqhxxo3T2UhPaiscKtjWBFzTtOrV6koSVrORkfVxjvrXMT4UI7hnnJ%2B0ey%2F0UADYeBArJf%2BikYXqbchEUwmK6I4xasSmo84Cv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8ee184078d66b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn5-thumbs.motherlessmedia.com/thumbs/C832C93.jpg

185.107.92.224

200 OK

24 kB

URL GET HTTPS

cdn5-thumbs.motherlessmedia.com/thumbs/C832C93.jpg

IP / ASN

185.107.92.224

#43350 NForce Entertainment B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 1125x1124, segment length 16, baseline, precision 8, 640x480, components 3

First Seen2024-04-30

Last Seen2025-07-31

Times Seen26

Size24 kB (24003 bytes)

MD5f4c748a63b3d3496d428e02fee300e7d

SHA12f9b6d391212a384d98f29808874a5cc4198952c

SHA2566da55624af8ddf3fb59bed446a673bebc3a472a6374f400454d094260f983418

Certificate Info

IssuerGoGetSSL

Subject*.motherlessmedia.com

Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8

ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT

HTTP Headers

GET /thumbs/C832C93.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: image/jpeg
content-length: 24003
last-modified: Sat, 06 Oct 2018 22:39:43 GMT
etag: "1e9e72a13-5dc3-57797107128db"
expires: Tue, 08 Apr 2025 09:36:23 GMT
cache-control: max-age=10598303
x-cache: HIT
x-whom: cdn01
accept-ranges: bytes

GET cdn5-thumbs.motherlessmedia.com/thumbs/CA9CAC2.jpg

185.107.92.224

200 OK

36 kB

URL GET HTTPS

cdn5-thumbs.motherlessmedia.com/thumbs/CA9CAC2.jpg

IP / ASN

185.107.92.224

#43350 NForce Entertainment B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 32x27, segment length 16, baseline, precision 8, 640x480, components 3

First Seen2024-04-30

Last Seen2025-06-02

Times Seen7

Size36 kB (36504 bytes)

MD59e58b52c4ba37e60fb418816303fe476

SHA109bfb97e16880fdd640f85bc79720a1ae24fe909

SHA256b235dce0ef0020dc2473bf1489bc23b9097f23df680dd21af517079c10e02666

Certificate Info

IssuerGoGetSSL

Subject*.motherlessmedia.com

Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8

ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT

HTTP Headers

GET /thumbs/CA9CAC2.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: image/jpeg
content-length: 36504
last-modified: Sun, 07 Oct 2018 00:00:22 GMT
etag: "1eb02bd7b-8e98-5779830e41154"
expires: Thu, 03 Apr 2025 22:28:38 GMT
cache-control: max-age=10379546
x-cache: HIT
x-whom: cdn05
accept-ranges: bytes

GET dojki.biz/screen/!Podrugi_bez_kompleksov_masturbiruyut_dlya_parny!.mp4.jpg

207.180.194.251

200 OK

43 kB

URL GET HTTPS

dojki.biz/screen/!Podrugi_bez_kompleksov_masturbiruyut_dlya_parny!.mp4.jpg

IP / ASN

207.180.194.251

#51167 Contabo GmbH

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 608x1080, components 3

First Seen2024-12-07

Last Seen2025-07-31

Times Seen9

Size43 kB (43246 bytes)

MD59c1569a6835ed44424ae908ca82b1603

SHA1a9997267e872a63d5e44b6ae261f6c568b2bddd4

SHA256cc75d70e2a49bf7ff9b9842395210097b9a0e020d21ee2e281abd933a8d33f61

Certificate Info

IssuerLet's Encrypt

Subjectdojki.biz

Fingerprint0E:96:24:5C:0E:26:4A:29:16:86:F4:3A:D5:B1:75:EF:6A:7C:9A:C0

ValiditySun, 01 Dec 2024 05:02:36 GMT - Sat, 01 Mar 2025 05:02:35 GMT

HTTP Headers

GET /screen/!Podrugi_bez_kompleksov_masturbiruyut_dlya_parny!.mp4.jpg HTTP/1.1
Host: dojki.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Dec 2024 03:44:11 GMT
Content-Type: image/jpeg
Content-Length: 43246
Last-Modified: Sat, 21 May 2022 08:48:21 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6288a755-a8ee"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

GET cdn.hotscope.tv/files/thumbnail/size_thumb_RFWTnD_er0.jpg

51.83.238.19

200 OK

9.1 kB

URL GET HTTPS

cdn.hotscope.tv/files/thumbnail/size_thumb_RFWTnD_er0.jpg

IP / ASN

51.83.238.19

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 270x375, components 3

First Seen2024-12-07

Last Seen2024-12-24

Times Seen3

Size9.1 kB (9056 bytes)

MD5f247d1c9c2f556c60ec415b9b404bd5a

SHA17d6be3a1515192abfad724d64726054860a424e7

SHA2568a136eb9f4c10db64308ffcd8869a404e84e7f02d6c941661799018cf62034a0

Certificate Info

IssuerLet's Encrypt

Subjecthotscope.tv

Fingerprint7C:51:3C:FB:53:1A:AC:73:83:A1:10:42:39:83:6F:B8:73:84:1E:9E

ValidityTue, 08 Oct 2024 04:25:27 GMT - Mon, 06 Jan 2025 04:25:26 GMT

HTTP Headers

GET /files/thumbnail/size_thumb_RFWTnD_er0.jpg HTTP/1.1
Host: cdn.hotscope.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:11 GMT
Content-Type: image/jpeg
Content-Length: 9056
Last-Modified: Fri, 03 Feb 2023 17:21:29 GMT
Connection: keep-alive
ETag: "63dd4299-2360"
Expires: Sun, 07 Dec 2025 03:44:11 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

GET cdn.hotscope.tv/files/thumbnail/size_thumb_S0DOQ8S9qt.jpg

51.83.238.19

200 OK

11 kB

URL GET HTTPS

cdn.hotscope.tv/files/thumbnail/size_thumb_S0DOQ8S9qt.jpg

IP / ASN

51.83.238.19

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 270x375, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size11 kB (10891 bytes)

MD51765c23da5e998beabc0d03725411168

SHA12f36b38a78aa8d0a78063dd6bfafe1e775c70152

SHA2569810babcedd91d553f75e170e41dcce04298653c0ae114c74502bd81ebe1d7c3

Certificate Info

IssuerLet's Encrypt

Subjecthotscope.tv

Fingerprint7C:51:3C:FB:53:1A:AC:73:83:A1:10:42:39:83:6F:B8:73:84:1E:9E

ValidityTue, 08 Oct 2024 04:25:27 GMT - Mon, 06 Jan 2025 04:25:26 GMT

HTTP Headers

GET /files/thumbnail/size_thumb_S0DOQ8S9qt.jpg HTTP/1.1
Host: cdn.hotscope.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:11 GMT
Content-Type: image/jpeg
Content-Length: 10891
Last-Modified: Tue, 25 Jul 2023 09:09:14 GMT
Connection: keep-alive
ETag: "64bf913a-2a8b"
Expires: Sun, 07 Dec 2025 03:44:11 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

GET 22554.2514june2024.com/4/js/239376

88.208.22.2

200 OK

6.6 kB

URL GET HTTPS

22554.2514june2024.com/4/js/239376

IP / ASN

88.208.22.2

#39572 DataWeb Global Group B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJavaScript source, ASCII text, with very long lines (16646), with no line terminators

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size6.6 kB (6566 bytes)

MD57f21d4f4ef9900e357aa1ffb49cf71a4

SHA1d10a1a2b168d3a3600fc67d2f9a5e72bf99645f6

SHA256fcc07c8021ac4d2a87c108632a95edace4b621ec6a9a77b3593e47e465f736f8

Certificate Info

IssuerLet's Encrypt

Subject*.2514june2024.com

Fingerprint45:A8:51:66:72:9C:9A:4F:3A:8F:D9:39:12:AC:17:CE:BA:2C:5F:02

ValidityTue, 12 Nov 2024 22:49:45 GMT - Mon, 10 Feb 2025 22:49:44 GMT

HTTP Headers

GET /4/js/239376 HTTP/1.1
Host: 22554.2514june2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6566
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2

GET cdn.hotscope.tv/files/thumbnail/size_thumb_DE7Ls4qqjZ.jpg

51.83.238.19

200 OK

8.9 kB

URL GET HTTPS

cdn.hotscope.tv/files/thumbnail/size_thumb_DE7Ls4qqjZ.jpg

IP / ASN

51.83.238.19

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, baseline, precision 8, 270x375, components 3

First Seen2024-12-07

Last Seen2024-12-10

Times Seen3

Size8.9 kB (8886 bytes)

MD5d99d5777fd50849db0463a50c8d90e54

SHA1ba07be8a4df3f87cef89896f802dda4011098669

SHA2568b7c0163ba3b2ba52efe2ec5f3ad1f267f946a405b7f6fccd974d8b11e12d9c3

Certificate Info

IssuerLet's Encrypt

Subjecthotscope.tv

Fingerprint7C:51:3C:FB:53:1A:AC:73:83:A1:10:42:39:83:6F:B8:73:84:1E:9E

ValidityTue, 08 Oct 2024 04:25:27 GMT - Mon, 06 Jan 2025 04:25:26 GMT

HTTP Headers

GET /files/thumbnail/size_thumb_DE7Ls4qqjZ.jpg HTTP/1.1
Host: cdn.hotscope.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:11 GMT
Content-Type: image/jpeg
Content-Length: 8886
Last-Modified: Thu, 01 Jul 2021 07:13:46 GMT
Connection: keep-alive
ETag: "60dd6b2a-22b6"
Expires: Sun, 07 Dec 2025 03:44:11 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

GET stickamvids.net/photos/2017/07/9611_0_300.jpg

80.92.205.167

200 OK

6.3 kB

URL GET HTTPS

stickamvids.net/photos/2017/07/9611_0_300.jpg

IP / ASN

80.92.205.167

#44477 Stark Industries Solutions Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

First Seen2024-12-07

Last Seen2025-05-26

Times Seen2

Size6.3 kB (6310 bytes)

MD55b738ab3d6a57e1e0f4dc30ecc2b6b2c

SHA1379d7ae6dd7314f4f40cd59d97d7a52bfc43b8eb

SHA25620801aed69b8a69f0a2ca89048ba4762662b1d0ab4fef0f504a3f2efb408a02c

Certificate Info

IssuerLet's Encrypt

Subjectstickamvids.net

Fingerprint15:D4:79:CE:92:44:E7:77:D4:AA:72:8F:2D:95:B9:CD:49:27:9C:31

ValidityMon, 25 Nov 2024 00:23:03 GMT - Sun, 23 Feb 2025 00:23:02 GMT

HTTP Headers

GET /photos/2017/07/9611_0_300.jpg HTTP/1.1
Host: stickamvids.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 07 Dec 2024 03:44:11 GMT
Content-Type: image/jpeg
Content-Length: 6310
Last-Modified: Wed, 14 Feb 2024 13:08:39 GMT
Connection: keep-alive
ETag: "65ccbb57-18a6"
Expires: Sun, 08 Dec 2024 03:44:11 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

GET cdn.hotscope.tv/files/thumbnail/capture(1571).jpg

51.83.238.19

200 OK

6.0 kB

URL GET HTTPS

cdn.hotscope.tv/files/thumbnail/capture(1571).jpg

IP / ASN

51.83.238.19

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 760x909, segment length 16, comment: "Lavc57.93.100", baseline, precision 8, 180x250, components 3

First Seen2024-12-06

Last Seen2024-12-10

Times Seen4

Size6.0 kB (6045 bytes)

MD5a3e46faf0e75b3ac629754e0980023b4

SHA1c3d734d59140ca233f3c3d28402625856f4297f2

SHA256a1dc247d6ccf104b3f35b52a2dcc040528a0526fe922655c8de55ba87297b3b6

Certificate Info

IssuerLet's Encrypt

Subjecthotscope.tv

Fingerprint7C:51:3C:FB:53:1A:AC:73:83:A1:10:42:39:83:6F:B8:73:84:1E:9E

ValidityTue, 08 Oct 2024 04:25:27 GMT - Mon, 06 Jan 2025 04:25:26 GMT

HTTP Headers

GET /files/thumbnail/capture(1571).jpg HTTP/1.1
Host: cdn.hotscope.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:11 GMT
Content-Type: image/jpeg
Content-Length: 6045
Last-Modified: Thu, 18 May 2017 19:58:53 GMT
Connection: keep-alive
ETag: "591dfcfd-179d"
Expires: Sun, 07 Dec 2025 03:44:11 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

GET jpgjingpinx.com/upload/vod/20240229-1/abb31dd818c20bb6f75f254bc19942b8.jpg

192.74.233.14

200 OK

6.3 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240229-1/abb31dd818c20bb6f75f254bc19942b8.jpg

IP / ASN

192.74.233.14

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3

First Seen2024-12-07

Last Seen2024-12-24

Times Seen2

Size6.3 kB (6263 bytes)

MD57ab4c3abfaf986c3f25b78d9879d0fd4

SHA119da5e35fb2844d004dad8f5b57114b78b7286ee

SHA256d8ccbce122d1ef1a61a36947034f3f42e50bb1f1f6152c8f73edd428494c8ed3

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240229-1/abb31dd818c20bb6f75f254bc19942b8.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 6263
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:51:49 GMT
Etag: "65e02844-1877"
Expires: Sat, 16 Nov 2024 20:51:49 GMT
Last-Modified: Thu, 17 Oct 2024 20:51:49 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET img.imghuo.cfd/sp/media/videos/tmb/1401/20.jpg

104.194.8.69

200 OK

12 kB

URL GET HTTPS

img.imghuo.cfd/sp/media/videos/tmb/1401/20.jpg

IP / ASN

104.194.8.69

#23470 RELIABLESITE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 384x214, components 3

First Seen2024-04-19

Last Seen2025-01-18

Times Seen44

Size12 kB (11583 bytes)

MD50f396cda91f399f9e6cfb68f715f5935

SHA1dc026f425c7e807632f077c5f0c828677743b45f

SHA2564094fe592d48531fe85da809bd51814844447cd2c32802ba7f1c75e728202e5f

Certificate Info

IssuerLet's Encrypt

Subjectimg.imghuo.cfd

FingerprintCD:0D:3F:39:0E:A2:7D:BC:65:F9:05:9C:44:26:2F:27:C5:6A:63:80

ValidityWed, 30 Oct 2024 19:10:23 GMT - Tue, 28 Jan 2025 19:10:22 GMT

HTTP Headers

GET /sp/media/videos/tmb/1401/20.jpg HTTP/1.1
Host: img.imghuo.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 03:44:11 GMT
etag: "2d3f-65fec916-d8790e;;;"
last-modified: Sat, 23 Mar 2024 12:20:38 GMT
content-type: image/jpeg
content-length: 11583
accept-ranges: bytes
date: Sat, 07 Dec 2024 03:44:11 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=UA-620120-3

142.250.74.168

200 OK

77 kB

URL GET HTTPS

www.googletagmanager.com/gtag/js?id=UA-620120-3

IP / ASN

142.250.74.168

#15169 GOOGLE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJavaScript source, ASCII text, with very long lines (2310)

First Seen2024-12-07

Last Seen2024-12-07

Times Seen2

Size77 kB (77380 bytes)

MD5687268cc90e4e9e3ca8617e6703ae25d

SHA14c649c062a3d2db1343c74065be29d3386fdb408

SHA2560ab53c71fe113ff78c6f83f0540b4e75c9ff017aba107f387cf9c618b432b0c3

Certificate Info

IssuerGoogle Trust Services

Subject*.google-analytics.com

Fingerprint8F:6D:67:20:75:1C:E2:F2:C3:65:DF:AC:EA:22:D8:AD:ED:0A:08:BA

ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

HTTP Headers

GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 07 Dec 2024 03:44:11 GMT
expires: Sat, 07 Dec 2024 03:44:11 GMT
cache-control: private, max-age=900
last-modified: Sat, 07 Dec 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 77380
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET jpgjingpinx.com/upload/vod/20240116-1/a20b9b0755c8f282b4e609d546b398b5.jpg

192.74.233.14

200 OK

125 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240116-1/a20b9b0755c8f282b4e609d546b398b5.jpg

IP / ASN

192.74.233.14

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 718 x 404, 8-bit colormap, non-interlaced

First Seen2024-08-19

Last Seen2024-12-08

Times Seen3

Size125 kB (125355 bytes)

MD56d5a35a0f300768779e897b10840fd8e

SHA1f1fa757eb297d0671337f3dacfbe70c67756efa8

SHA256d1c8b0c62b72c02913ac4b8fd9c0535a41840d89962bf0e514c704f2b45f0687

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240116-1/a20b9b0755c8f282b4e609d546b398b5.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 125355
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:08:32 GMT
Etag: "65a61680-1e9ab"
Expires: Sat, 16 Nov 2024 20:08:32 GMT
Last-Modified: Thu, 17 Oct 2024 20:08:32 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.106

200 OK

30 kB

URL GET HTTPS

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

IP / ASN

142.250.74.106

#15169 GOOGLE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65451)

First Seen2023-03-07

Last Seen2025-08-06

Times Seen67885

Size30 kB (30399 bytes)

MD5a09e13ee94d51c524b7e2a728c7d4039

SHA10dc32db4aa9c5f03f3b38c47d883dbd4fed13aae

SHA256160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Certificate Info

IssuerGoogle Trust Services

Subjectupload.video.google.com

FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05

ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Dec 2024 10:41:50 GMT
expires: Sat, 06 Dec 2025 10:41:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 61341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET img.imghuo.cfd/yq2/media/videos/tmb/000/000/404/5.jpg

104.194.8.69

200 OK

9.1 kB

URL GET HTTPS

img.imghuo.cfd/yq2/media/videos/tmb/000/000/404/5.jpg

IP / ASN

104.194.8.69

#23470 RELIABLESITE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3

First Seen2024-04-18

Last Seen2025-08-05

Times Seen154

Size9.1 kB (9090 bytes)

MD5b4e30eabf04502ebd9c1187dc20da82b

SHA15c8585c69c4a8a142d13c9faa0b86100a8e1304c

SHA2566b7499b69f0e8dbf1fae5dd8f5fa11552fe4d6ad417fdefd19b051af52b92f9e

Certificate Info

IssuerLet's Encrypt

Subjectimg.imghuo.cfd

FingerprintCD:0D:3F:39:0E:A2:7D:BC:65:F9:05:9C:44:26:2F:27:C5:6A:63:80

ValidityWed, 30 Oct 2024 19:10:23 GMT - Tue, 28 Jan 2025 19:10:22 GMT

HTTP Headers

GET /yq2/media/videos/tmb/000/000/404/5.jpg HTTP/1.1
Host: img.imghuo.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 03:44:11 GMT
etag: "2382-65fec93c-dc3a15;;;"
last-modified: Sat, 23 Mar 2024 12:21:16 GMT
content-type: image/jpeg
content-length: 9090
accept-ranges: bytes
date: Sat, 07 Dec 2024 03:44:11 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

GET cav102.com/contents/videos_screenshots/6000/6862/preview.jpg

45.145.72.132

200 OK

110 kB

URL GET HTTPS

cav102.com/contents/videos_screenshots/6000/6862/preview.jpg

IP / ASN

45.145.72.132

#201106 Spartan Host Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 720x1280, components 3

First Seen2024-12-07

Last Seen2025-08-02

Times Seen8

Size110 kB (110070 bytes)

MD559bf4e13e51f2209523c78a13be94890

SHA197a3e796b34b21080e90f96b951da9699ad37c66

SHA2564fc4290a3d44b89b4d1bc7ad1a9c930c0d68f547332dc77fad74bdd9974fd45b

Certificate Info

IssuerLet's Encrypt

Subjectcav101.xyz

FingerprintC5:DE:81:32:93:3C:C1:E0:12:46:6F:EF:42:A9:89:7B:6B:B7:E6:77

ValidityFri, 18 Oct 2024 12:44:11 GMT - Thu, 16 Jan 2025 12:44:10 GMT

HTTP Headers

GET /contents/videos_screenshots/6000/6862/preview.jpg HTTP/1.1
Host: cav102.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: image/jpeg
content-length: 110070
last-modified: Sat, 24 Sep 2022 09:15:04 GMT
etag: "632eca98-1adf6"
expires: Sat, 07 Dec 2024 03:45:11 GMT
cache-control: max-age=60
strict-transport-security: max-age=31536000
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET jpgjingpinx.com/upload/vod/20240107-1/d13835bed5694bca2c9069625bcfca17.jpg

192.74.233.14

200 OK

170 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240107-1/d13835bed5694bca2c9069625bcfca17.jpg

IP / ASN

192.74.233.14

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3

First Seen2024-12-07

Last Seen2024-12-08

Times Seen2

Size170 kB (170197 bytes)

MD5a4878235c7193c509bc465118b2bd292

SHA12850094765b04c19a5ecd8b2a100a1c669ebf93a

SHA256aabd0a13d787b8dff76660f92ce8ef8e01791eb375ebba63159df8025b5f470d

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240107-1/d13835bed5694bca2c9069625bcfca17.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 170197
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:38:37 GMT
Etag: "659a3bd8-298d5"
Expires: Sat, 16 Nov 2024 20:38:37 GMT
Last-Modified: Thu, 17 Oct 2024 20:38:37 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET jpgjingpinx.com/upload/vod/20240107-1/8605211c3be7f2750d12445adf9379d5.jpg

137.175.7.66

200 OK

121 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240107-1/8605211c3be7f2750d12445adf9379d5.jpg

IP / ASN

137.175.7.66

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 718x404, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size121 kB (120681 bytes)

MD5737a88318ad47ad5ca411c488bab35f8

SHA1d689e778237517ba72aa155ab0327c0537bc7db9

SHA256124e5cb2fa550e2b8cf6f37a0700133ce92ed0ae93ee7929db3a1dc281bdf160

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240107-1/8605211c3be7f2750d12445adf9379d5.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 120681
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:27:31 GMT
Etag: "659a3c10-1d769"
Expires: Sat, 16 Nov 2024 20:27:31 GMT
Last-Modified: Thu, 17 Oct 2024 20:27:31 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET jpgjingpinx.com/upload/vod/20240113-1/b74bc1a22001c986a43addfb2ff80d0d.jpg

137.175.7.66

200 OK

102 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240113-1/b74bc1a22001c986a43addfb2ff80d0d.jpg

IP / ASN

137.175.7.66

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 718 x 404, 8-bit colormap, non-interlaced

First Seen2024-11-18

Last Seen2024-12-10

Times Seen5

Size102 kB (102225 bytes)

MD5999d97548e05c4d42c74218686b5d153

SHA14181644bce8a469a0c61716fa64bf62b3076919a

SHA256983df15a20e9bf279506796bb4f8be150d7dcde67ad1a3061c36e7ff0d70f0a2

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240113-1/b74bc1a22001c986a43addfb2ff80d0d.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 102225
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:26:36 GMT
Etag: "65a223b8-18f51"
Expires: Sat, 16 Nov 2024 20:26:36 GMT
Last-Modified: Thu, 17 Oct 2024 20:26:36 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET jpgjingpinx.com/upload/vod/20240111-1/13f144cbddf50d9a777a94bcf717bc7b.jpg

192.74.233.14

200 OK

154 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240111-1/13f144cbddf50d9a777a94bcf717bc7b.jpg

IP / ASN

192.74.233.14

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x720, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size154 kB (153573 bytes)

MD5ab622ef37192a8123b64ebed65d4cd7d

SHA184119905347f6974f553d7f9a502f441c9cc0c8a

SHA256ffe62324b966338b28c9640eed8083a5dc3df5f8578f535936c1d59bdbf5c59f

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240111-1/13f144cbddf50d9a777a94bcf717bc7b.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 153573
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:27:16 GMT
Etag: "659fffa8-257e5"
Expires: Sat, 16 Nov 2024 20:27:16 GMT
Last-Modified: Thu, 17 Oct 2024 20:27:16 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET jpgjingpinx.com/upload/vod/20240531-1/b1b6ed91ea6bcaa5d892bd5a4c90900d.jpg

192.74.233.14

200 OK

140 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240531-1/b1b6ed91ea6bcaa5d892bd5a4c90900d.jpg

IP / ASN

192.74.233.14

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 718 x 404, 8-bit colormap, non-interlaced

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size140 kB (139947 bytes)

MD5c85c190bca7f7f675cb1f057d4ffd3de

SHA1f5b9f2a9f680d69aa0b023f82b3ad6676c2892ac

SHA2563ce6c0d1448782cd6a3016a3a071c666ea1a8d5306f6855e0ce8e473f80b042f

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240531-1/b1b6ed91ea6bcaa5d892bd5a4c90900d.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 139947
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 21:09:04 GMT
Etag: "6658ba2f-222ab"
Expires: Sat, 16 Nov 2024 21:09:04 GMT
Last-Modified: Thu, 17 Oct 2024 21:09:04 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET cav102.com/contents/videos_screenshots/7000/7268/preview.jpg

45.145.72.132

200 OK

104 kB

URL GET HTTPS

cav102.com/contents/videos_screenshots/7000/7268/preview.jpg

IP / ASN

45.145.72.132

#201106 Spartan Host Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 720x1280, components 3

First Seen2024-12-07

Last Seen2025-08-05

Times Seen32

Size104 kB (104073 bytes)

MD59b893f32567e852fb3a1fcdfb881926f

SHA1797d89c6b0af79d9c4682b004be77e4296d7d77e

SHA256d6bfa10297c9b6c29bdf28822a7bbbacd737b9d19a307577672ce9c697c77cd3

Certificate Info

IssuerLet's Encrypt

Subjectcav101.xyz

FingerprintC5:DE:81:32:93:3C:C1:E0:12:46:6F:EF:42:A9:89:7B:6B:B7:E6:77

ValidityFri, 18 Oct 2024 12:44:11 GMT - Thu, 16 Jan 2025 12:44:10 GMT

HTTP Headers

GET /contents/videos_screenshots/7000/7268/preview.jpg HTTP/1.1
Host: cav102.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: image/jpeg
content-length: 104073
last-modified: Sun, 25 Sep 2022 19:00:11 GMT
etag: "6330a53b-19689"
expires: Sat, 07 Dec 2024 03:45:11 GMT
cache-control: max-age=60
strict-transport-security: max-age=31536000
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cav105.com/contents/videos_screenshots/6000/6857/preview.jpg

45.145.72.132

200 OK

86 kB

URL GET HTTPS

cav105.com/contents/videos_screenshots/6000/6857/preview.jpg

IP / ASN

45.145.72.132

#201106 Spartan Host Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 720x1280, components 3

First Seen2024-04-24

Last Seen2025-07-25

Times Seen19

Size86 kB (86314 bytes)

MD56ca964852b4a4837d0db1b710da4f99c

SHA151edf0f3694b857b4ff45fff3e1f75c693c7365c

SHA25647009292c0635b1829fc1cea67993ccdb54e790855c7dcf949130ebc7bde47e2

Certificate Info

IssuerLet's Encrypt

Subjectcav101.xyz

FingerprintC5:DE:81:32:93:3C:C1:E0:12:46:6F:EF:42:A9:89:7B:6B:B7:E6:77

ValidityFri, 18 Oct 2024 12:44:11 GMT - Thu, 16 Jan 2025 12:44:10 GMT

HTTP Headers

GET /contents/videos_screenshots/6000/6857/preview.jpg HTTP/1.1
Host: cav105.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: image/jpeg
content-length: 86314
last-modified: Sat, 24 Sep 2022 09:10:11 GMT
etag: "632ec973-1512a"
expires: Sat, 07 Dec 2024 03:45:11 GMT
cache-control: max-age=60
strict-transport-security: max-age=31536000
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.blacktowhite.net/data/xfmg/thumbnail/572/572200-0c9948d0508ff2f2bcacaa5cc07e535e.jpg?1663526270

192.243.63.82

200 OK

94 kB

URL GET HTTPS

www.blacktowhite.net/data/xfmg/thumbnail/572/572200-0c9948d0508ff2f2bcacaa5cc07e535e.jpg?1663526270

IP / ASN

192.243.63.82

#39572 DataWeb Global Group B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced

First Seen2024-12-07

Last Seen2025-06-09

Times Seen2

Size94 kB (94154 bytes)

MD5dbcc8044ef7e584ab41886b97e4fb471

SHA1767fae5fe8f556c639fcb5b4620ee49b85f22153

SHA2566eec07691d85dff66c2411078cf5d273254815bcac5ea46b552af64dc45a85a1

Certificate Info

IssuerSectigo Limited

Subjectblacktowhite.net

Fingerprint43:8E:56:BC:18:82:17:A1:A7:61:36:29:5B:13:66:73:A2:9A:A6:77

ValidityFri, 28 Jun 2024 00:00:00 GMT - Tue, 29 Jul 2025 23:59:59 GMT

HTTP Headers

GET /data/xfmg/thumbnail/572/572200-0c9948d0508ff2f2bcacaa5cc07e535e.jpg?1663526270 HTTP/1.1
Host: www.blacktowhite.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.17.6
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: image/jpeg
content-length: 94154
last-modified: Sun, 18 Sep 2022 18:39:51 GMT
etag: "632765f7-16fca"
expires: Sat, 21 Dec 2024 03:44:11 GMT
cache-control: max-age=1209600
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fmtu.sltusl.com/upload/vod/20220903-4/2abaaf538c764b213354fc9dd08e848f.jpg

156.238.196.42

404 Not Found

3 B

URL GET HTTPS

fmtu.sltusl.com/upload/vod/20220903-4/2abaaf538c764b213354fc9dd08e848f.jpg

IP / ASN

156.238.196.42

#50183 CenturyNetworks Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeASCII text, with no line terminators

First Seen2023-03-14

Last Seen2025-08-05

Times Seen1970

Size3 B (3 bytes)

MD54f4adcbf8c6f66dcfc8a3282ac2bf10a

SHA1c35a9fc52bb556c79f8fa540df587a2bf465b940

SHA2566b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Certificate Info

IssuerLet's Encrypt

Subjectfmtu.sltusl.com

Fingerprint84:47:16:D7:FF:68:5E:D4:AC:99:BC:D4:35:B4:39:BC:E4:E5:8B:C7

ValidityFri, 13 Sep 2024 04:54:10 GMT - Thu, 12 Dec 2024 04:54:09 GMT

HTTP Headers

GET /upload/vod/20220903-4/2abaaf538c764b213354fc9dd08e848f.jpg HTTP/1.1
Host: fmtu.sltusl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
content-length: 3
date: Sat, 07 Dec 2024 03:44:12 GMT
X-Firefox-Spdy: h2

GET jpgjingpinx.com/upload/vod/20240106-1/665ba5eb7ea08278cd01372e611dccb2.jpg

137.175.7.66

200 OK

144 kB

URL GET HTTPS

jpgjingpinx.com/upload/vod/20240106-1/665ba5eb7ea08278cd01372e611dccb2.jpg

IP / ASN

137.175.7.66

#54600 PEG-SV

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 718x404, components 3

First Seen2024-10-19

Last Seen2024-12-07

Times Seen2

Size144 kB (144498 bytes)

MD55a191124a176c18ae7428ce19d8db28b

SHA14125003fec3e4616cee314fcf862109e5de64596

SHA2565e7300eabd6e224e267c79bf3ef2315054837dabbefc5d6827ad2b1aeb894f24

Certificate Info

IssuerGoGetSSL

Subjectjpgjingpinx.com

Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC

ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT

HTTP Headers

GET /upload/vod/20240106-1/665ba5eb7ea08278cd01372e611dccb2.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 144498
Content-Type: image/jpeg
Date: Thu, 17 Oct 2024 20:24:04 GMT
Etag: "6599b084-23472"
Expires: Sat, 16 Nov 2024 20:24:04 GMT
Last-Modified: Thu, 17 Oct 2024 20:24:04 GMT
Server: openresty
X-Cache: HIT, policy, disk

GET av.tub4us.top/2

104.21.60.213

200 OK

32 kB

URL GET HTTPS

av.tub4us.top/2

IP / ASN

104.21.60.213

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text, with very long lines (50091), with CRLF line terminators

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size32 kB (32208 bytes)

MD5a583e04ac381e24c627275cbb67fc073

SHA1cae8f1c8eeeb1d33157f6c9213aa089bab2b42fa

SHA25602490008c8a80fdb446facee12544aac9671f525d46744bc3d1d3d174a87f166

Certificate Info

IssuerGoogle Trust Services

Subjecttub4us.top

FingerprintDD:79:1A:1D:57:11:E8:11:7E:2E:78:0F:D2:DE:CB:A4:11:08:BB:6F

ValidityTue, 05 Nov 2024 23:03:19 GMT - Mon, 03 Feb 2025 23:03:18 GMT

HTTP Headers

GET /2 HTTP/1.1
Host: av.tub4us.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av.tub4us.top/
DNT: 1
Connection: keep-alive
Cookie: cnt=0; lctcfck=NO; _ym_uid=1733543052825791113; _ym_d=1733543052
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=UTF-8
pdojs-line8: host-av.tub4us.top4.194.8.20-myhost-av.tub4us.top38.220.248/2
phost: av.tub4us.top
pdojs-line354: notjp--myhost-av.tub4us.top-filteron-
line1430: notjp--myhost-av.tub4us.top-filteron-/2
line1433: notjp--myhost-av.tub4us.top-filteron-
line1741: notjp-/2-myhost-av.tub4us.top-filteron-
line1865: 
line1900: -
xline: 1965host-186060
pdojs-line1976: ibig--chname--filteron--txtlang-Array
cache-control: public, max-age=14400
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
x-proxy-cache-192g-la: EXPIRED
xkey-192la: av./2-A-av.tub4us.top-av.tub4us.top-cacpdo2---yes
x-proxy-cache-g-la: HIT
xkey-g-la: av./2-A-av.tub4us.top--my_zone
cf-cache-status: HIT
age: 9
last-modified: Sat, 07 Dec 2024 03:44:03 GMT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qo7pToAE0EiBNOGEdR1ulWtkVr%2Fin23JVGjHcrYgJM%2BD1YpXqUgmz%2Bndjqw09WJhJbocOlp8hIrSEQ%2BT8Lw3JS1v9FFHwy%2B3NnNULUbZ57jIE1SR%2FdIf20IjNo83VC3%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1840b5f5356b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4534&min_rtt=4455&rtt_var=1828&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4153&recv_bytes=1210&delivery_rate=116458&cwnd=12000&unsent_bytes=0&cid=d0a60debfaa58bf6&ts=5545&x=1", cfExtPri, cfHdrFlush;dur=0

GET fixedjs.jtube.top/?vidjs=51qxezx

188.114.96.1

200 OK

18 kB

URL GET HTTPS

fixedjs.jtube.top/?vidjs=51qxezx

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (752), with CRLF line terminators

First Seen2024-11-18

Last Seen2025-01-18

Times Seen76

Size18 kB (17974 bytes)

MD566a4f53558c776b531d3414e0e3b83e9

SHA10b85a23cc2355af62658e331fecb082208e95af3

SHA2568e0e7cc3fad729d92bb78d94819e820a34998b9c15b5814068ecf5e2968c4a3a

Certificate Info

IssuerGoogle Trust Services

Subjectjtube.top

Fingerprint9D:F7:B8:3A:A8:13:38:DE:74:BF:77:4B:F4:4E:53:42:62:EE:F4:9B

ValidityTue, 05 Nov 2024 14:16:24 GMT - Mon, 03 Feb 2025 14:16:23 GMT

HTTP Headers

GET /?vidjs=51qxezx HTTP/1.1
Host: fixedjs.jtube.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: text/html; charset=UTF-8
pdo-line12: host-fixedjs.jtube.top4.194.8.20-myhost-58.222.234/?vidjs=51qxezx
phost: 
pdo-line55: host-fixedjs.jtube.top4.194.8.20-myhost-58.222.234/?vidjs=51qxezx
cache-control: public, max-age=172800
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: HIT
age: 167701
last-modified: Thu, 05 Dec 2024 05:09:08 GMT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1rt3Vj8R2IuTC2U4Y1TMbMcVtIbTK%2FEhG2qw1LAG%2FfzM2JDKFX5RLNKeWbhwhWSeQs%2BO0lm56QP2GqIU5Y%2F6KzHAyfwpahBCAv%2FXCWwfq1J31hU8%2FGNyK74Lp4M61VAyDNqyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183f93b6db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38526&min_rtt=20636&rtt_var=20517&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4082&recv_bytes=1173&delivery_rate=28783&cwnd=12000&unsent_bytes=0&cid=b900333d6d8b3389&ts=2143&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.youhu.com/img/videos_screenshots/165000/165987/preview.jpg

15.197.148.33

200 OK

114 B

URL GET HTTPS

www.youhu.com/img/videos_screenshots/165000/165987/preview.jpg

IP / ASN

15.197.148.33

#16509 AMAZON-02

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with no line terminators

First Seen2024-03-15

Last Seen2025-08-06

Times Seen24865

Size114 B (114 bytes)

MD5e89f75f918dbdcee28604d4e09dd71d7

SHA1f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

SHA2566dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

Certificate Info

IssuerGoDaddy.com, Inc.

Subjectwww.youhu.com

Fingerprint9B:DC:E7:AE:64:4C:75:7D:AB:D3:A5:BB:6D:A3:4E:C4:63:12:B4:31

ValiditySun, 08 Sep 2024 17:51:50 GMT - Mon, 08 Sep 2025 17:51:50 GMT

HTTP Headers

GET /img/videos_screenshots/165000/165987/preview.jpg HTTP/1.1
Host: www.youhu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 114
date: Sat, 07 Dec 2024 03:44:12 GMT
X-Firefox-Spdy: h2

GET image.baophapluat.vn/1200x630/Uploaded/2024/abhuhuo/2020_07_25/tinbai_00002024_still001_CAAN.jpg

222.255.114.107

200 OK

115 kB

URL GET HTTPS

image.baophapluat.vn/1200x630/Uploaded/2024/abhuhuo/2020_07_25/tinbai_00002024_still001_CAAN.jpg

IP / ASN

222.255.114.107

#45899 VNPT Corp

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x630, components 3

First Seen2024-12-07

Last Seen2025-06-21

Times Seen3

Size115 kB (114999 bytes)

MD5b12d2793d3a974332e345c73af8dd714

SHA156bd6f1f97a0eaa314a829d692a06cc311b54680

SHA25688884718bda7ec08bb8d75e6cecb79691a7002968147ec2cd4f40dbabad7826a

Certificate Info

IssuerGlobalSign nv-sa

Subject*.baophapluat.vn

Fingerprint63:B7:51:19:63:64:32:81:39:A2:94:F5:84:BC:47:E8:8A:86:E1:2E

ValidityWed, 18 Sep 2024 08:37:00 GMT - Mon, 20 Oct 2025 08:36:59 GMT

HTTP Headers

GET /1200x630/Uploaded/2024/abhuhuo/2020_07_25/tinbai_00002024_still001_CAAN.jpg HTTP/1.1
Host: image.baophapluat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
server: Universe
cache-control: max-age=7776000,no-transform
expires: Fri, 07 Mar 2025 03:44:11 GMT
date: Sat, 07 Dec 2024 03:44:11 GMT
last-modified: Sat, 07 Dec 2024 03:44:11 GMT
content-length: 114999
content-type: image/jpeg
X-Firefox-Spdy: h2

GET img.qianju.cc/upload/vod/20220821-1/aff1bacf4359201a362e4f955db32d94.jpg

49.12.170.211

404 Not Found

146 B

URL GET HTTPS

img.qianju.cc/upload/vod/20220821-1/aff1bacf4359201a362e4f955db32d94.jpg

IP / ASN

49.12.170.211

#24940 Hetzner Online GmbH

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-06

Times Seen212621

Size146 B (146 bytes)

MD58eec510e57f5f732fd2cce73df7b73ef

SHA13c0af39ecb3753c5fee3b53d063c7286019eac3b

SHA25655f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Certificate Info

IssuerLet's Encrypt

Subjectimg.qianju.cc

Fingerprint17:AD:52:9A:CB:A4:28:F7:DA:91:9F:F9:6D:D1:AB:F3:D0:82:2E:EF

ValiditySat, 21 Sep 2024 09:59:02 GMT - Fri, 20 Dec 2024 09:59:01 GMT

HTTP Headers

GET /upload/vod/20220821-1/aff1bacf4359201a362e4f955db32d94.jpg HTTP/1.1
Host: img.qianju.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 07 Dec 2024 03:44:11 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

GET javp1.cc/https://img.caoliuzywimg.com:188/20230228/p5cvlXp0/1.jpg

172.67.162.226

404 Not Found

1.9 kB

URL GET HTTPS

javp1.cc/https://img.caoliuzywimg.com:188/20230228/p5cvlXp0/1.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text

First Seen2024-07-17

Last Seen2025-02-14

Times Seen40

Size1.9 kB (1874 bytes)

MD58b84299af6ecfda46caeec465e583926

SHA10c754ab8a0ab65b10030e7b7d5a67495ad6adc99

SHA2563890dbe7bb19792178e8f1fe940d43831ac81925f5e9276b687d7faa2e8a3c8d

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /https://img.caoliuzywimg.com:188/20230228/p5cvlXp0/1.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 152
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUUGUDJIZUVYZSfTXtunp75cd%2FK9Cd5Okbft6haWTYIw%2BOllGxkOAklG2mOTqkjecxFSJpYqWKReYh4ZwV2EMuRTnsdQ4fOTKi6XHdqWWaGcNEVWYXcNsEZYzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1840d7b23b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11289&min_rtt=7049&rtt_var=6743&sent=56&recv=70&lost=0&retrans=0&sent_bytes=6407&recv_bytes=4699&delivery_rate=25338&cwnd=12000&unsent_bytes=0&cid=5322974bcf27bca7&ts=2813&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.pornbf.mobi/media/videos/10000/1000/www-xvideos-tamil-sex-com.jpg

104.21.96.1

200 OK

12 kB

URL GET HTTPS

www.pornbf.mobi/media/videos/10000/1000/www-xvideos-tamil-sex-com.jpg

IP / ASN

104.21.96.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", progressive, precision 8, 350x200, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size12 kB (11674 bytes)

MD502d031974eacef49242c611d6312b50a

SHA12db63fd2492d0399e50b969882f379304f9338a4

SHA256bd992448fc0adcfceb420e8ca29be27b673fc8c90201dbbb81afe80182f9bf52

Certificate Info

IssuerGoogle Trust Services

Subjectpornbf.mobi

FingerprintC7:47:78:67:8C:9B:79:84:60:01:48:9F:68:2C:C0:2A:67:D6:B4:0F

ValidityTue, 12 Nov 2024 11:17:40 GMT - Mon, 10 Feb 2025 11:17:39 GMT

HTTP Headers

GET /media/videos/10000/1000/www-xvideos-tamil-sex-com.jpg HTTP/1.1
Host: www.pornbf.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av.tub4us.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: image/jpeg
content-length: 11674
cache-control: public, max-age=604800
expires: Wed, 11 Dec 2024 19:03:59 GMT
last-modified: Sun, 14 Apr 2024 16:03:45 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 204013
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHbRoBgafULFHyrJ15TwhXjl8YdTmULjitfsjuU8WO2rsX33vH04wauzDaMTNJICOH11xDlZx3gRYkGfNh%2BDN1tcG0h34GqM3TvWA%2B0NZPBcED4bD7SUc4kbigSLUj%2FsrRs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184111db80b51-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1302&min_rtt=395&rtt_var=1751&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1232&delivery_rate=7098039&cwnd=254&unsent_bytes=0&cid=21c9dc39878dfc24&ts=1456&x=0"
X-Firefox-Spdy: h2

GET cdne-pics.youjizz.com/8/b/c/8bc1898864eb6cf877b57fbbca83e0951365186799.flv-1.jpg

64.210.135.119

200 OK

17 kB

URL GET HTTPS

cdne-pics.youjizz.com/8/b/c/8bc1898864eb6cf877b57fbbca83e0951365186799.flv-1.jpg

IP / ASN

64.210.135.119

#30361 SWIFTWILL2

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 308x232, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size17 kB (17419 bytes)

MD584e48c84917c9ea941a775a3fbad92e9

SHA153282781cf754ab4bafcc6c61f6e7fffa1dd24d2

SHA2568735bd559eb03fcb65df05949dbb4066a140b568f1ca73f72b80ec32d3be41e8

Certificate Info

IssuerSectigo Limited

Subject*.youjizz.com

Fingerprint27:54:6C:0C:5B:70:1D:77:94:86:37:FF:6C:FB:F2:18:15:90:4B:CC

ValidityMon, 25 Dec 2023 00:00:00 GMT - Mon, 06 Jan 2025 23:59:59 GMT

HTTP Headers

GET /8/b/c/8bc1898864eb6cf877b57fbbca83e0951365186799.flv-1.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:13 GMT
content-type: image/jpeg
content-length: 17419
last-modified: Wed, 20 Nov 2013 20:08:43 GMT
etag: "440b-4eba1590e7623"
expires: Thu, 25 Jan 2024 04:41:26 GMT
cache-control: max-age=10394367
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
x-cdn-diag: ams5-7846-2-3891-h-0-0---;7846-32-140092----0-0-0
X-Firefox-Spdy: h2

GET cdne-pics.youjizz.com/2/0/a/20a8e24815b64682390142deca08c2041426122607-422-238-401-h264.flv-5.jpg

64.210.135.119

200 OK

14 kB

URL GET HTTPS

cdne-pics.youjizz.com/2/0/a/20a8e24815b64682390142deca08c2041426122607-422-238-401-h264.flv-5.jpg

IP / ASN

64.210.135.119

#30361 SWIFTWILL2

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 18357x18326, segment length 16, comment: "Lavc52.123.0", baseline, precision 8, 308x232, components 3

First Seen2024-04-20

Last Seen2025-07-26

Times Seen14

Size14 kB (13868 bytes)

MD5aa04c8389e09ef7e3e1c8acc54c039ab

SHA19230d1cefc53ef5f46c55bea601562abda21837a

SHA2569a00c77829a36b7a0a996c0b4a6705cbf5b55e1e75f6fdb632cafebbd325ff61

Certificate Info

IssuerSectigo Limited

Subject*.youjizz.com

Fingerprint27:54:6C:0C:5B:70:1D:77:94:86:37:FF:6C:FB:F2:18:15:90:4B:CC

ValidityMon, 25 Dec 2023 00:00:00 GMT - Mon, 06 Jan 2025 23:59:59 GMT

HTTP Headers

GET /2/0/a/20a8e24815b64682390142deca08c2041426122607-422-238-401-h264.flv-5.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:13 GMT
content-type: image/jpeg
content-length: 13868
last-modified: Thu, 12 Mar 2015 01:27:12 GMT
etag: "362c-5110d48802f18"
expires: Tue, 30 Jan 2024 04:52:09 GMT
cache-control: max-age=10682011
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
x-cdn-diag: ams5-6140-2-3968-h-0-0---;7846-32-140092----0-0-1
X-Firefox-Spdy: h2

GET ext.fmkorea.com/files/attach/new/20200325/486616/177783486/2844942421/4947458b31b5b6031a0745f98bce426b.gif.thumb.jpg?c=20200325214236

198.255.46.10

200 OK

8.3 kB

URL GET HTTPS

ext.fmkorea.com/files/attach/new/20200325/486616/177783486/2844942421/4947458b31b5b6031a0745f98bce426b.gif.thumb.jpg?c=20200325214236

IP / ASN

198.255.46.10

#174 COGENT-174

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size8.3 kB (8293 bytes)

MD5baf811fb5edd9fe9a61e8d91ba9446b5

SHA17e3925f5f7bc8c4fd568add64056af01376d69b3

SHA256c22bd9364ff728bf9c5a07100442c7bf827d49fe0b04a433e5d6a292db08106b

Certificate Info

IssuerZeroSSL

Subjectfmkorea.com

Fingerprint11:2C:8D:93:35:24:3A:7B:9A:73:22:81:3A:D9:8A:52:10:A5:35:D6

ValiditySun, 10 Nov 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT

HTTP Headers

GET /files/attach/new/20200325/486616/177783486/2844942421/4947458b31b5b6031a0745f98bce426b.gif.thumb.jpg?c=20200325214236 HTTP/1.1
Host: ext.fmkorea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av.tub4us.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 07 Dec 2024 03:44:13 GMT
content-type: image/jpeg
content-length: 8293
last-modified: Wed, 25 Mar 2020 12:42:26 GMT
etag: "5e7b51b2-2065"
expires: Mon, 04 Aug 2025 09:00:41 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
strict-transport-security: max-age=3600; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

GET pic.duga.jp/unsecure/ibworks2/0138/cap/0009.jpg

59.106.25.10

200 OK

43 kB

URL GET HTTPS

pic.duga.jp/unsecure/ibworks2/0138/cap/0009.jpg

IP / ASN

59.106.25.10

#9370 SAKURA Internet Inc.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 864x480, components 3

First Seen2024-04-21

Last Seen2025-07-27

Times Seen15

Size43 kB (43222 bytes)

MD5f4afeacac12a5770c3e8eb85965c0dcd

SHA1ef15dacec0cb5a6d132f9a45b9f1abef2081c703

SHA256f609f8a11f76b855d546e0c5330bfaba44fcfb1bb0f13efc360dff4fc4ff8b15

Certificate Info

IssuerGlobalSign nv-sa

Subject*.duga.jp

Fingerprint35:15:0D:33:43:09:E3:61:FF:90:3F:62:1D:2A:E6:49:D3:52:D5:7D

ValidityFri, 01 Dec 2023 09:43:47 GMT - Wed, 01 Jan 2025 09:43:46 GMT

HTTP Headers

GET /unsecure/ibworks2/0138/cap/0009.jpg HTTP/1.1
Host: pic.duga.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: image/jpeg
content-length: 43222
last-modified: Thu, 22 Aug 2019 12:54:17 GMT
etag: "5d5e9079-a8d6"
expires: Thu, 02 May 2024 10:24:14 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

GET okashik.atype.jp/images/104-ops-040/1.jpg

39.110.226.221

200 OK

178 kB

URL GET HTTPS

okashik.atype.jp/images/104-ops-040/1.jpg

IP / ASN

39.110.226.221

#2527 Sony Network Communications Inc.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 450x634, components 3

First Seen2024-08-20

Last Seen2025-07-01

Times Seen3

Size178 kB (178238 bytes)

MD5fdf5322f7728ffe2a7bf3321624e23d8

SHA1e033c5c85e3f3cbef625ea5aca98fb709c0219e3

SHA2563fadc74f0da6ddd05920edb895af11089bbb90dc397835e04a455c5a58f197b2

Certificate Info

IssuerLet's Encrypt

Subject*.atype.jp

Fingerprint78:B0:BD:A9:52:DF:0B:AE:19:E8:04:3F:CF:B1:D1:F4:0E:98:D4:E4

ValidityFri, 13 Sep 2024 07:30:37 GMT - Thu, 12 Dec 2024 07:30:36 GMT

HTTP Headers

GET /images/104-ops-040/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 07 Dec 2024 03:44:11 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:42:28 GMT
ETag: "e42b0d-2b83e-5c439c90aecdd"
Accept-Ranges: bytes
Content-Length: 178238
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

GET mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fav.tub4us.top%2F2&page-ref=https%3A%2F%2Ffavor.jtube.top%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2ry4ydu9fr0zbj9aowv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A798601407665%3Ahid%3A747193505%3Az%3A0%3Ai%3A20241207034411%3Aet%3A1733543052%3Ac%3A1%3Arn%3A302924426%3Arqn%3A1%3Au%3A1733543052825791113%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C30%2C12%2C3%2C370%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1733543046099%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1733543053%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1)

77.88.21.119

302 Found

604 B

URL GET HTTPS

mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fav.tub4us.top%2F2&page-ref=https%3A%2F%2Ffavor.jtube.top%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2ry4ydu9fr0zbj9aowv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A798601407665%3Ahid%3A747193505%3Az%3A0%3Ai%3A20241207034411%3Aet%3A1733543052%3Ac%3A1%3Arn%3A302924426%3Arqn%3A1%3Au%3A1733543052825791113%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C30%2C12%2C3%2C370%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1733543046099%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1733543053%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1)

IP / ASN

77.88.21.119

#13238 YANDEX LLC

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJSON text data

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size604 B (604 bytes)

MD54b76cffda8521676c6d097e26bda2317

SHA1a319c7e1befea11d6586238c4122c930954a9135

SHA256952271e260478c56aa4cd40860e6b7dcc6d6cc690f663440a245f03e16bf15d5

Certificate Info

IssuerGlobalSign nv-sa

Subjectmc.webvisor.com

Fingerprint0E:34:88:85:15:0E:93:C0:12:EF:3F:45:B6:E8:61:82:0B:EC:4B:BD

ValiditySat, 28 Sep 2024 21:02:48 GMT - Sat, 22 Mar 2025 20:59:59 GMT

HTTP Headers

GET /watch/48140495?wmode=7&page-url=https%3A%2F%2Fav.tub4us.top%2F2&page-ref=https%3A%2F%2Ffavor.jtube.top%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2ry4ydu9fr0zbj9aowv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A798601407665%3Ahid%3A747193505%3Az%3A0%3Ai%3A20241207034411%3Aet%3A1733543052%3Ac%3A1%3Arn%3A302924426%3Arqn%3A1%3Au%3A1733543052825791113%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C30%2C12%2C3%2C370%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1733543046099%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1733543053%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av.tub4us.top/
Origin: https://av.tub4us.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: https://av.tub4us.top
last-modified: Sat, 07-Dec-2024 03:44:13 GMT
access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
expires: Sat, 07-Dec-2024 03:44:13 GMT
pragma: no-cache
set-cookie: yabs-sid=2096765391733543053; Path=/; SameSite=None; Secure
i=hNYBEX8DW3BkyFtMNysAJ8PP+GfCag9U5gP9vtAByMljcC2nMNvlU1DaeyRsg/pQM747qFFO5dmC2LwTv9G4nZ8FwJY=; Expires=Tue, 05-Dec-2034 03:44:11 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4010048731733543053; Expires=Tue, 05-Dec-2034 03:44:11 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=4010048731733543053; Expires=Sun, 07-Dec-2025 03:44:13 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1765079053.yrts.1733543053#1765079053.yrtsi.1733543053; Expires=Sun, 07-Dec-2025 03:44:13 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
date: Sat, 07 Dec 2024 03:44:13 GMT
location: /watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fav.tub4us.top%2F2&page-ref=https%3A%2F%2Ffavor.jtube.top%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2ry4ydu9fr0zbj9aowv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A798601407665%3Ahid%3A747193505%3Az%3A0%3Ai%3A20241207034411%3Aet%3A1733543052%3Ac%3A1%3Arn%3A302924426%3Arqn%3A1%3Au%3A1733543052825791113%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C30%2C12%2C3%2C370%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1733543046099%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1733543053%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1
X-Firefox-Spdy: h2

GET pic.duga.jp/unsecure/hiyokosd/0037/cap/0003.jpg

59.106.25.10

200 OK

98 kB

URL GET HTTPS

pic.duga.jp/unsecure/hiyokosd/0037/cap/0003.jpg

IP / ASN

59.106.25.10

#9370 SAKURA Internet Inc.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 577x864, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size98 kB (97495 bytes)

MD560014c3f3c72c6906150c8c075e67741

SHA1f1bf3cdf5547e2c18ee6c727ac3d6c94127d11b2

SHA25638f4dc2de34656afab46bc738d2d6badfc583c980449680dbf6f1f18ba89b6a0

Certificate Info

IssuerGlobalSign nv-sa

Subject*.duga.jp

Fingerprint35:15:0D:33:43:09:E3:61:FF:90:3F:62:1D:2A:E6:49:D3:52:D5:7D

ValidityFri, 01 Dec 2023 09:43:47 GMT - Wed, 01 Jan 2025 09:43:46 GMT

HTTP Headers

GET /unsecure/hiyokosd/0037/cap/0003.jpg HTTP/1.1
Host: pic.duga.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: image/jpeg
content-length: 97495
last-modified: Wed, 21 Aug 2019 10:41:50 GMT
etag: "5d5d1fee-17cd7"
expires: Mon, 06 May 2024 13:32:32 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

GET javp1.cc/https://jpgjingpinx.com/upload/vod/20240111-1/cf1a7921438d2d3a5b121ce02ee32f12.jpg

172.67.162.226

404 Not Found

2.2 kB

URL GET HTTPS

javp1.cc/https://jpgjingpinx.com/upload/vod/20240111-1/cf1a7921438d2d3a5b121ce02ee32f12.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text

First Seen2024-07-17

Last Seen2025-02-14

Times Seen40

Size2.2 kB (2199 bytes)

MD58b84299af6ecfda46caeec465e583926

SHA10c754ab8a0ab65b10030e7b7d5a67495ad6adc99

SHA2563890dbe7bb19792178e8f1fe940d43831ac81925f5e9276b687d7faa2e8a3c8d

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /https://jpgjingpinx.com/upload/vod/20240111-1/cf1a7921438d2d3a5b121ce02ee32f12.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 11
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKLVSmeCrZgBEKxjyExdvBkv2o1deiMsHp2q5AgdfRCtr%2BvbJzHXvlxblIuau3q0NfmMhumd3%2B9f35I4uJbDvCSvXA6xiIF2jCHjH0dgzjASvY%2FsIhN2RzvQDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1840dfb7cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10927&min_rtt=7049&rtt_var=5781&sent=65&recv=73&lost=0&retrans=0&sent_bytes=11393&recv_bytes=5371&delivery_rate=6248&cwnd=12000&unsent_bytes=0&cid=5322974bcf27bca7&ts=2896&x=1", cfExtPri, cfHdrFlush;dur=0

GET n.sinaimg.cn/front/20170503/IpfC-fyeuirh0638041.jpg

47.246.44.224

200 OK

18 kB

URL GET HTTPS

n.sinaimg.cn/front/20170503/IpfC-fyeuirh0638041.jpg

IP / ASN

47.246.44.224

#24429 Zhejiang Taobao Network Co.,Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3

First Seen2024-04-25

Last Seen2024-12-27

Times Seen31

Size18 kB (17736 bytes)

MD5ea3014e874438e227ebe85c03d78efc6

SHA111d5e4548a05eb08a432678be3600fcd55e39013

SHA2560adb73eae6988ffbb4b2176b5ea8a47106657ca9127a81071e91c354e5ede215

Certificate Info

IssuerDigiCert Inc

Subject*.weibo.cn

FingerprintA8:7A:A5:C5:D5:00:D5:37:49:86:82:51:4F:D2:2E:60:CF:50:35:4A

ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

HTTP Headers

GET /front/20170503/IpfC-fyeuirh0638041.jpg HTTP/1.1
Host: n.sinaimg.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 17736
date: Wed, 09 Oct 2024 08:53:39 GMT
x-requestid: 39fdf2b6-2410-0703-3126-5ca7213e02e0
x-requester: GRPS000000ANONYMOUSE
last-modified: Wed, 03 May 2017 11:05:42 GMT
x-filesize: 17736
etag: "ea3014e874438e227ebe85c03d78efc6"
x-amz-meta-crc32: 1F6EBFB5
cache-control: max-age=31536000
access-control-allow-headers: Origin, Content-Type, Accept, Range, Content-Length
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
access-control-max-age: 31536000
access-control-allow-origin: *
edge-copy-time: 1728243086619
via: http/1.1 cnc.guangzhou.union.24 (ApacheTrafficServer/6.2.1 [cHs f ]), cache17.l2st3-1[22,22,200-0,M], cache11.l2st3-1[22,0], cache38.l2hk3[27,27,200-0,M], cache32.l2hk3[28,0], ens-cache7.l2us3[0,0,200-0,H], ens-cache14.l2us3[1,0], ens-cache7.se2[0,0,200-0,H], ens-cache11.se2[2,0]
x-via-cdn: f=aliyun,s=ens-cache11.se2,c=91.90.42.154;f=sinaedge,s=cnc.guangzhou.union.55.nb.sinaedge.com,c=120.241.4.167;f=Edge,s=cnc.guangzhou.union.24,c=172.16.116.55
x-via-edge: 1728464019327a704f178377410ac45ea85ae
age: 5079034
ali-swift-global-savetime: 1728464019
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 26 Nov 2024 18:52:22 GMT
x-swift-cachetime: 27352877
timing-allow-origin: *
eagleid: 2ff62c9f17335430535183099e
X-Firefox-Spdy: h2

GET ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?1

142.250.74.106

200 OK

30 kB

URL GET HTTPS

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?1

IP / ASN

142.250.74.106

#15169 GOOGLE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65451)

First Seen2023-03-07

Last Seen2025-08-06

Times Seen67885

Size30 kB (30399 bytes)

MD5a09e13ee94d51c524b7e2a728c7d4039

SHA10dc32db4aa9c5f03f3b38c47d883dbd4fed13aae

SHA256160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Certificate Info

IssuerGoogle Trust Services

Subjectupload.video.google.com

FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05

ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js?1 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Dec 2024 06:19:52 GMT
expires: Sat, 06 Dec 2025 06:19:52 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 77062
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET javp1.cc/https://jpgjingpinx.com/upload/vod/20240727-1/e87c69ff59a0e4123509237f041fa29e.jpg

172.67.162.226

404 Not Found

10 kB

URL GET HTTPS

javp1.cc/https://jpgjingpinx.com/upload/vod/20240727-1/e87c69ff59a0e4123509237f041fa29e.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text

First Seen2024-07-17

Last Seen2025-02-14

Times Seen40

Size10 kB (10469 bytes)

MD58b84299af6ecfda46caeec465e583926

SHA10c754ab8a0ab65b10030e7b7d5a67495ad6adc99

SHA2563890dbe7bb19792178e8f1fe940d43831ac81925f5e9276b687d7faa2e8a3c8d

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /https://jpgjingpinx.com/upload/vod/20240727-1/e87c69ff59a0e4123509237f041fa29e.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbzM2G42LD%2Bbcg5UdE5uh7hW3LUFOpalMBRD2D8KHynNRm6ow88dS1WhAP5MHtXtjWIDYMIbJavnIW2aCLeR6cWYOL8JU5UIIO6wXYAePdlkh1e2VChl2DgzeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1840deb72b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10927&min_rtt=7049&rtt_var=5781&sent=62&recv=73&lost=0&retrans=0&sent_bytes=8962&recv_bytes=5371&delivery_rate=6248&cwnd=12000&unsent_bytes=0&cid=5322974bcf27bca7&ts=2888&x=1", cfExtPri, cfHdrFlush;dur=0

GET d2wuern4tlyyou.cloudfront.net/photos/news2021/large/photo1629284467482-16292844675921610615457.jpg

54.230.241.50

200 OK

38 kB

URL GET HTTPS

d2wuern4tlyyou.cloudfront.net/photos/news2021/large/photo1629284467482-16292844675921610615457.jpg

IP / ASN

54.230.241.50

#16509 AMAZON-02

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1200x630, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size38 kB (37732 bytes)

MD584403bb928ac92f9ba11b3be8147b5e5

SHA1dae9e800100850af7265bff0f99b45b1c4a1b477

SHA25605cb3c287078e8c6ad452c42e06f35c48a18655d8a0426c363c4e374d9625330

Certificate Info

IssuerAmazon

Subject*.cloudfront.net

Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62

ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

HTTP Headers

GET /photos/news2021/large/photo1629284467482-16292844675921610615457.jpg HTTP/1.1
Host: d2wuern4tlyyou.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 37732
cache-control: max-age=31536000
last-modified: Wed, 18 Aug 2021 12:10:26 GMT
accept-ranges: bytes
etag: "72524972a94d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Thu, 05 Sep 2024 19:06:17 GMT
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CXaseG_UkBqPjIq9YYeJyhg5xvUpNhl2o-YvmZ9Ox8siSa1QvvZ9AA==
age: 7979508
X-Firefox-Spdy: h2

GET css.4jpg.top/mycss/av4.css?33

104.21.77.220

200 OK

1.7 kB

URL GET HTTPS

css.4jpg.top/mycss/av4.css?33

IP / ASN

104.21.77.220

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeUnicode text, UTF-8 text

First Seen2024-11-08

Last Seen2025-02-17

Times Seen64

Size1.7 kB (1748 bytes)

MD5daaab91dc3b6225da56b18e71931f80f

SHA1509686de7b3c233023ec711c5e23a1255c4a967e

SHA256d297520bd643fb6a86317d7c91a154e912151ac96dde53ecf39c43000a0a862b

Certificate Info

IssuerGoogle Trust Services

Subject4jpg.top

FingerprintC4:37:E6:09:C5:3C:99:D3:7D:3F:90:98:D9:5E:80:F2:A7:C8:D2:F4

ValidityTue, 29 Oct 2024 17:25:21 GMT - Mon, 27 Jan 2025 17:25:20 GMT

HTTP Headers

GET /mycss/av4.css?33 HTTP/1.1
Host: css.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: text/css
etag: W/"f0f-6262b97c54100"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 239679
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Swui1gd7Fap9YAzPutpMb8upcKGpWrju0bqaYLKrD2p%2B2Qc8XvUfpB3o%2BQah4DHziuD6Xie3CTeUgLHEblLIVKhiAem0mxJk4lElBJW9xLLvQqLqqXYkw%2BCLhdV%2FK%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184078c3656b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=539&min_rtt=405&rtt_var=223&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3260&recv_bytes=1164&delivery_rate=5240048&cwnd=254&unsent_bytes=0&cid=b421835914c217a3&ts=2136&x=0"
X-Firefox-Spdy: h2

GET en.vidmo.pro/thumbs_320/b1/bf/b1bf3a43b10680f9e029a60fbdcae86f/15629831.jpg

89.248.193.244

404 Not Found

4.7 kB

URL GET HTTPS

en.vidmo.pro/thumbs_320/b1/bf/b1bf3a43b10680f9e029a60fbdcae86f/15629831.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typegzip compressed data, max speed, from Unix

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size4.7 kB (4650 bytes)

MD5b4570dd67649404faef0d7d413c0f0d4

SHA18f0e35b4730c6dc8bf06fd48bfd80f7b305759ad

SHA256e55f0ea2e57720eb5c3c4cfbd8a42e65f3cfc19802d85af157407f7aed10e747

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/b1/bf/b1bf3a43b10680f9e029a60fbdcae86f/15629831.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

GET javp1.cc/https://img.caoliuzywimg.com:188/20230220/EnEqwnDJ/1.jpg

172.67.162.226

404 Not Found

11 kB

URL GET HTTPS

javp1.cc/https://img.caoliuzywimg.com:188/20230220/EnEqwnDJ/1.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text

First Seen2024-07-17

Last Seen2025-02-14

Times Seen40

Size11 kB (10582 bytes)

MD58b84299af6ecfda46caeec465e583926

SHA10c754ab8a0ab65b10030e7b7d5a67495ad6adc99

SHA2563890dbe7bb19792178e8f1fe940d43831ac81925f5e9276b687d7faa2e8a3c8d

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /https://img.caoliuzywimg.com:188/20230220/EnEqwnDJ/1.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1LKxRwzgzeUu1wVUDYEsmMKGHafk0qMrX3qqqXvkBetIyZ%2FbFxTxFc2HnUwSIvYolfkRZo1LqB277em3TEufMzFi9m32ATlowVgwTG47x4DTJxNrnqul%2B5%2FdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1840e2ba6b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14085&min_rtt=4872&rtt_var=8049&sent=85&recv=82&lost=0&retrans=0&sent_bytes=23731&recv_bytes=6776&delivery_rate=114550&cwnd=12000&unsent_bytes=0&cid=5322974bcf27bca7&ts=3265&x=1", cfExtPri, cfHdrFlush;dur=0

GET img.youtube.com/vi/wsk95Mq0Cys/0.jpg

142.250.74.46

200 OK

21 kB

URL GET HTTPS

img.youtube.com/vi/wsk95Mq0Cys/0.jpg

IP / ASN

142.250.74.46

#15169 GOOGLE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size21 kB (20825 bytes)

MD59712645e0eedafb4cb4b7b5d8d945e1b

SHA14ce774acfb960e6c5edef75fbf211e662149c21d

SHA2569bd43a8b7279d24891d95e5021338633d2ccff304a4942d8c7725b4b938170e8

Certificate Info

IssuerGoogle Trust Services

Subject*.google.com

Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB

ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

HTTP Headers

GET /vi/wsk95Mq0Cys/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 20825
date: Sat, 07 Dec 2024 03:44:14 GMT
expires: Sat, 07 Dec 2024 05:44:14 GMT
cache-control: public, max-age=7200
etag: "1718932200"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET img.youtube.com/vi/OmOeR1klqfM/0.jpg

142.250.74.46

200 OK

8.0 kB

URL GET HTTPS

img.youtube.com/vi/OmOeR1klqfM/0.jpg

IP / ASN

142.250.74.46

#15169 GOOGLE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size8.0 kB (8045 bytes)

MD5a842b168c3212a90ad538fb1c00bbadd

SHA1e1daf3502148db07e38909d4c77ea75a1a05ee16

SHA256adbf9f8ab67e41114d82e25a5ba51326e435b5be38853f1a6c136ddd77b798db

Certificate Info

IssuerGoogle Trust Services

Subject*.google.com

Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB

ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

HTTP Headers

GET /vi/OmOeR1klqfM/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 8045
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Dec 2024 02:37:01 GMT
expires: Sat, 07 Dec 2024 04:37:01 GMT
cache-control: public, max-age=7200
etag: "1550229783"
content-type: image/jpeg
vary: Origin
age: 4033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET img.youtube.com/vi/LEdNCS8luWE/0.jpg

142.250.74.46

200 OK

22 kB

URL GET HTTPS

img.youtube.com/vi/LEdNCS8luWE/0.jpg

IP / ASN

142.250.74.46

#15169 GOOGLE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size22 kB (21693 bytes)

MD58f0c00d2bfc745bff6ec29c3a6a109f6

SHA1d6e2083718d3c0864b34fdf8d3daba1bb4f76df9

SHA256971212203ecea74f2cd47af7aefe71d38f78eec368be197d4a44c55078ca875b

Certificate Info

IssuerGoogle Trust Services

Subject*.google.com

Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB

ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

HTTP Headers

GET /vi/LEdNCS8luWE/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 21693
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Dec 2024 03:35:43 GMT
expires: Sat, 07 Dec 2024 05:35:43 GMT
cache-control: public, max-age=7200
etag: "1703880622"
content-type: image/jpeg
vary: Origin
age: 511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET img.youtube.com/vi/wZU2n2Gmsmg/0.jpg

142.250.74.46

200 OK

10 kB

URL GET HTTPS

img.youtube.com/vi/wZU2n2Gmsmg/0.jpg

IP / ASN

142.250.74.46

#15169 GOOGLE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3

First Seen2024-12-07

Last Seen2025-07-30

Times Seen3

Size10 kB (9974 bytes)

MD50ea03d7524044dee7aac120acd34259b

SHA1e65f798a1c866f098ab49d476bcbb474d8111525

SHA256bbc12f3dec0ff5f833a0deb6d087a53dc718a9ff6f77297067b076c2fa81da36

Certificate Info

IssuerGoogle Trust Services

Subject*.google.com

Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB

ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

HTTP Headers

GET /vi/wZU2n2Gmsmg/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 9974
date: Sat, 07 Dec 2024 03:44:14 GMT
expires: Sat, 07 Dec 2024 05:44:14 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

HEAD ads.google.com/

216.58.207.206

429 Too Many Requests

0 B

URL HEAD HTTPS

ads.google.com/

IP / ASN

216.58.207.206

#15169 GOOGLE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectadwords.google.com

Fingerprint57:0A:02:4E:16:91:3A:3C:97:54:EE:5B:D8:FA:1E:80:57:9B:F4:6E

ValidityMon, 21 Oct 2024 08:37:54 GMT - Mon, 13 Jan 2025 08:37:53 GMT

HTTP Headers

HEAD / HTTP/1.1
Host: ads.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av.tub4us.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 429 Too Many Requests
content-length: 1103
content-type: text/html; charset=UTF-8
date: Sat, 07 Dec 2024 03:44:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET img.youtube.com/vi/ySQnIj-rqb4/0.jpg

142.250.74.46

200 OK

33 kB

URL GET HTTPS

img.youtube.com/vi/ySQnIj-rqb4/0.jpg

IP / ASN

142.250.74.46

#15169 GOOGLE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size33 kB (33229 bytes)

MD5173d1b644c214852c68396f3176bafea

SHA17b40bfb0fcc819cbf7d2d0e4292d8f4c2757f530

SHA2562e92c327cc003640ed99e809e46ed322998d86ddd788896a45fcd3ca95a587a4

Certificate Info

IssuerGoogle Trust Services

Subject*.google.com

Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB

ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

HTTP Headers

GET /vi/ySQnIj-rqb4/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 33229
date: Sat, 07 Dec 2024 03:44:14 GMT
expires: Sat, 07 Dec 2024 05:44:14 GMT
cache-control: public, max-age=7200
etag: "1702476914"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET javp1.cc/https://img.caoliuzywimg.com:188/20230220/iRKl9duD/1.jpg

172.67.162.226

404 Not Found

2.9 kB

URL GET HTTPS

javp1.cc/https://img.caoliuzywimg.com:188/20230220/iRKl9duD/1.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text

First Seen2024-07-17

Last Seen2025-02-14

Times Seen40

Size2.9 kB (2878 bytes)

MD58b84299af6ecfda46caeec465e583926

SHA10c754ab8a0ab65b10030e7b7d5a67495ad6adc99

SHA2563890dbe7bb19792178e8f1fe940d43831ac81925f5e9276b687d7faa2e8a3c8d

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /https://img.caoliuzywimg.com:188/20230220/iRKl9duD/1.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4YZUoP0kZ8nVYFA%2Bl%2BU2UMSNoelNSButqhkPXWvKUDSuApmNkn0t753Ge266tHiExpAHX5Gy9zkFonzLBclvomX%2B8Nk370eC9Pd5nSoVCDs76cgSVSM7nP%2BUgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1840ceac4b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13128&min_rtt=4872&rtt_var=8180&sent=82&recv=81&lost=0&retrans=0&sent_bytes=21295&recv_bytes=6733&delivery_rate=109900&cwnd=12000&unsent_bytes=0&cid=5322974bcf27bca7&ts=3080&x=1", cfExtPri, cfHdrFlush;dur=0

GET page.phic4.top/myda.php

104.21.73.126

200 OK

333 B

URL GET HTTPS

page.phic4.top/myda.php

IP / ASN

104.21.73.126

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typedata

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size333 B (333 bytes)

MD5741c728080830f98b467b2d08ee845c0

SHA14384c80f130a9b206822bdc05d23aa502d099330

SHA256270a8f3fc7c59f4f501e96b8de55b8dd637f3e35a45be5de325cca3ca35b2e75

Certificate Info

IssuerGoogle Trust Services

Subjectphic4.top

FingerprintE9:EB:62:08:F4:B5:AF:02:6E:C4:AF:F8:8E:8A:67:C6:EB:D0:F7:20

ValidityTue, 05 Nov 2024 19:16:48 GMT - Mon, 03 Feb 2025 19:16:47 GMT

HTTP Headers

GET /myda.php HTTP/1.1
Host: page.phic4.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:13 GMT
content-type: text/html; charset=utf-8
myda: myda91.149.5.54
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4839
last-modified: Sat, 07 Dec 2024 02:23:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gor%2BPI1y9jZIfz3YzoEj%2Furrcp4K7%2BryXmQKGjChs25MWhP9s1GC3rIx6flHLjcRfilKB%2FyTzE7uFD9UfvHHqEstBgDnRStBQOfE7LKne8vtJuotbtAV8W8gi1uhUzIcSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee18411feaeb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=498&min_rtt=439&rtt_var=153&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3193&recv_bytes=1023&delivery_rate=7051948&cwnd=253&unsent_bytes=0&cid=8457578bed3f5935&ts=474&x=0"
X-Firefox-Spdy: h2

GET www.dirtysancheztube.com/favicon.ico

172.67.216.69

200 OK

1.2 kB

URL GET HTTPS

www.dirtysancheztube.com/favicon.ico

IP / ASN

172.67.216.69

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2024-06-16

Last Seen2025-07-31

Times Seen55

Size1.2 kB (1150 bytes)

MD5dfd251a1848f0caf669a9253f39d3068

SHA1ee5695be8c0f24633be95c3a3adbd4b5b42ed6a3

SHA2560b561412b53c6a575b07d9dd6cd1d9d98a4b61c2ab3540b6e9ff246eb5c88664

Certificate Info

IssuerGoogle Trust Services

Subjectdirtysancheztube.com

Fingerprint0F:AF:FE:53:66:66:69:62:0E:FE:60:20:22:9C:B1:E5:D3:AC:F2:4A

ValidityTue, 22 Oct 2024 02:00:12 GMT - Mon, 20 Jan 2025 02:00:11 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.dirtysancheztube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 29 Nov 2019 12:08:12 GMT
etag: "5de10a2c-47e"
expires: Fri, 24 Oct 2025 01:52:59 GMT
cache-control: public, max-age=31536000, no-transform
x-cache-status: HIT
cf-cache-status: HIT
age: 3808276
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JF5XsvVX3x1NYdy8CgL4BoE9fjiBJz%2FfUogsYDN3pvyEYcFqKf0cX%2F7rCVK26q8A6DsJgKnV%2FO6gynGTK3jpRFMubI1LF4826Q%2BKrN4et6FPOeFIQx0PHh8qg9nqqIVJtNWL29KjLzGm8fY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18422fc0456ae-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11727&min_rtt=946&rtt_var=8547&sent=68&recv=104&lost=0&retrans=0&sent_bytes=7215&recv_bytes=6174&delivery_rate=73357&cwnd=12000&unsent_bytes=0&cid=551544df652b9c28&ts=5956&x=1", cfExtPri, cfHdrFlush;dur=0

GET javp1.cc/upload/vod/20240219-10/9ce9be74aee8094fb3ddbd04f8d2af5c.jpg

172.67.162.226

404 Not Found

2.2 kB

URL GET HTTPS

javp1.cc/upload/vod/20240219-10/9ce9be74aee8094fb3ddbd04f8d2af5c.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text

First Seen2023-03-13

Last Seen2025-08-05

Times Seen242

Size2.2 kB (2247 bytes)

MD561770fce11a09cf460d45cb507670b0b

SHA1a91724b0e57f8426b0e3572cbcb226359ae6501c

SHA2561fdb617ec52b6ad2b44ef4da4abca278a8f8b3cb5cbffc7efa9aaf3a0c6eb24a

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /upload/vod/20240219-10/9ce9be74aee8094fb3ddbd04f8d2af5c.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 11
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6AjYIzvHJqgmbnlQzMoaWGc1KLycJnQgTOPjK32HPBsEzMGA34JAxTKazJG%2BMSFiWzJ2z3Q%2BlWa5Le3ZAgxCVa23syHtwa8FP9%2Fnn3VixUIA84VxhFhe2vU%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1840ecc39b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11828&min_rtt=4872&rtt_var=7439&sent=78&recv=80&lost=0&retrans=0&sent_bytes=18805&recv_bytes=6690&delivery_rate=72729&cwnd=12000&unsent_bytes=0&cid=5322974bcf27bca7&ts=3024&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.clporn.com/favicon.ico

172.67.222.7

200 OK

1.2 kB

URL GET HTTPS

www.clporn.com/favicon.ico

IP / ASN

172.67.222.7

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2024-05-18

Last Seen2025-08-05

Times Seen111

Size1.2 kB (1150 bytes)

MD57bce878d4d59681219dd7ee7b31d501f

SHA18078782a63dd8997b9537de46f1c19c0b60737ce

SHA25619658bac1ca076be044dc8e1289ae869efd6847cc8d61405f1f6aeea11904dcf

Certificate Info

IssuerGoogle Trust Services

Subjectclporn.com

FingerprintB6:5C:97:0A:F8:D6:AC:1A:76:B6:D7:C7:D3:68:68:39:0D:98:5C:D4

ValiditySat, 19 Oct 2024 13:15:48 GMT - Fri, 17 Jan 2025 13:15:47 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.clporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Sun, 21 May 2023 03:45:32 GMT
etag: "646993dc-47e"
expires: Tue, 25 Nov 2025 02:42:43 GMT
cache-control: public, max-age=31536000, no-transform
x-cache-status: HIT
cf-cache-status: HIT
age: 1040492
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JxVNyruCt52Ni6W%2BwqBprkgyGvsJUgQbXc1KhyTcKaMVjyV%2FVdORkqe7R7cZJwGQTyvLyFp0oWZSFe3Po7IUMMWqgekm6Vq8rkMgVURxFq%2BHdkz6RcY07i0cfXIz9HhSrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184236f6c56a5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5651&min_rtt=852&rtt_var=3149&sent=53&recv=79&lost=0&retrans=0&sent_bytes=6361&recv_bytes=4867&delivery_rate=87402&cwnd=12000&unsent_bytes=0&cid=c4f2d2b754bc605f&ts=5519&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.w3schools.com/w3css/4/w3.css

192.229.133.221

200 OK

5.3 kB

URL GET HTTPS

www.w3schools.com/w3css/4/w3.css

IP / ASN

192.229.133.221

#15133 EDGECAST

Requested byhttps://av.tub4us.top/2

Resource Info

File typeUnicode text, UTF-8 (with BOM) text

First Seen2023-04-05

Last Seen2025-02-28

Times Seen10656

Size5.3 kB (5256 bytes)

MD5ba0537e9574725096af97c27d7e54f76

SHA1bd46b47d74d344f435b5805114559d45979762d5

SHA2564a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f

Certificate Info

IssuerDigiCert Inc

Subject*.w3schools.com

Fingerprint20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A

ValidityWed, 03 Apr 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

HTTP Headers

GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 143916
cache-control: public,max-age=31536000,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
content-type: text/css
date: Sat, 07 Dec 2024 03:44:15 GMT
etag: "0f9f1ce347db1:0+gzip"
last-modified: Thu, 05 Dec 2024 10:52:42 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2

GET en.vidmo.pro/favicon.ico

89.248.193.244

200 OK

5.4 kB

URL GET HTTPS

en.vidmo.pro/favicon.ico

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2023-05-05

Last Seen2025-08-05

Times Seen232

Size5.4 kB (5430 bytes)

MD56b6734885d5e4ff9dbb7d82ba6023598

SHA13c454d68a346b375ed7b59a131699061e7393b1f

SHA2560f8e5edd4348eaa11881bf6150baf7b3182b1c3e29c6378e0e921afce7d91819

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
content-length: 5430
last-modified: Sun, 14 Oct 2012 21:41:38 GMT
etag: "507b3192-1536"
cache-control: public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.youhu.com/favicon.ico

15.197.148.33

204 No Content

0 B

URL GET HTTPS

www.youhu.com/favicon.ico

IP / ASN

15.197.148.33

#16509 AMAZON-02

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoDaddy.com, Inc.

Subjectwww.youhu.com

Fingerprint9B:DC:E7:AE:64:4C:75:7D:AB:D3:A5:BB:6D:A3:4E:C4:63:12:B4:31

ValiditySun, 08 Sep 2024 17:51:50 GMT - Mon, 08 Sep 2025 17:51:50 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.youhu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 07 Dec 2024 03:44:15 GMT
X-Firefox-Spdy: h2

GET rtgallery.net/favicon.ico

5.63.144.85

200 OK

894 B

URL GET HTTPS

rtgallery.net/favicon.ico

IP / ASN

5.63.144.85

#13213 UK-2 Limited

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 24 bits/pixel

First Seen2024-05-20

Last Seen2025-08-05

Times Seen123

Size894 B (894 bytes)

MD5ecfa03337847c3b30c7c0c5c4bbb5c5f

SHA155457dd13b92fd876c253e3a74d46aec83429441

SHA256903d49ac2a65b3e7452534fc61790a686d1be8b936e8e6bcd9f49b1739a746f9

Certificate Info

IssuerLet's Encrypt

Subjectrtgallery.net

Fingerprint9D:AB:29:43:6F:E7:4E:6E:90:C5:1D:94:E0:DB:33:4B:0F:D5:7C:23

ValiditySat, 23 Nov 2024 00:11:51 GMT - Fri, 21 Feb 2025 00:11:50 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rtgallery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 07 Dec 2024 02:38:30 GMT
Content-Type: image/x-icon
Content-Length: 894
Last-Modified: Sat, 03 Jun 2017 05:36:38 GMT
Connection: keep-alive
ETag: "59324ae6-37e"
Accept-Ranges: bytes

GET vidmo.pro/favicon.ico

89.248.193.244

200 OK

5.4 kB

URL GET HTTPS

vidmo.pro/favicon.ico

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2023-05-05

Last Seen2025-08-05

Times Seen232

Size5.4 kB (5430 bytes)

MD56b6734885d5e4ff9dbb7d82ba6023598

SHA13c454d68a346b375ed7b59a131699061e7393b1f

SHA2560f8e5edd4348eaa11881bf6150baf7b3182b1c3e29c6378e0e921afce7d91819

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
content-length: 5430
last-modified: Sun, 14 Oct 2012 21:41:38 GMT
etag: "507b3192-1536"
cache-control: public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2

GET rolotube.com/favicon.ico

104.21.233.145

200 OK

0 B

URL GET HTTPS

rolotube.com/favicon.ico

IP / ASN

104.21.233.145

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectrolotube.com

FingerprintC8:07:CC:8B:E0:0F:95:7B:5F:75:38:C9:01:14:10:AF:A0:EC:99:2D

ValidityMon, 28 Oct 2024 05:14:50 GMT - Sun, 26 Jan 2025 05:14:49 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rolotube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
content-length: 0
last-modified: Mon, 28 Oct 2019 19:52:23 GMT
etag: "5db746f7-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 507390
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=krOyYrlKQcRt%2BjbWhV3sIRZgXn72inyXPGfoM6eeCUG%2BZpD7q3csMj9vuQO0m22D2%2BwPRsTC%2B%2FiBJ0QujX90%2FnoCIW69WL8WdjZtcijP5DGUt3ZGfPJ2Us55up0oRvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18423ec8c71c9-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23234&min_rtt=20208&rtt_var=8570&sent=37&recv=41&lost=0&retrans=0&sent_bytes=5411&recv_bytes=2886&delivery_rate=20096&cwnd=12000&unsent_bytes=0&cid=00dbc3752ac5af56&ts=4846&x=1", cfExtPri, cfHdrFlush;dur=0

GET 1top.club/favicon.ico

54.38.205.67

200 OK

15 kB

URL GET HTTPS

1top.club/favicon.ico

IP / ASN

54.38.205.67

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2024-10-04

Last Seen2025-08-05

Times Seen18

Size15 kB (15086 bytes)

MD59037e53f478cde1c1fab105bc01303b8

SHA1bd7ae73a4efc137d97462ba04d1fe747ac613c38

SHA256b79ee928c8e1ac0a5474d11eec6278a0ae5db064e1b8a0af064c7c9c7590996d

Certificate Info

IssuerLet's Encrypt

Subject1top.club

Fingerprint2D:0D:62:96:B1:54:D5:4A:B1:48:52:37:53:AD:27:77:25:69:79:2D

ValiditySun, 20 Oct 2024 10:12:25 GMT - Sat, 18 Jan 2025 10:12:24 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 1top.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
content-length: 15086
last-modified: Fri, 22 Jul 2022 12:35:23 GMT
etag: "62da998b-3aee"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

GET stickamvids.net/favicon.ico

80.92.205.167

404 Not Found

183 B

URL GET HTTPS

stickamvids.net/favicon.ico

IP / ASN

80.92.205.167

#44477 Stark Industries Solutions Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text

First Seen2023-04-05

Last Seen2025-08-06

Times Seen24275

Size183 B (183 bytes)

MD518ffb59b61525f781cf9251045be575d

SHA1bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d

SHA256b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642

Certificate Info

IssuerLet's Encrypt

Subjectstickamvids.net

Fingerprint15:D4:79:CE:92:44:E7:77:D4:AA:72:8F:2D:95:B9:CD:49:27:9C:31

ValidityMon, 25 Nov 2024 00:23:03 GMT - Sun, 23 Feb 2025 00:23:02 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: stickamvids.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Sat, 07 Dec 2024 03:44:15 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET en.chezcathy.com/favicon.ico

104.21.235.159

200 OK

1.2 kB

URL GET HTTPS

en.chezcathy.com/favicon.ico

IP / ASN

104.21.235.159

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2024-11-08

Last Seen2025-04-03

Times Seen24

Size1.2 kB (1150 bytes)

MD5a0c6112dc27e0c9da23e904e0cd02545

SHA16043a91f9a554c423e69a109c102cfbae23b9a2f

SHA256beb8e1aaa1d5ca337d205709ba19b78031cf6089fa3b67266bc7094f27f5628e

Certificate Info

IssuerGoogle Trust Services

Subjectchezcathy.com

Fingerprint10:63:8B:BE:8C:04:F0:95:FB:93:3A:FA:17:B5:45:59:47:EA:56:7A

ValidityWed, 30 Oct 2024 08:18:23 GMT - Tue, 28 Jan 2025 08:18:22 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: en.chezcathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-length: 1150
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Content-Type, Authorization
access-control-allow-credentials: true
access-control-max-age: 86400
vary: Accept-Encoding
last-modified: Fri, 06 Dec 2024 18:34:49 GMT
etag: W/"1150-1733510089406"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 819
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LEG9VNKWXLWHai%2FrW2IO4uRoYt38hF2dIpkzV5X6lyKSJh%2Fy0BI%2BkA9MrvG32Okt91VedIAu6nt7VneUe7mK1OUx1P9cEe1E5hn1Lmb4LYrh0oTZAOD3RPh69UiSSJkVk%2FIR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1842459cc3866-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34283&min_rtt=20846&rtt_var=16079&sent=36&recv=39&lost=0&retrans=0&sent_bytes=5394&recv_bytes=2790&delivery_rate=22873&cwnd=12000&unsent_bytes=0&cid=73994da3dc7a747e&ts=7964&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.blacktowhite.net/favicon.ico

192.243.63.82

200 OK

3.0 kB

URL GET HTTPS

www.blacktowhite.net/favicon.ico

IP / ASN

192.243.63.82

#39572 DataWeb Global Group B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced

First Seen2024-06-16

Last Seen2025-08-05

Times Seen129

Size3.0 kB (2951 bytes)

MD57f61d30e4ff36ab9f7cbc9e8b4e3feda

SHA154f81165e7d7130826fd6d87d85a39735c391698

SHA25660e32d8ca6041d4eedc2e9abf1ef3f012e86a01ba7cccc3004ee934bafb22742

Certificate Info

IssuerSectigo Limited

Subjectblacktowhite.net

Fingerprint43:8E:56:BC:18:82:17:A1:A7:61:36:29:5B:13:66:73:A2:9A:A6:77

ValidityFri, 28 Jun 2024 00:00:00 GMT - Tue, 29 Jul 2025 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.blacktowhite.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.17.6
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
content-length: 2951
last-modified: Mon, 21 Dec 2015 10:18:34 GMT
etag: "5677d1fa-b87"
expires: Sat, 21 Dec 2024 03:44:15 GMT
cache-control: max-age=1209600
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cav102.com/favicon.ico

45.145.72.132

200 OK

4.3 kB

URL GET HTTPS

cav102.com/favicon.ico

IP / ASN

45.145.72.132

#201106 Spartan Host Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel

First Seen2024-02-24

Last Seen2025-08-05

Times Seen92

Size4.3 kB (4286 bytes)

MD579ca959796fd758988aa0acfb9952640

SHA18a8e7fa57c016b5cbc943faefc7c651e8959b0ce

SHA25601d4884a0070a4804680dc80361b4695aa48ca7b37eb6768127b17d9763464cb

Certificate Info

IssuerLet's Encrypt

Subjectcav101.xyz

FingerprintC5:DE:81:32:93:3C:C1:E0:12:46:6F:EF:42:A9:89:7B:6B:B7:E6:77

ValidityFri, 18 Oct 2024 12:44:11 GMT - Thu, 16 Jan 2025 12:44:10 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cav102.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Mon, 25 Jul 2022 15:38:39 GMT
etag: "62deb8ff-10be"
strict-transport-security: max-age=31536000
cache-control: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cav105.com/favicon.ico

45.145.72.132

200 OK

4.3 kB

URL GET HTTPS

cav105.com/favicon.ico

IP / ASN

45.145.72.132

#201106 Spartan Host Ltd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel

First Seen2024-02-24

Last Seen2025-08-05

Times Seen92

Size4.3 kB (4286 bytes)

MD579ca959796fd758988aa0acfb9952640

SHA18a8e7fa57c016b5cbc943faefc7c651e8959b0ce

SHA25601d4884a0070a4804680dc80361b4695aa48ca7b37eb6768127b17d9763464cb

Certificate Info

IssuerLet's Encrypt

Subjectcav101.xyz

FingerprintC5:DE:81:32:93:3C:C1:E0:12:46:6F:EF:42:A9:89:7B:6B:B7:E6:77

ValidityFri, 18 Oct 2024 12:44:11 GMT - Thu, 16 Jan 2025 12:44:10 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cav105.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Mon, 25 Jul 2022 15:38:39 GMT
etag: "62deb8ff-10be"
strict-transport-security: max-age=31536000
cache-control: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2

GET area51porn.net/favicon.ico

104.21.12.85

301 Moved Permanently

167 B

URL GET HTTPS

area51porn.net/favicon.ico

IP / ASN

104.21.12.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-05

Last Seen2025-03-02

Times Seen190492

Size167 B (167 bytes)

MD50104c301c5e02bd6148b8703d19b3a73

SHA17436e0b4b1f8c222c38069890b75fa2baf9ca620

SHA256446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

Certificate Info

IssuerGoogle Trust Services

Subjectarea51porn.net

Fingerprint23:5A:FF:F1:72:1A:2A:83:C4:DD:A3:19:F1:66:D4:B5:27:64:FA:59

ValidityMon, 21 Oct 2024 14:04:10 GMT - Sun, 19 Jan 2025 14:04:09 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: area51porn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: text/html
content-length: 167
location: https://area51.porn
cache-control: max-age=3600
expires: Sat, 07 Dec 2024 04:44:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XS%2F1wN8jUWwaoLkgdA2jKaXfZjykTbZDUFB8GVo0RRAJd8yTu%2F5WQG0Nff%2FHN1VbSY9%2FC5U72lJn%2FUhznH6n7nLhB%2BWjE82N3c1hb0AvFFQbrqD2NLAhAoG0BP5CoU%2BcTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1842558e2569b-OSL
X-Firefox-Spdy: h2

GET www.kwai.com/favicon.ico

23.33.119.170

200 OK

17 kB

URL GET HTTPS

www.kwai.com/favicon.ico

IP / ASN

23.33.119.170

#20940 Akamai International B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 64x64, 32 bits/pixel

First Seen2024-05-18

Last Seen2025-07-24

Times Seen173

Size17 kB (16958 bytes)

MD5321813c75370556d33e64ec8c26dea6d

SHA173c6f171c693e0005e2f7aae020d9a6f7652d375

SHA2565a5b31e72fbb8a672841e5511ffd511fb571cae9028a5395fd00196da7cf6c4c

Certificate Info

IssuerGlobalSign nv-sa

Subject*.kwai.com

Fingerprint79:B4:47:59:A1:C1:88:DD:61:AE:E7:5A:8E:99:CB:D6:16:20:E9:CC

ValidityTue, 30 Jul 2024 09:22:23 GMT - Sun, 31 Aug 2025 09:22:22 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.kwai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/x-icon
content-length: 16958
last-modified: Fri, 06 Dec 2024 03:56:12 GMT
etag: "675275dc-423e"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.mythad.com https://*.kwai-pro.com http://*.kwai-pro.com http://*.kwai.net https://*.kwai.net *.kwai.com *.snackvideo.in *.kwai.me *.kwai.app *.kwimgs.com *.yximgs.com *.cloudfront.net *.kuaishou.com https://*.gifshow.com http://*.gifshow.com https://log-sdk.ksapisrv.com https://www.googletagmanager.com https://gifshow-static.download.ks-cdn.com https://static3.avast.com https://translate.google.com https://www.gstatic.com https://fonts.gstatic.com https://connect.facebook.net www.google-analytics.com hm.baidu.com m.snackvideo.com http://*.ap4r.com https://*.ap4r.com https://*.typekit.net http://*.typekit.net ak-sgp-pic.snackvideo.in tx-sgp-pic.snackvideo.in ws-sgp-pic.snackvideo.in g-us-kampic.golden49.net g-us-kamcdn.golden49.net m.kwai.com sentry.kuaishou.com https://cdn.jsdelivr.net https://at.alicdn.com https://www.facebook.com https://snap.licdn.com https://px.ads.linkedin.com https://cdn.linkedin.oribi.io https://www.linkedin.com https://*.google.com https://*.google-analytics.com https://*.doubleclick.net asset: data: blob: android-webview-video-poster: ikwai: chrome-extension:;img-src http: https: asset: data: blob: android-webview-video-poster: ikwai: chrome-extension:;connect-src http: https: asset: data: blob: android-webview-video-poster: ikwai: chrome-extension:;report-uri https://csplog.kwai-pro.com/log/kwai/wwwkwai
accept-ranges: bytes
date: Sat, 07 Dec 2024 03:44:16 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
X-Firefox-Spdy: h2

GET porno-incest.tv/favicon.ico

185.162.11.82

200 OK

372 kB

URL GET HTTPS

porno-incest.tv/favicon.ico

IP / ASN

185.162.11.82

#207728 EUROHOSTER Ltd.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 7 icons, 256x256, 32 bits/pixel, -128x-128, 32 bits/pixel

First Seen2024-09-19

Last Seen2025-08-04

Times Seen20

Size372 kB (372526 bytes)

MD5f4833b4aea7ef8562a10e659bc983d14

SHA1204fd1431d3358669414f93b3a73677bc7fd7a6e

SHA256f38e62bbee076252a8f134c4f9e0e6150911d1fcf12221c794c49b86949f8576

Certificate Info

IssuerLet's Encrypt

Subjectporno-incest.tv

Fingerprint41:18:95:E9:74:97:78:68:04:30:E9:93:B9:E6:DA:0B:79:70:7C:BF

ValidityWed, 30 Oct 2024 00:22:51 GMT - Tue, 28 Jan 2025 00:22:50 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: porno-incest.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Dec 2024 03:44:15 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 372526
Connection: keep-alive
Last-Modified: Wed, 11 Mar 2020 09:33:46 GMT
ETag: "5af2e-5a090eedbf15f"
Accept-Ranges: bytes
Cache-Control: max-age=9720000

GET hotscope.tv/favicon.ico

51.83.238.19

200 OK

469 B

URL GET HTTPS

hotscope.tv/favicon.ico

IP / ASN

51.83.238.19

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2024-01-07

Last Seen2025-01-12

Times Seen37

Size469 B (469 bytes)

MD5aab9e7724139fc52aa417bce2b01a792

SHA11f338ea0eee12cfec95b2383f0bffc6fb7bdf8eb

SHA25664d1fba62f03a55c71df5cd99360dc6624dc834d3a7c839665b9ba71f93d891d

Certificate Info

IssuerLet's Encrypt

Subjecthotscope.tv

Fingerprint7C:51:3C:FB:53:1A:AC:73:83:A1:10:42:39:83:6F:B8:73:84:1E:9E

ValidityTue, 08 Oct 2024 04:25:27 GMT - Mon, 06 Jan 2025 04:25:26 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hotscope.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:16 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Strict-Transport-Security: max-age=63072000
X-Frame-Options: sameorigin
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 10 Jun 2021 13:28:52 GMT
ETag: W/"47e-179f61c7bd7"
Vary: Accept-Encoding
Content-Encoding: gzip

GET www.effedupmovies.com/favicon.ico

101.99.88.242

302 Found

0 B

URL GET HTTPS

www.effedupmovies.com/favicon.ico

IP / ASN

101.99.88.242

#45839 Shinjiru Technology Sdn Bhd

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjecteffedupmovies.com

Fingerprint7C:76:8E:FB:95:40:49:23:DF:F1:9B:9B:FE:6F:68:DE:CD:5E:7C:BF

ValidityTue, 05 Nov 2024 04:34:39 GMT - Mon, 03 Feb 2025 04:34:38 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.effedupmovies.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: text/html; charset=UTF-8
content-length: 0
vary: Accept-Encoding,Cookie
link: <https://www.effedupmovies.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://www.effedupmovies.com/wp-content/uploads/2020/04/cropped-EUM-32x32.png
x-powered-by: PHP/8.3.14, PleskLin
X-Firefox-Spdy: h2

GET www.campus-av.com/favicon.ico

188.114.96.1

200 OK

0 B

URL GET HTTPS

www.campus-av.com/favicon.ico

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectcampus-av.com

Fingerprint4F:9A:17:17:4B:FE:DA:1F:28:52:2E:22:30:C3:35:EE:6A:BB:23:0A

ValiditySat, 09 Nov 2024 12:30:23 GMT - Fri, 07 Feb 2025 12:30:22 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.campus-av.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/vnd.microsoft.icon
content-length: 0
last-modified: Wed, 13 Sep 2023 07:39:26 GMT
etag: "0-60538a8b22c78"
cache-control: max-age=172800
expires: Sat, 07 Dec 2024 08:02:24 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 93674
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s15gfr%2BvpXI67Z5CWujgSiCK2ZkVD6INcc9B7X96ZtwvTw3vJ3afz9HlLAvd2K1i91nQuZAi4N%2FYAjECCHV5mbilrLyYymW2NqBvuSW2DagM1JCw4xN2UNj%2F8SHb4sDOUZVucw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee18425ddf0568e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=466&min_rtt=411&rtt_var=109&sent=6&recv=11&lost=0&retrans=0&sent_bytes=3203&recv_bytes=1026&delivery_rate=7581151&cwnd=254&unsent_bytes=0&cid=66e87a02e7a1133d&ts=184&x=0"
X-Firefox-Spdy: h2

GET www.fmkorea.com/favicon.ico

93.184.223.182

301 Moved Permanently

166 B

URL GET HTTPS

www.fmkorea.com/favicon.ico

IP / ASN

93.184.223.182

#15133 EDGECAST

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-05

Last Seen2025-06-27

Times Seen17631

Size166 B (166 bytes)

MD53ea1c8d079b38532a6e01a96216ba5e2

SHA1598d3ff91d3e252f1e13df8cf0348b270ff2da3f

SHA25687a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

Certificate Info

IssuerGlobalSign nv-sa

Subject*.fmkorea.com

Fingerprint43:64:F9:03:3E:53:D3:11:A8:2B:17:F3:31:4B:83:11:5E:18:E8:FE

ValidityTue, 20 Aug 2024 07:13:03 GMT - Sun, 21 Sep 2025 07:13:02 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.fmkorea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=86400
content-type: text/html
date: Sat, 07 Dec 2024 03:44:16 GMT
expires: Sun, 08 Dec 2024 03:44:16 GMT
location: https://image.fmkorea.com/favicon.ico
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=415d7b58-f1a9-4aa6-9f06-7f05aeb31698&pop=ska"}]}
server: openresty
server-timing: edgio_cache;desc=TCP_MISS,edgio_pop;desc=ska,edgio_country;desc=NO
x-edg-mr: 204:0;204:2;
x-edg-version: 217 204 221 NA 2024-09-06T05:54:14Z 2ce255c5-e6d1-44cb-834f-7c6fcaf652cd
x-request-id: 1254313536986740072211705993162300239949
content-length: 166

GET www.thisav.com/favicon.ico

104.26.14.144

301 Moved Permanently

167 B

URL GET HTTPS

www.thisav.com/favicon.ico

IP / ASN

104.26.14.144

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-05

Last Seen2025-03-02

Times Seen190492

Size167 B (167 bytes)

MD50104c301c5e02bd6148b8703d19b3a73

SHA17436e0b4b1f8c222c38069890b75fa2baf9ca620

SHA256446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

Certificate Info

IssuerGoogle Trust Services

Subjectthisav.com

Fingerprint6E:DA:7C:E3:1D:50:D7:ED:8A:BA:05:3F:82:E8:82:D7:5D:62:0A:F4

ValiditySun, 24 Nov 2024 21:12:35 GMT - Sat, 22 Feb 2025 21:12:34 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.thisav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: text/html
content-length: 167
location: https://thisav.com/favicon.ico
cache-control: max-age=3600
expires: Sat, 07 Dec 2024 04:44:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sFda%2FpXYvBPvJnRz5rHSD9aX7DYppK%2B%2Bw7X%2FxQp8Cv3BMAZpWBWvm4YGbtsau7sBrqVq5NeHc55K%2FbMQ8CrOxZuZ9wTnQbG6PFIO%2BpVvHcI6uoxmsQy45Sl%2FSKeZw%2BhD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184274bd1712d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=712&min_rtt=470&rtt_var=443&sent=11&recv=16&lost=0&retrans=0&sent_bytes=5661&recv_bytes=1138&delivery_rate=8369942&cwnd=257&unsent_bytes=0&cid=269d65eca62d4831&ts=248&x=0"
X-Firefox-Spdy: h2

GET russkie.tv/favicon.ico

188.114.97.1

200 OK

2.0 kB

URL GET HTTPS

russkie.tv/favicon.ico

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2024-06-17

Last Seen2025-02-21

Times Seen5

Size2.0 kB (2031 bytes)

MD5ab78c1d624209eef107b7fc1cb487a1c

SHA14b93b322683bc8c4a258ce1b0bd3189292fb2931

SHA256b9b0614b93c3b76c2e2755516195f9f341821c2e7fda1c44bcee3dc84f84b2c1

Certificate Info

IssuerGoogle Trust Services

Subjectrusskie.tv

FingerprintF7:18:F1:F2:CD:80:4E:91:AA:A9:35:3E:4F:A9:22:24:1A:4E:49:B6

ValidityThu, 21 Nov 2024 08:27:14 GMT - Wed, 19 Feb 2025 08:27:13 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: russkie.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 13 Jan 2021 23:31:49 GMT
etag: W/"3c2e-5b8d08b0e90d9"
x-request-id: 62681d9cd0fd5d415dcd59560f890057
cache-control: max-age=14400
cf-cache-status: HIT
age: 2241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2BWZBJZE2k%2FYNUI3cRTExlxsTfc8IFrj0IMcJFYmLt0tZv4VdscL1uzN6DK6zix3s%2F%2F95i2hNGl87O5Z5pbf5u0dUOQLnFDgIz4bT3PO16eVgO64edn%2BKmIuoMuX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184263b42712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=861&min_rtt=395&rtt_var=856&sent=9&recv=11&lost=0&retrans=1&sent_bytes=3285&recv_bytes=1064&delivery_rate=8534381&cwnd=256&unsent_bytes=0&cid=cd6b74baa6009a84&ts=177&x=0"
X-Firefox-Spdy: h2

GET javp1.cc/https://img.caoliuzywimg.com:188/20230218/xRNpIOvB/1.jpg

172.67.162.226

404 Not Found

3.7 kB

URL GET HTTPS

javp1.cc/https://img.caoliuzywimg.com:188/20230218/xRNpIOvB/1.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text

First Seen2024-07-17

Last Seen2025-02-14

Times Seen40

Size3.7 kB (3707 bytes)

MD58b84299af6ecfda46caeec465e583926

SHA10c754ab8a0ab65b10030e7b7d5a67495ad6adc99

SHA2563890dbe7bb19792178e8f1fe940d43831ac81925f5e9276b687d7faa2e8a3c8d

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /https://img.caoliuzywimg.com:188/20230218/xRNpIOvB/1.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DLrAcu3bGgG7lFIEadlTY7bUcSHHVOpjA3tACePTHGlmcw06CGoEiLbs%2Bl8RjBVk9sPakDgN12Q0kMaUiKAFuau5iDkLA0vaF4vCpwPTf8FTvGluqOdpmMeDIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1840e9c07b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9932&min_rtt=4872&rtt_var=4863&sent=74&recv=78&lost=0&retrans=0&sent_bytes=16347&recv_bytes=6349&delivery_rate=51147&cwnd=12000&unsent_bytes=0&cid=5322974bcf27bca7&ts=2992&x=1", cfExtPri, cfHdrFlush;dur=0

GET realincestvideos.org/favicon.ico

172.67.128.128

200 OK

2.3 kB

URL GET HTTPS

realincestvideos.org/favicon.ico

IP / ASN

172.67.128.128

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2024-09-19

Last Seen2025-02-15

Times Seen4

Size2.3 kB (2290 bytes)

MD5fcfda1bc0e60b69b412594db81ae3ef1

SHA1f100db0ee3199fdab2c6f5b471f024336c20c9a1

SHA25695f34377709fd15034c6c333d4e069436f188c0f1b3588a1f156e0986db283ac

Certificate Info

IssuerGoogle Trust Services

Subjectrealincestvideos.org

Fingerprint68:37:55:EF:87:96:77:E7:14:3C:29:1E:3B:A8:89:0E:16:5B:3F:95

ValidityWed, 20 Nov 2024 16:58:02 GMT - Tue, 18 Feb 2025 16:58:01 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: realincestvideos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
last-modified: Fri, 09 Feb 2024 05:05:25 GMT
etag: W/"65c5b295-3c2e"
expires: Sun, 08 Dec 2024 04:32:36 GMT
cache-control: max-age=259200
cf-cache-status: HIT
age: 169899
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o2knDoICulmA4VbdyVP0Asw6xMPJHcJwqJJeiz0azN8QO2QbNXIq2igd3yFBmAk%2F8pLZXSd0CXMsHDnsOLupIb2ZXKCbxT8bT6n2K9NlIRKx4mPWN%2FLBTPRuR0wOyp%2F6iu7in05Ydg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18423aa8d569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14728&min_rtt=9917&rtt_var=12067&sent=52&recv=59&lost=0&retrans=0&sent_bytes=6285&recv_bytes=3827&delivery_rate=55878&cwnd=12000&unsent_bytes=0&cid=e99345807c134eb8&ts=4875&x=1", cfExtPri, cfHdrFlush;dur=0

GET xvideos.com/favicon.ico

185.88.181.7

200 OK

15 kB

URL GET HTTPS

xvideos.com/favicon.ico

IP / ASN

185.88.181.7

#46652 SERVERSTACK-ASN

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2023-05-07

Last Seen2025-08-05

Times Seen233

Size15 kB (15086 bytes)

MD5d6baf7b631c1e482b6e2f770f9e67057

SHA173eb49e766e5954e1ad9538cc35038b9f14494b9

SHA256fa1ee8d05ad6dfa0731ee0d37badfd019cc3315e6d3b9ca1ae161cee4749481b

Certificate Info

IssuerSectigo Limited

Subject*.xvideos.com

Fingerprint2C:4F:6C:92:E4:3F:3E:7B:FD:E2:28:A6:4C:76:4E:23:82:C0:B3:5B

ValiditySun, 21 Jan 2024 00:00:00 GMT - Mon, 27 Jan 2025 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xvideos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 07 Dec 2024 03:44:16 GMT
Content-Type: image/x-icon
Content-Length: 15086
Last-Modified: Mon, 09 Oct 2023 14:43:32 GMT
ETag: "65241194-3aee"
Expires: Sat, 14 Dec 2024 03:44:16 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
Server: nginx

GET dojki.biz/favicon.ico

207.180.194.251

200 OK

15 kB

URL GET HTTPS

dojki.biz/favicon.ico

IP / ASN

207.180.194.251

#51167 Contabo GmbH

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2023-08-25

Last Seen2025-07-31

Times Seen39

Size15 kB (15406 bytes)

MD57d6415bb184f1d77dd1e843cdf5b9fa3

SHA10dee5c9eb8b1780e077943c3026e1f340afe7eb4

SHA256b503efa2af1d50a20c11fe0516f31897c431dbd9e1ebb62d6693560b68d2c2a7

Certificate Info

IssuerLet's Encrypt

Subjectdojki.biz

Fingerprint0E:96:24:5C:0E:26:4A:29:16:86:F4:3A:D5:B1:75:EF:6A:7C:9A:C0

ValiditySun, 01 Dec 2024 05:02:36 GMT - Sat, 01 Mar 2025 05:02:35 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dojki.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Dec 2024 03:44:16 GMT
Content-Type: image/x-icon
Content-Length: 15406
Last-Modified: Sun, 05 Apr 2020 08:24:42 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5e8995ca-3c2e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

GET cacrz.4jpg.top/AV4.us.jpg

104.21.77.220

200 OK

8.7 kB

URL GET HTTPS

cacrz.4jpg.top/AV4.us.jpg

IP / ASN

104.21.77.220

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3

First Seen2024-04-16

Last Seen2025-08-05

Times Seen1698

Size8.7 kB (8741 bytes)

MD5edfe007a6e5b3d268b2528f564b60b43

SHA11644c8ef97c871079e07e5079d613af5cb94052f

SHA256bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390

Certificate Info

IssuerGoogle Trust Services

Subject4jpg.top

FingerprintC4:37:E6:09:C5:3C:99:D3:7D:3F:90:98:D9:5E:80:F2:A7:C8:D2:F4

ValidityTue, 29 Oct 2024 17:25:21 GMT - Mon, 27 Jan 2025 17:25:20 GMT

HTTP Headers

GET /AV4.us.jpg HTTP/1.1
Host: cacrz.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/jpeg
content-length: 8741
etag: "2225-5499bcea176c0"
access-control-allow-origin: *
access-control-allow-headers: Cake
ahost: RZ
cache-control: public, max-age=3600000
cf-cache-status: HIT
age: 959574
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bi7LBrZfmVnQc%2BCQHF4QxH7kdKu3wzyKLYUUKAcjzI3tk1XppAWV0EPpks2GOJLPQdCzk48H7rW787rm5ot19jQyrvA5bEqfsBi8c9xvxRl7KNPhYWghcOpSaqpS6Fu%2Fsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18428e967712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25155&min_rtt=4925&rtt_var=16949&sent=31&recv=26&lost=0&retrans=0&sent_bytes=14293&recv_bytes=2318&delivery_rate=8738&cwnd=12000&unsent_bytes=0&cid=755d8ef9581f976d&ts=5236&x=1", cfExtPri, cfHdrFlush;dur=0

GET savsp.cc/favicon.ico

82.192.82.226

429 Too Many Requests

17 B

URL GET HTTPS

savsp.cc/favicon.ico

IP / ASN

82.192.82.226

#60781 LeaseWeb Netherlands B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeASCII text, with no line terminators

First Seen2023-04-07

Last Seen2025-08-02

Times Seen3442

Size17 B (17 bytes)

MD5eeb13468b73d93fa8bcbe3ebae6df720

SHA11f55c90d5ce61c6447e923443d496b137be35c63

SHA256802600d124464157037a2519acb3cff90b97670fd04809ea902fbb95497a12ca

Certificate Info

IssuerLet's Encrypt

Subjectsavsp.cc

FingerprintFE:B7:F1:3B:F2:9B:7F:24:08:9D:1E:C8:10:97:FE:1F:4C:71:F7:3A

ValidityFri, 06 Dec 2024 08:52:43 GMT - Thu, 06 Mar 2025 08:52:42 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: savsp.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 429 Too Many Requests
cache-control: max-age=0, private, must-revalidate
content-length: 17
date: Sat, 07 Dec 2024 03:44:16 GMT
server: Cowboy
set-cookie: sid=8896bbf3-b44d-11ef-b5b6-43be67bb061e; path=/; domain=.savsp.cc; expires=Thu, 25 Dec 2092 06:58:23 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

GET en.vidmo.org/favicon.ico

89.248.193.244

200 OK

5.4 kB

URL GET HTTPS

en.vidmo.org/favicon.ico

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2023-05-05

Last Seen2025-08-05

Times Seen232

Size5.4 kB (5430 bytes)

MD56b6734885d5e4ff9dbb7d82ba6023598

SHA13c454d68a346b375ed7b59a131699061e7393b1f

SHA2560f8e5edd4348eaa11881bf6150baf7b3182b1c3e29c6378e0e921afce7d91819

Certificate Info

IssuerZeroSSL

Subjectvidmo.org

Fingerprint17:AA:D5:06:B9:61:78:84:4A:5D:88:6B:FA:83:27:B7:0B:29:A2:E3

ValiditySun, 03 Nov 2024 00:00:00 GMT - Sat, 01 Feb 2025 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: en.vidmo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/x-icon
content-length: 5430
last-modified: Sun, 14 Oct 2012 21:41:38 GMT
etag: "507b3192-1536"
cache-control: public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2

GET image.fmkorea.com/favicon.ico

93.184.223.182

200 OK

5.4 kB

URL GET HTTPS

image.fmkorea.com/favicon.ico

IP / ASN

93.184.223.182

#15133 EDGECAST

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2023-06-19

Last Seen2025-07-23

Times Seen113

Size5.4 kB (5430 bytes)

MD5a4e85075323c5ea4b41174d9f0ca8c73

SHA127cb97e78069873dc120f3a612393f576512ff62

SHA256691a23d5365d95fc972e04a1eb3254a247883cd49494ebadaa02477c8bb8b783

Certificate Info

IssuerGlobalSign nv-sa

Subject*.fmkorea.com

Fingerprint43:64:F9:03:3E:53:D3:11:A8:2B:17:F3:31:4B:83:11:5E:18:E8:FE

ValidityTue, 20 Aug 2024 07:13:03 GMT - Sun, 21 Sep 2025 07:13:02 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: image.fmkorea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 7940873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=31536000
content-type: image/x-icon
date: Sat, 07 Dec 2024 03:44:17 GMT
etag: "5c3b4297-1536"
expires: Sun, 07 Dec 2025 03:44:17 GMT
last-modified: Sun, 13 Jan 2019 13:52:23 GMT
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=415d7b58-f1a9-4aa6-9f06-7f05aeb31698&pop=ska"}]}
server: ECAcc (ska/F7B7)
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=ska,edgio_country;desc=NO
strict-transport-security: max-age=3600; includeSubDomains; preload
x-cache: HIT
x-edg-mr: 204:0;204:1;
x-edg-version: 217 204 221 NA 2024-09-06T05:54:14Z 2ce255c5-e6d1-44cb-834f-7c6fcaf652cd
x-request-id: 12886005933117350049305910160719593614
content-length: 5430

GET recordtv.r7.com/favicon.ico

23.45.147.146

301 Moved Permanently

0 B

URL GET HTTPS

recordtv.r7.com/favicon.ico

IP / ASN

23.45.147.146

#16625 AKAMAI-AS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerDigiCert Inc

Subject*.r7.com

Fingerprint51:E5:82:03:1B:7E:0A:61:3F:48:99:03:D1:77:0D:E5:33:40:39:36

ValidityMon, 15 Jul 2024 00:00:00 GMT - Thu, 17 Jul 2025 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: recordtv.r7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://record.r7.com/favicon.ico/
Date: Sat, 07 Dec 2024 03:44:17 GMT
Connection: keep-alive

GET rule34porn.net/web/cropped-fav-1-32x32.png

172.67.132.222

200 OK

897 B

URL GET HTTPS

rule34porn.net/web/cropped-fav-1-32x32.png

IP / ASN

172.67.132.222

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

First Seen2024-10-06

Last Seen2025-03-21

Times Seen8

Size897 B (897 bytes)

MD577ef1e0d8d3c1b231b0c41951d71abad

SHA1804f9bc35ab726032df24b2cd0d4f11ace8403f5

SHA256fca216bb1ff2fc82f61a8a4419ea62c44f45fa6fa2afd405d59db8e65dc578fe

Certificate Info

IssuerGoogle Trust Services

Subjectrule34porn.net

Fingerprint14:34:D6:7B:67:DC:A2:11:E1:0E:26:AA:61:A4:35:4A:24:95:D5:FD

ValidityMon, 18 Nov 2024 05:23:48 GMT - Sun, 16 Feb 2025 05:23:47 GMT

HTTP Headers

GET /web/cropped-fav-1-32x32.png HTTP/1.1
Host: rule34porn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/png
content-length: 897
x-accel-version: 0.01
last-modified: Wed, 20 Dec 2023 10:48:20 GMT
etag: "381-60ceeb8b0a4bb"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 07 Dec 2025 03:44:17 GMT
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NT8SDR2E9zB5MBtXAmn069C4YmpGSVooQ2UN1O0nWfIN%2FthYvSyTrAlUAgWi9UEJ2CWCvbZhwWz7h1it7wNSUPZ0NnpObFlDSXRdYgF7yshT0Ur6Ur1adHS39cTsVhxYKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1842a8e3656bf-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16942&min_rtt=4090&rtt_var=11162&sent=49&recv=61&lost=0&retrans=0&sent_bytes=6936&recv_bytes=4142&delivery_rate=275&cwnd=12000&unsent_bytes=0&cid=b3c1972e9cd04d78&ts=6741&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.xvideos.com/favicon.ico

185.88.181.11

200 OK

15 kB

URL GET HTTPS

www.xvideos.com/favicon.ico

IP / ASN

185.88.181.11

#46652 SERVERSTACK-ASN

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2023-05-07

Last Seen2025-08-05

Times Seen233

Size15 kB (15086 bytes)

MD5d6baf7b631c1e482b6e2f770f9e67057

SHA173eb49e766e5954e1ad9538cc35038b9f14494b9

SHA256fa1ee8d05ad6dfa0731ee0d37badfd019cc3315e6d3b9ca1ae161cee4749481b

Certificate Info

IssuerSectigo Limited

Subject*.xvideos.com

Fingerprint2C:4F:6C:92:E4:3F:3E:7B:FD:E2:28:A6:4C:76:4E:23:82:C0:B3:5B

ValiditySun, 21 Jan 2024 00:00:00 GMT - Mon, 27 Jan 2025 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.xvideos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 07 Dec 2024 03:44:17 GMT
Content-Type: image/x-icon
Content-Length: 15086
Last-Modified: Mon, 09 Oct 2023 14:43:32 GMT
ETag: "65241194-3aee"
Expires: Sat, 14 Dec 2024 03:44:17 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
Server: nginx

GET savsq.com/favicon.ico

23.225.183.189

200 OK

317 B

URL GET HTTPS

savsq.com/favicon.ico

IP / ASN

23.225.183.189

#40065 CNSERVERS

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

First Seen2024-05-18

Last Seen2025-07-13

Times Seen48

Size317 B (317 bytes)

MD59faaf9ec3c64419a98f0171d30788832

SHA17cfd0139434fc6b4405da2399e18c6dad491026d

SHA2563e5dffb92459dc10edb044ea8a7db6c29149515a9a13c392fae01108ca48464b

Certificate Info

IssuerLet's Encrypt

Subjectsavaa.cc

Fingerprint00:E4:40:20:89:1C:12:03:47:D3:2F:BB:D5:41:EA:F7:8D:57:5A:7D

ValidityMon, 18 Nov 2024 03:45:31 GMT - Sun, 16 Feb 2025 03:45:30 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: savsq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
content-length: 317
last-modified: Tue, 02 Jan 2024 16:25:55 GMT
etag: "65943913-13d"
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
cache-control: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.wmur.com/favicon.ico

151.101.65.55

451 Unavailable For Legal Reasons

278 B

URL GET HTTPS

www.wmur.com/favicon.ico

IP / ASN

151.101.65.55

#54113 FASTLY

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text

First Seen2023-09-02

Last Seen2025-04-28

Times Seen9

Size278 B (278 bytes)

MD588e3f7e390984d76b2bb5ab899ec74d7

SHA122e3f28d1007f6bcceba2b6a55e3b1100e40232b

SHA2564ad7545e056586a3b5974fdae251aebe21ba343bcda77a2822361278f2e59380

Certificate Info

IssuerGlobalSign nv-sa

Subject*.4029tv.com

Fingerprint74:71:E3:2A:32:E6:20:01:21:C6:A0:33:7C:5A:A7:FE:4D:D8:7A:CB

ValidityMon, 25 Nov 2024 19:58:57 GMT - Sat, 27 Dec 2025 19:58:56 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.wmur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 451 Unavailable For Legal Reasons
server: Varnish
retry-after: 0
content-type: text/html
accept-ranges: bytes
date: Sat, 07 Dec 2024 03:44:17 GMT
via: 1.1 varnish
referer-host: 
referer-scheme: 
referer-domain: 
content-security-policy: frame-ancestors 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: cache-hel1410022-HEL
x-cache: MISS
x-cache-hits: 0
content-length: 278
X-Firefox-Spdy: h2

GET fapdig.com/favicon.ico

104.21.6.130

301 Moved Permanently

695 B

URL GET HTTPS

fapdig.com/favicon.ico

IP / ASN

104.21.6.130

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typedata

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size695 B (695 bytes)

MD566c63a7488e5950691c2f96674bc6ca7

SHA1d70faa771195fabc1a72c150d2e543d6548886c9

SHA2562593afd29a806fa13b2bba35756d95b1dbfbb2dd1a90e4cb86a255ccc13bb64f

Certificate Info

IssuerGoogle Trust Services

Subjectfapdig.com

Fingerprint3D:E1:B1:4D:BD:9F:ED:36:05:28:1A:3C:A6:02:EE:0E:85:BA:67:2A

ValidityThu, 21 Nov 2024 13:40:59 GMT - Wed, 19 Feb 2025 13:40:58 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: fapdig.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: text/html; charset=UTF-8
location: https://fapdig.com/faviconico/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: BYPASS
set-cookie: ASPro_1382933ca042bef776e8100bd5eb8ac5=vjv93eij31phieo997m3iqdtu7; path=/
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mTQcpKO5OphdF34uQk8DQ6aL3TkHQWhr3YePb9R2fzXGS%2FjEt57GMw95KJZo%2BWvOx2fUrd3uzw9%2FSivlYY%2BC0qEd%2BzhI0kjYpPifZctcFfxaA9KqFRxUlACJKDIn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184230b7756ab-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28214&min_rtt=6033&rtt_var=21500&sent=49&recv=71&lost=0&retrans=0&sent_bytes=6099&recv_bytes=4449&delivery_rate=93217&cwnd=12000&unsent_bytes=0&cid=cae23007005d8489&ts=5969&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.youjizz.com/favicon.ico

66.254.114.242

200 OK

4.3 kB

URL GET HTTPS

www.youjizz.com/favicon.ico

IP / ASN

66.254.114.242

#29789 REFLECTED

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel

First Seen2023-07-17

Last Seen2025-08-05

Times Seen237

Size4.3 kB (4286 bytes)

MD5cd65da5df2a2cfd472a198524ec61296

SHA1e51ea1800eec5985026a37498f4aa7044c757d04

SHA256321ac040acb1c782abf632960125319b8925361510e13b1a9dfd904a9e733515

Certificate Info

IssuerSectigo Limited

Subject*.youjizz.com

Fingerprint27:54:6C:0C:5B:70:1D:77:94:86:37:FF:6C:FB:F2:18:15:90:4B:CC

ValidityMon, 25 Dec 2023 00:00:00 GMT - Mon, 06 Jan 2025 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.youjizz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Tue, 25 Feb 2020 06:57:19 GMT
etag: "5e54c54f-10be"
accept-ranges: bytes
set-cookie: RNLBSERVERID=ded6731; path=/
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2

GET www.twi-videos.net/favicon.ico

172.67.181.85

301 Moved Permanently

167 B

URL GET HTTPS

www.twi-videos.net/favicon.ico

IP / ASN

172.67.181.85

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-05

Last Seen2025-03-02

Times Seen190492

Size167 B (167 bytes)

MD50104c301c5e02bd6148b8703d19b3a73

SHA17436e0b4b1f8c222c38069890b75fa2baf9ca620

SHA256446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

Certificate Info

IssuerGoogle Trust Services

Subjecttwi-videos.net

FingerprintCD:C2:D1:81:6B:17:D2:E3:52:3C:0E:01:C4:2D:D3:BC:DF:57:75:A7

ValiditySun, 27 Oct 2024 09:23:08 GMT - Sat, 25 Jan 2025 09:23:07 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.twi-videos.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: text/html
content-length: 167
location: https://www.twi-dl.net/favicon.ico
cache-control: max-age=3600
expires: Sat, 07 Dec 2024 04:44:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I6jFJb5EeFeouy4JaoJGEUC3DvzSnyWelKWdNPB9%2B9M0G9UYnz4zvj2TLc6Otv2L3R3GQn2f76cXuFjYFH41VTxyx8w7XFBFhBDz3kbwrame%2Fv1%2B59yKk9sk25BrC7cc3s7tv30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1842c2ba65699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=454&min_rtt=379&rtt_var=118&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3210&recv_bytes=1027&delivery_rate=7288590&cwnd=254&unsent_bytes=0&cid=063afe71d8284946&ts=772&x=0"
X-Firefox-Spdy: h2

GET teensexadd.com/favicon.ico

173.214.250.4

404 Not Found

150 B

URL GET HTTPS

teensexadd.com/favicon.ico

IP / ASN

173.214.250.4

#15317 SERVEREL-AS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-05

Last Seen2025-08-06

Times Seen11706

Size150 B (150 bytes)

MD5597ba0d4396e9c906225140ce907092c

SHA128ae2ba65ccdb583d79f85b8cc9509fae697493b

SHA256ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6

Certificate Info

IssuerLet's Encrypt

Subjectteensexadd.com

Fingerprint23:88:78:81:D8:E0:D9:79:DD:02:2E:C9:8C:BD:FA:10:D3:D9:72:33

ValiditySat, 09 Nov 2024 23:08:25 GMT - Fri, 07 Feb 2025 23:08:24 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: teensexadd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: openresty
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: text/html; charset=utf-8
content-length: 150
X-Firefox-Spdy: h2

GET www.sesez.com/favicon.ico

188.114.96.1

200 OK

3.8 kB

URL GET HTTPS

www.sesez.com/favicon.ico

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 64x64, 32 bits/pixel

First Seen2024-05-10

Last Seen2024-12-07

Times Seen5

Size3.8 kB (3786 bytes)

MD537b12c4f183ce1a27f8218fd440ffa5a

SHA10e3aae0cc6d32569d8bc5c4eaec1e1735f108975

SHA25608447af43d734bc1bfac082fcd405713df2b3ee4b3ed1093d9129e4b90b58c4d

Certificate Info

IssuerGoogle Trust Services

Subjectsesez.com

Fingerprint82:15:77:1E:5B:25:0E:4C:36:4A:2F:0C:08:C4:25:E1:54:5F:5C:2C

ValidityFri, 06 Dec 2024 12:32:24 GMT - Thu, 06 Mar 2025 12:32:23 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.sesez.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
access-control-allow-headers: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
etag: W/"62f795f4-423e"
last-modified: Sat, 13 Aug 2022 12:15:48 GMT
x-cache: UPDATING
cache-control: max-age=14400
cf-cache-status: HIT
age: 1012
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7wpGcRI%2BpgGo6l8RNtp1fa1B%2BsIzu6kpMTXZ9aHJ6Ntyd3HwWn4EXArJLlXrPY%2FooQjCOWkxvyWxcTQJ6H0eO9qjYbOcm8g4IoUCGCrrrX%2BEWZJ9Ac555U%2B29vIDNfz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1842c5fa2b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=458&min_rtt=384&rtt_var=125&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3191&recv_bytes=1023&delivery_rate=7451114&cwnd=253&unsent_bytes=0&cid=624810a717f5f989&ts=758&x=0"
X-Firefox-Spdy: h2

GET javp1.cc/https://img.caoliuzywimg.com:188/20230218/xRNpIOvB/1.jpg

172.67.162.226

404 Not Found

1.9 kB

URL GET HTTPS

javp1.cc/https://img.caoliuzywimg.com:188/20230218/xRNpIOvB/1.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, Unicode text, UTF-8 text

First Seen2024-07-17

Last Seen2025-02-14

Times Seen40

Size1.9 kB (1895 bytes)

MD58b84299af6ecfda46caeec465e583926

SHA10c754ab8a0ab65b10030e7b7d5a67495ad6adc99

SHA2563890dbe7bb19792178e8f1fe940d43831ac81925f5e9276b687d7faa2e8a3c8d

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /https://img.caoliuzywimg.com:188/20230218/xRNpIOvB/1.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGHJMo0dopph97BjYXCzt6rOxPCjo2dElDg3nTNvoUhklO63MFv7zEs4VFXgsFWJ%2BT%2BNo2NtlU%2BXNwrWIqR1XAWQUd9aGXN5BZLRChV7lXn3u%2BoekId0uJVGsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183fb69545685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4081&min_rtt=429&rtt_var=5753&sent=12&recv=14&lost=0&retrans=1&sent_bytes=6148&recv_bytes=1318&delivery_rate=6416543&cwnd=254&unsent_bytes=0&cid=40ea2862d3916f43&ts=2566&x=0"
X-Firefox-Spdy: h2

GET hotntubes.com/favicon.ico

117.55.203.10

200 OK

1.2 kB

URL GET HTTPS

hotntubes.com/favicon.ico

IP / ASN

117.55.203.10

#3920 ESTOXY OU

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2024-08-01

Last Seen2025-07-27

Times Seen20

Size1.2 kB (1150 bytes)

MD501d35ba14a4c678a48ac59e8d6fa7856

SHA1d976fb49c74201cbc0cdab1bf0c38a07b060ec7c

SHA256f41cbf399a225da06e1d5d00507d65ad6a97d2be1786513e0cdf4dc09e04afeb

Certificate Info

IssuerZeroSSL

Subjecthotntubes.com

Fingerprint16:CC:34:DE:78:5E:A8:8E:15:26:CE:D5:5A:63:39:FC:F7:DF:13:F8

ValiditySun, 17 Nov 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hotntubes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Dec 2024 03:44:17 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Nov 2021 15:16:50 GMT
Connection: keep-alive
ETag: "6193cb62-47e"
Expires: Mon, 06 Jan 2025 03:44:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

GET www.twi-dl.net/favicon.ico

188.114.97.1

200 OK

3.3 kB

URL GET HTTPS

www.twi-dl.net/favicon.ico

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 48x42, 32 bits/pixel

First Seen2023-12-16

Last Seen2025-06-20

Times Seen13

Size3.3 kB (3328 bytes)

MD515cb7752b698d4e7a9bc373f7e0778ae

SHA158eb4b1ad83d0b2178a5abe5c6771e7d5df28476

SHA2561e99eb690e8e97e4e22bcfad8185db29a2ca8570051585496fb18f4d4acf66ca

Certificate Info

IssuerGoogle Trust Services

Subjecttwi-dl.net

Fingerprint92:CA:72:B0:7F:C9:01:B8:94:26:82:2E:5B:A2:81:98:3D:40:1C:DB

ValidityFri, 08 Nov 2024 13:27:56 GMT - Thu, 06 Feb 2025 13:27:55 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.twi-dl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/vnd.microsoft.icon
last-modified: Sun, 04 Jul 2021 15:15:26 GMT
etag: W/"210e-5c64da88abf80"
cache-control: max-age=14400
cf-cache-status: HIT
age: 874
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KmmKnf%2FjTZLDS9BdUNhNao1dIYgcEnPKNS%2B3f75LC700ujiudjQqvmq1RcxqdNqjZ0uZRYODgC9BMMKz%2BVXLcpu3BOehaZFDhro%2FO60EBrhLAYjW9UhHOCKfVt9mdVG60g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1842d7d1156a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=487&min_rtt=408&rtt_var=110&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3193&recv_bytes=1098&delivery_rate=7463917&cwnd=254&unsent_bytes=0&cid=cf85163781994241&ts=917&x=0"
X-Firefox-Spdy: h2

GET periteen.com/favicon.ico

195.35.15.48

404 Not Found

912 B

URL GET HTTPS

periteen.com/favicon.ico

IP / ASN

195.35.15.48

#47583 Hostinger International Limited

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with very long lines (355)

First Seen2023-03-07

Last Seen2025-08-05

Times Seen6396

Size912 B (912 bytes)

MD5e53fdf76753edcd8773ab17ae968bfd6

SHA14bea38cd83442080bdf51cd1db206715f9198955

SHA2563d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Certificate Info

IssuerLet's Encrypt

Subjectperiteen.com

Fingerprint6F:E0:0D:3A:FE:E8:4F:BE:F0:85:2F:6D:41:05:52:69:54:86:DC:C3

ValidityFri, 11 Oct 2024 02:50:03 GMT - Thu, 09 Jan 2025 02:50:02 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: periteen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html
last-modified: Fri, 17 Nov 2023 04:20:05 GMT
etag: "999-6556e9f5-a2daf18081b686f9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 912
date: Sat, 07 Dec 2024 03:44:17 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

GET motherless.com/favicon.ico

185.107.81.234

200 OK

1.2 kB

URL GET HTTPS

motherless.com/favicon.ico

IP / ASN

185.107.81.234

#43350 NForce Entertainment B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2023-05-25

Last Seen2025-08-05

Times Seen277

Size1.2 kB (1150 bytes)

MD571fed71dccb91a13bdf68a6444f25ce4

SHA138da7202842147ecda5521d50f094a54d1381f2c

SHA25618f6675d329e6cb3bb7d7d1e546a1c68c5cc599f1b3ae98c2abbd21a53dc42c2

Certificate Info

IssuerGoGetSSL

Subject*.motherless.com

Fingerprint91:ED:C0:91:51:B7:52:31:38:BB:48:DC:64:31:32:81:FB:98:A0:92

ValidityWed, 06 Mar 2024 00:00:00 GMT - Sun, 06 Apr 2025 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: motherless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Dec 2024 03:44:17 GMT
Content-Type: image/x-icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Thu, 20 Apr 2023 06:59:04 GMT
ETag: "6440e2b8-47e"
X-Server-W: web805
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Status: HIT
Accept-Ranges: bytes

GET xvideosporno.blog.br/favicon.ico

104.26.10.106

200 OK

1.9 kB

URL GET HTTPS

xvideosporno.blog.br/favicon.ico

IP / ASN

104.26.10.106

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typegzip compressed data, from Unix

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size1.9 kB (1889 bytes)

MD5e43d240fc28061e0c53e2d5a8f1adbdf

SHA16108d3971185aebd6ff757818b714a9e908f6d56

SHA2567e39eb681b7de1ffcbae9fd6a8d1d491daef2db49cc0786caf093acf8f5019a1

Certificate Info

IssuerLet's Encrypt

Subjectxvideosporno.blog.br

FingerprintC2:CA:22:3A:4B:7A:BC:60:68:FB:90:96:38:72:A1:AF:2B:0F:6F:0F

ValiditySun, 24 Nov 2024 21:26:03 GMT - Sat, 22 Feb 2025 21:26:02 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xvideosporno.blog.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
last-modified: Sun, 25 Aug 2024 01:47:34 GMT
vary: Accept-Encoding
etag: W/"66ca8d36-25be"
content-encoding: gzip
age: 4411
x-cache: MISS
x-cache-hits: 0
cache-control: max-age=432000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BiA%2BJMdwatlsjALdGdqq1sNDMTMYxHs8RrRve9we3uKhX%2BnyHlb5mryEYtXdSKG8rVeBdOABwIXboYmXeIvkBhH0cqF08WNAwzvxBc5pefTFve54XyrTSvxv7AHqnbWsjwgFIH9G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee18422fb8d56c1-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1786&min_rtt=414&rtt_var=2266&sent=26&recv=12&lost=0&retrans=0&sent_bytes=29487&recv_bytes=1180&delivery_rate=7161563&cwnd=253&unsent_bytes=0&cid=23eeb92e7d8a34c4&ts=8369&x=0"
X-Firefox-Spdy: h2

GET vidmo.org/favicon.ico

89.248.193.244

200 OK

5.4 kB

URL GET HTTPS

vidmo.org/favicon.ico

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2023-05-05

Last Seen2025-08-05

Times Seen232

Size5.4 kB (5430 bytes)

MD56b6734885d5e4ff9dbb7d82ba6023598

SHA13c454d68a346b375ed7b59a131699061e7393b1f

SHA2560f8e5edd4348eaa11881bf6150baf7b3182b1c3e29c6378e0e921afce7d91819

Certificate Info

IssuerZeroSSL

Subjectvidmo.org

Fingerprint17:AA:D5:06:B9:61:78:84:4A:5D:88:6B:FA:83:27:B7:0B:29:A2:E3

ValiditySun, 03 Nov 2024 00:00:00 GMT - Sat, 01 Feb 2025 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: vidmo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
content-length: 5430
last-modified: Sun, 14 Oct 2012 21:41:38 GMT
etag: "507b3192-1536"
cache-control: public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.worldsex.com/favicon.ico

66.254.98.132

200 OK

1.4 kB

URL GET HTTPS

www.worldsex.com/favicon.ico

IP / ASN

66.254.98.132

#29789 REFLECTED

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 8 bits/pixel

First Seen2023-06-18

Last Seen2025-08-05

Times Seen14

Size1.4 kB (1406 bytes)

MD5be02ab00873fe6a91cb7cb446de6cdbe

SHA15cca4b7e6363fa5c1552f67d65562fc43e620e44

SHA256b062f135e69c6b1d08ea0b36ca956b897808a692f28c93c4d8ae14a81b224c43

Certificate Info

IssuerLet's Encrypt

Subjectworldsex.com

Fingerprint47:A9:BD:9D:A2:6E:46:C3:0E:9F:C7:80:D3:EE:32:63:75:0A:1F:C9

ValidityFri, 18 Oct 2024 16:20:21 GMT - Thu, 16 Jan 2025 16:20:20 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.worldsex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
content-length: 1406
last-modified: Tue, 22 Nov 2016 10:10:26 GMT
etag: "58341992-57e"
x-frame-options: SAMEORIGIN
expires: Tue, 07 Jan 2025 03:44:17 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2

GET xnxx-xxx.pro/favicon.ico

162.251.108.20

200 OK

1.2 kB

URL GET HTTPS

xnxx-xxx.pro/favicon.ico

IP / ASN

162.251.108.20

#32338 HOSTISERVER

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2024-12-07

Last Seen2025-07-22

Times Seen7

Size1.2 kB (1150 bytes)

MD55ab64965a04b184e3a6093ca17be910a

SHA16f7236e7a35ceba437053d752d7e453f04423336

SHA256d31a128357a8a95cb83c88cbd27685aab87c69f3f19ac96d27032caf8155a3ef

Certificate Info

IssuerLet's Encrypt

Subjectwww.xnxx-xxx.pro

FingerprintF4:49:8A:34:49:E3:5B:EC:7B:79:BC:90:B4:9D:CB:F1:A0:01:C8:14

ValidityWed, 27 Nov 2024 09:16:39 GMT - Tue, 25 Feb 2025 09:16:38 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xnxx-xxx.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 12 Feb 2021 13:45:49 GMT
etag: "6026868d-47e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=63072000;
accept-ranges: bytes
X-Firefox-Spdy: h2

GET x-xx.pro/favicon.ico

185.73.221.144

200 OK

1.2 kB

URL GET HTTPS

x-xx.pro/favicon.ico

IP / ASN

185.73.221.144

#32338 HOSTISERVER

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2023-05-30

Last Seen2025-08-02

Times Seen43

Size1.2 kB (1150 bytes)

MD54b3ee4f4a3f61a7c0c17b86ccf3bfc35

SHA1051526763921be02cfc745ce18595956032a018d

SHA2561a71bdc24fb78bb89b79a5e5cfc1b3404808d68098959c42bb4bcc0d42201f8b

Certificate Info

IssuerLet's Encrypt

Subjectwww.x-xx.pro

Fingerprint4D:98:1A:AE:EC:BD:2B:4A:3C:F9:1D:55:93:29:9B:19:89:5F:15:EB

ValiditySun, 24 Nov 2024 09:21:32 GMT - Sat, 22 Feb 2025 09:21:31 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: x-xx.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 11 Dec 2020 08:09:32 GMT
etag: "5fd3293c-47e"
expires: Sat, 14 Dec 2024 03:44:18 GMT
cache-control: max-age=604800
strict-transport-security: max-age=63072000;
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.savdz.com/favicon.ico

23.225.183.189

200 OK

317 B

URL GET HTTPS

www.savdz.com/favicon.ico

IP / ASN

23.225.183.189

#40065 CNSERVERS

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

First Seen2024-05-18

Last Seen2025-07-13

Times Seen48

Size317 B (317 bytes)

MD59faaf9ec3c64419a98f0171d30788832

SHA17cfd0139434fc6b4405da2399e18c6dad491026d

SHA2563e5dffb92459dc10edb044ea8a7db6c29149515a9a13c392fae01108ca48464b

Certificate Info

IssuerLet's Encrypt

Subjectsavaa.cc

Fingerprint00:E4:40:20:89:1C:12:03:47:D3:2F:BB:D5:41:EA:F7:8D:57:5A:7D

ValidityMon, 18 Nov 2024 03:45:31 GMT - Sun, 16 Feb 2025 03:45:30 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.savdz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: image/x-icon
content-length: 317
last-modified: Tue, 02 Jan 2024 16:25:55 GMT
etag: "65943913-13d"
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
cache-control: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.topasiansporn.com/favicon.ico

46.229.174.195

404 Not Found

614 B

URL GET HTTPS

www.topasiansporn.com/favicon.ico

IP / ASN

46.229.174.195

#39572 DataWeb Global Group B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typegzip compressed data, from Unix

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size614 B (614 bytes)

MD5c354b3190b0aa632206218340ffc6bce

SHA1aa0e0c935ea4d8b2d0221ec02a306ed434869dbb

SHA25620d857c4d86efe037af92c6a3c96d0873db69e54530c06142acb196280cc2ebb

Certificate Info

IssuerLet's Encrypt

Subjecttopasiansporn.com

Fingerprint3A:1A:5B:C5:79:51:F8:A9:B7:19:AB:27:26:D8:CA:83:D8:6E:0F:95

ValidityFri, 06 Dec 2024 08:49:22 GMT - Thu, 06 Mar 2025 08:49:21 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.topasiansporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: openresty
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

GET youngtube.one/favicon.ico

216.172.61.44

404 Not Found

150 B

URL GET HTTPS

youngtube.one/favicon.ico

IP / ASN

216.172.61.44

#15317 SERVEREL-AS

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-05

Last Seen2025-08-06

Times Seen11706

Size150 B (150 bytes)

MD5597ba0d4396e9c906225140ce907092c

SHA128ae2ba65ccdb583d79f85b8cc9509fae697493b

SHA256ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6

Certificate Info

IssuerLet's Encrypt

Subjectyoungtube.one

Fingerprint56:C1:9F:6C:AE:63:09:F7:1E:72:2A:8F:21:C9:B5:8E:92:C5:8F:2F

ValiditySat, 05 Oct 2024 23:15:32 GMT - Fri, 03 Jan 2025 23:15:31 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: youngtube.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: openresty
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: text/html; charset=utf-8
content-length: 150
X-Firefox-Spdy: h2

GET www.savsq.com/favicon.ico

23.225.183.189

200 OK

317 B

URL GET HTTPS

www.savsq.com/favicon.ico

IP / ASN

23.225.183.189

#40065 CNSERVERS

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

First Seen2024-05-18

Last Seen2025-07-13

Times Seen48

Size317 B (317 bytes)

MD59faaf9ec3c64419a98f0171d30788832

SHA17cfd0139434fc6b4405da2399e18c6dad491026d

SHA2563e5dffb92459dc10edb044ea8a7db6c29149515a9a13c392fae01108ca48464b

Certificate Info

IssuerLet's Encrypt

Subjectsavaa.cc

Fingerprint00:E4:40:20:89:1C:12:03:47:D3:2F:BB:D5:41:EA:F7:8D:57:5A:7D

ValidityMon, 18 Nov 2024 03:45:31 GMT - Sun, 16 Feb 2025 03:45:30 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.savsq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: image/x-icon
content-length: 317
last-modified: Tue, 02 Jan 2024 16:25:55 GMT
etag: "65943913-13d"
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
cache-control: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2

GET obmenvsem.org/favicon.ico

82.192.80.133

200 OK

15 kB

URL GET HTTPS

obmenvsem.org/favicon.ico

IP / ASN

82.192.80.133

#60781 LeaseWeb Netherlands B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2024-06-17

Last Seen2025-08-05

Times Seen118

Size15 kB (15086 bytes)

MD55fcfc1a6b1d7b1c61867bbf650b725af

SHA1ef131ddbc75f149934d2a54bf8ef27eb401d26d7

SHA256aa0a1280a119f0e79c45c6a910a29bdc370bf6f4c41e40b9c156f498c23fdb59

Certificate Info

IssuerLet's Encrypt

Subjectobmenvsem.org

Fingerprint53:06:EA:B3:B6:B8:6D:10:D2:09:D9:C9:E8:37:2A:CA:54:63:5F:1F

ValiditySat, 02 Nov 2024 20:47:49 GMT - Fri, 31 Jan 2025 20:47:48 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: obmenvsem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: image/x-icon
content-length: 15086
last-modified: Wed, 08 Nov 2023 12:00:19 GMT
etag: "654b7853-3aee"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET naturismv.com/favicon.ico

104.21.235.25

200 OK

11 kB

URL GET HTTPS

naturismv.com/favicon.ico

IP / ASN

104.21.235.25

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2024-04-19

Last Seen2025-02-18

Times Seen19

Size11 kB (10824 bytes)

MD5297c16b0acfcf2b65e2a7c98bc4f73b4

SHA15c73be9088bce1a10797c417eea7434102d6ae2d

SHA256aff9828513cf3000fc5e141e962e0a7b61b81411615db4157342d1a6a3f2381a

Certificate Info

IssuerGoogle Trust Services

Subjectnaturismv.com

Fingerprint9C:58:56:25:78:19:EB:E0:62:6C:2F:51:48:3D:DF:C2:55:0E:82:5B

ValidityWed, 06 Nov 2024 08:49:12 GMT - Tue, 04 Feb 2025 08:49:11 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/vnd.microsoft.icon
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2019 11:00:14 GMT
etag: W/"3aee-58b326f362b80"
cache-control: max-age=14400, must-revalidate
expires: Fri, 07 Mar 2025 03:44:15 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: REVALIDATED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdvTTFMmE89WMMRTddEHvo0LIMMoqokk3widliCt5Gfn%2FXvemKA23yMiiyS3BxFh%2BOuIGmBcQKOMStOtCseOWCl0YX4zC1UzidLKy8Fd94jWQd2dLz2U7XgXR1xC8Qbx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18422b81a369a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=58893&min_rtt=29387&rtt_var=32095&sent=25&recv=24&lost=0&retrans=0&sent_bytes=4808&recv_bytes=2007&delivery_rate=20212&cwnd=12000&unsent_bytes=0&cid=0c2b15645d25aa58&ts=8530&x=1", cfExtPri, cfHdrFlush;dur=0

GET avhub.me/favicon.ico

38.207.133.102

200 OK

15 kB

URL GET HTTPS

avhub.me/favicon.ico

IP / ASN

38.207.133.102

#51847 Nearoute Limited

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2024-09-05

Last Seen2024-12-10

Times Seen20

Size15 kB (15406 bytes)

MD587f56f68b147fe04f10e2e23f4daced8

SHA17910eea4aebab50f349f2afb5dcde0bac4b0d2a3

SHA2563ca9e78e2dfcd39de431ac59a72a454a981eea329b8a4abaf5a4af451e057c27

Certificate Info

IssuerLet's Encrypt

Subjectwww.avhub.me

Fingerprint84:B1:78:E4:47:22:C0:F1:C5:DD:B1:58:D0:5F:03:3B:38:7F:A4:55

ValidityThu, 26 Sep 2024 07:57:10 GMT - Wed, 25 Dec 2024 07:57:09 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: avhub.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: image/x-icon
content-length: 15406
last-modified: Thu, 01 Aug 2024 01:28:46 GMT
etag: "66aae4ce-3c2e"
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.sesenovel.com/favicon.ico

38.207.133.102

301 Moved Permanently

162 B

URL GET HTTPS

www.sesenovel.com/favicon.ico

IP / ASN

38.207.133.102

#51847 Nearoute Limited

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-05

Last Seen2025-07-11

Times Seen131096

Size162 B (162 bytes)

MD54f8e702cc244ec5d4de32740c0ecbd97

SHA13adb1f02d5b6054de0046e367c1d687b6cdf7aff

SHA2569e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Certificate Info

IssuerLet's Encrypt

Subjectwww.18hub.top

Fingerprint6B:72:04:80:E5:8C:1A:89:37:DD:03:1E:DF:4D:0B:BA:BF:99:45:60

ValidityThu, 26 Sep 2024 07:24:45 GMT - Wed, 25 Dec 2024 07:24:44 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.sesenovel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: text/html
content-length: 162
location: https://18sese.top/favicon.ico
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
X-Firefox-Spdy: h2

GET wild-kitty.net/video/vid034.jpg

104.21.40.107

403 Forbidden

28 kB

URL GET HTTPS

wild-kitty.net/video/vid034.jpg

IP / ASN

104.21.40.107

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeHTML document, ASCII text, with very long lines (570), with CRLF line terminators

First Seen2024-04-21

Last Seen2025-01-08

Times Seen20

Size28 kB (27530 bytes)

MD565295241a7ff8195a3080f16a08a01e7

SHA1418065116581adeb029b95074c821e02173d654b

SHA256b1348a2d7fa352deba00aaad392d39a7d10a1e24f532c7a6f523928036d12caa

Certificate Info

IssuerGoogle Trust Services

Subjectwild-kitty.net

Fingerprint47:7B:FE:9B:11:28:DB:29:5E:28:79:FB:30:98:6E:C7:C6:EB:A2:2D

ValiditySat, 09 Nov 2024 17:17:26 GMT - Fri, 07 Feb 2025 17:17:25 GMT

HTTP Headers

GET /video/vid034.jpg HTTP/1.1
Host: wild-kitty.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddFhvAY9%2FZvfIN4bQOlNeERPsq007CqAKRzVx7Pz5CshdzIM5pdSkeQGe4fW%2BI5Olkv%2B784F5JU9XKNbGDS8hh0AuJVaevJBhQ%2BJbM4XrHtss04iWRLs%2BGnx3yzqC1zCkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18407bfa7b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2480&min_rtt=421&rtt_var=4101&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3283&recv_bytes=1186&delivery_rate=6819466&cwnd=254&unsent_bytes=0&cid=849fc233a4332e42&ts=2227&x=0"
X-Firefox-Spdy: h2

GET baophapluat.vn/favicon.ico

123.30.41.185

302 Found

0 B

URL GET HTTPS

baophapluat.vn/favicon.ico

IP / ASN

123.30.41.185

#45899 VNPT Corp

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGlobalSign nv-sa

Subject*.baophapluat.vn

Fingerprint63:B7:51:19:63:64:32:81:39:A2:94:F5:84:BC:47:E8:8A:86:E1:2E

ValidityWed, 18 Sep 2024 08:37:00 GMT - Mon, 20 Oct 2025 08:36:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: baophapluat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
accept-ranges: bytes
access-control-allow-origin: *
server: Universe
x-cache-status: MISS
age: 0
content-length: 0
location: /404
cache-control: Private
X-Firefox-Spdy: h2

GET www.boy18tube.com/favicon.ico

45.133.44.101

200 OK

7.1 kB

URL GET HTTPS

www.boy18tube.com/favicon.ico

IP / ASN

45.133.44.101

#39572 DataWeb Global Group B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size7.1 kB (7120 bytes)

MD5c999158df37d5e388f333c2774d44e82

SHA111653041431a34b2629da85415f9e143b50d36d8

SHA2563826e7cbca83c7e15c6b7cd38fb0777ce2ef2af6d2e95866683967325d9e8652

Certificate Info

IssuerLet's Encrypt

Subjectwww.boy18tube.com

Fingerprint7A:94:BA:4B:59:16:89:2B:31:09:09:4F:A9:80:30:CD:50:04:85:29

ValidityMon, 21 Oct 2024 03:04:11 GMT - Sun, 19 Jan 2025 03:04:10 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.boy18tube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
last-modified: Wed, 13 Nov 2024 09:20:37 GMT
etag: W/"67346f65-47e"
x-server: tube2-vm2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3DlOPwBzrQBCyQ98bmn9f4LEUKuwSGD6OKpgD9GgSrh1xwc3DSj5p6x5b%2Bkb6FiwOEskgfm7y7WUNnGWW8qDDepvrUWGNa5gTim7%2BAmxU1WqpKaSfgAFj%2BANe3FerT8%2B1NcG3ByuCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1842f3cb20ea8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1222&min_rtt=529&rtt_var=785&sent=429&recv=287&lost=0&retrans=0&sent_bytes=337614&recv_bytes=45725&delivery_rate=13092224&cwnd=256&unsent_bytes=0&cid=6877a293a0801ead&ts=134514&x=0"
vary: Accept-Encoding
x-proxy-cache: MISS
X-Firefox-Spdy: h2

GET 18sese.top/favicon.ico

38.207.133.102

200 OK

15 kB

URL GET HTTPS

18sese.top/favicon.ico

IP / ASN

38.207.133.102

#51847 Nearoute Limited

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2024-09-05

Last Seen2024-12-10

Times Seen20

Size15 kB (15406 bytes)

MD587f56f68b147fe04f10e2e23f4daced8

SHA17910eea4aebab50f349f2afb5dcde0bac4b0d2a3

SHA2563ca9e78e2dfcd39de431ac59a72a454a981eea329b8a4abaf5a4af451e057c27

Certificate Info

IssuerLet's Encrypt

Subjectwww.avhub.me

Fingerprint84:B1:78:E4:47:22:C0:F1:C5:DD:B1:58:D0:5F:03:3B:38:7F:A4:55

ValidityThu, 26 Sep 2024 07:57:10 GMT - Wed, 25 Dec 2024 07:57:09 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 18sese.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: image/x-icon
content-length: 15406
last-modified: Thu, 01 Aug 2024 01:28:46 GMT
etag: "66aae4ce-3c2e"
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.youtube.com/favicon.ico

142.250.74.46

200 OK

162 B

URL GET HTTPS

www.youtube.com/favicon.ico

IP / ASN

142.250.74.46

#15169 GOOGLE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2023-04-05

Last Seen2025-08-04

Times Seen3998

Size162 B (162 bytes)

MD5f2a495d85735b9a0ac65deb19c129985

SHA1f2e22853e5da3e1017d5e1e319eeefe4f622e8c8

SHA2568bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d

Certificate Info

IssuerGoogle Trust Services

Subject*.google.com

Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB

ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube-marketing"
report-to: {"group":"youtube-marketing","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube-marketing"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Dec 2024 01:41:12 GMT
expires: Sun, 07 Dec 2025 01:41:12 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
age: 7387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET mangyte.vn/favicon.ico

115.146.121.153

200 OK

104 kB

URL GET HTTPS

mangyte.vn/favicon.ico

IP / ASN

115.146.121.153

#38732 CMC Telecom Infrastructure Company

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size104 kB (103781 bytes)

MD55a5a81192a136f482617da9a1226d87f

SHA17a0b54cb782288eb9fd42287306339d9de706c5b

SHA2569a08e1d99f993772d0f3dba667707e882f29b07cccdab5fda7e39d34680acc77

Certificate Info

IssuerSectigo Limited

Subjectmangyte.vn

FingerprintE0:2D:5B:2F:8C:1C:21:3E:8C:AE:D6:91:AF:D8:5A:DE:20:3B:59:FA

ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 02 Feb 2025 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mangyte.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: image/x-icon
Last-Modified: Thu, 17 Sep 2020 02:00:42 GMT
Accept-Ranges: bytes
ETag: "58fd7259968cd61:0"
Server: Microsoft-IIS/7.5
1: 1
Date: Sat, 07 Dec 2024 03:44:19 GMT
Content-Length: 103781

GET www.pornfuck.net/favicon.ico

0.0.0.0

301 Moved Permanently

0 B

URL GET HTTPS

www.pornfuck.net/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectpornfuck.net

FingerprintF5:22:26:22:B4:15:AB:05:90:AD:72:6C:47:BB:93:FA:92:FA:2D:ED

ValidityMon, 25 Nov 2024 13:29:33 GMT - Sun, 23 Feb 2025 13:29:32 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.pornfuck.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: text/html
content-length: 167
location: https://www.pornbf.mobi/favicon.ico
cache-control: max-age=3600
expires: Sat, 07 Dec 2024 04:44:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4n3HeRAmVJNpd5RBV7E1MKWRn%2BjPiBXrvLkNnM259EKO63ATk1Ol%2FKLKFLbE8irkkIsnqZtrSocdpn%2FvfkjTWZpONG3PAlqNa%2FAanigDJhGzsIZacMOmheZTB0dUaSVePKDW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1842d2d0d56ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=496&min_rtt=391&rtt_var=137&sent=6&recv=11&lost=0&retrans=0&sent_bytes=3277&recv_bytes=1154&delivery_rate=6776911&cwnd=254&unsent_bytes=0&cid=213c9178677f20c9&ts=866&x=0"
X-Firefox-Spdy: h2

GET sorkab.com/wp-content/uploads/2021/12/0000129.jpg

104.21.234.105

200 OK

27 kB

URL GET HTTPS

sorkab.com/wp-content/uploads/2021/12/0000129.jpg

IP / ASN

104.21.234.105

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, progressive, precision 8, 640x360, components 3

First Seen2024-05-01

Last Seen2025-06-30

Times Seen35

Size27 kB (26992 bytes)

MD53e69a9299ca3f0a4a5f5ee660ed30651

SHA17d571f62389c8731a34a2a7c1937a2f30f571c95

SHA2565042d5890af462533c826aa38a11772884f77c914b557b8e25299442d01da485

Certificate Info

IssuerGoogle Trust Services

Subjectsorkab.com

FingerprintD3:11:17:D3:EB:D7:75:32:87:93:33:0C:EE:8B:E9:79:13:66:B2:04

ValidityFri, 08 Nov 2024 02:56:19 GMT - Thu, 06 Feb 2025 02:56:18 GMT

HTTP Headers

GET /wp-content/uploads/2021/12/0000129.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 26992
cache-control: public, max-age=31536000
expires: Sat, 08 Nov 2025 05:06:56 GMT
last-modified: Wed, 02 Mar 2022 05:33:19 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 883741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5G8c1SVotDsAI5%2FZ7cxsh0CQXMfDzH2DQ7K%2B3SAmyCfj6N9g3%2B%2FTYP6pAgGzrSU7THtFT3HEb412abHocTZs88dUScIbcd1Q2t%2FbBxEaRF5J6X4pJ%2F22Am0hZpuO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183edef9a652f-LHR
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=20186&rtt_var=11677&sent=123&recv=47&lost=0&retrans=0&sent_bytes=160064&recv_bytes=1463&delivery_rate=1741511&cwnd=117&unsent_bytes=0&cid=b57ea78fefd72974&ts=603&x=0"
X-Firefox-Spdy: h2

GET www.yasetube.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

www.yasetube.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectyasetube.com

Fingerprint1B:2C:DC:7D:FB:C1:B3:61:E0:09:8A:34:97:A9:B6:13:25:1F:16:90

ValidityWed, 23 Oct 2024 08:54:38 GMT - Tue, 21 Jan 2025 08:54:37 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.yasetube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Fri, 13 Dec 2024 23:37:36 GMT
etag: W/"47e-66d6eeb4-d61127;br"
last-modified: Tue, 03 Sep 2024 11:10:44 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 14786
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58QnwIikOill9MJM9sfXA%2B2PuXYUTYm5hNhEmEyGicaUQdmkXxfFamendHF74wJp5PinlrurgSxBdtgczMDujG5yW1WU1sosMoenVJYZZRLLqn099H5zrGMHwDbWCjUJvaix"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1842b0f51569f-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=448&min_rtt=388&rtt_var=118&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3203&recv_bytes=1025&delivery_rate=7489655&cwnd=254&unsent_bytes=0&cid=e90f8eaf098dca04&ts=672&x=0"
X-Firefox-Spdy: h2

GET www.po-kaki-to.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

www.po-kaki-to.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectpo-kaki-to.com

Fingerprint75:1E:31:F5:6F:AF:87:77:F8:D5:B8:F7:B2:CB:BB:FE:2F:C4:9D:1C

ValiditySat, 19 Oct 2024 18:28:50 GMT - Fri, 17 Jan 2025 18:28:49 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.po-kaki-to.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/x-icon
last-modified: Wed, 07 Jun 2017 08:23:59 GMT
etag: W/"5937b81f-1636"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1425
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFH%2FaWDpmlOeXkO5aV21Mr5I1gVJKHtkkNkzWllllblfVygeZUiAaqOuUAVomXZhz6yUY8JwirnBR0q82Eaj4xTpdq%2F2GhqcWfoNmSDJYAyVmBx%2FG1HC5YfARHZyrGyco6wxXqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184240bce4182-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22871&min_rtt=21689&rtt_var=8977&sent=27&recv=28&lost=0&retrans=0&sent_bytes=4911&recv_bytes=2215&delivery_rate=27386&cwnd=12000&unsent_bytes=0&cid=9cdfd4228e8a0061&ts=4713&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.ssnovel.top/template/YS007/images/avhubCode.png

0.0.0.0

0 B

URL GET HTTP

www.ssnovel.top/template/YS007/images/avhubCode.png

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/YS007/images/avhubCode.png HTTP/1.1
Host: www.ssnovel.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET kompoz2.com/favicon.ico

188.114.97.1

404 Not Found

0 B

URL GET HTTPS

kompoz2.com/favicon.ico

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectkompoz2.com

Fingerprint9E:EF:80:2D:49:86:85:B2:4B:3D:15:53:45:14:24:DD:2B:B0:EF:A5

ValiditySat, 23 Nov 2024 03:19:28 GMT - Fri, 21 Feb 2025 03:19:27 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: kompoz2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.14
cache-control: max-age=31536000
cf-cache-status: HIT
age: 42
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zLh2pK0heOoYjI5hpLzw6VCYUnMv1JmZEtTbBKXyiosis391ZQdBe18ApT62CRKQbO7NZpiI%2FWru1pU4L%2Bft43drMor3mOL4Rr2WokEKpOo7qgQZkNwUrHuvbW72FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1842c8d0eb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=493&min_rtt=410&rtt_var=186&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3272&recv_bytes=1145&delivery_rate=7264214&cwnd=253&unsent_bytes=0&cid=4963cd54b70b464b&ts=776&x=0"
X-Firefox-Spdy: h2

GET www.ssnovel.top/template/YS007/images/avhubCode.png

0.0.0.0

0 B

URL GET HTTP

www.ssnovel.top/template/YS007/images/avhubCode.png

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/YS007/images/avhubCode.png HTTP/1.1
Host: www.ssnovel.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET vjav2.com/favicon.ico

104.21.65.63

404 Not Found

0 B

URL GET HTTPS

vjav2.com/favicon.ico

IP / ASN

104.21.65.63

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectvjav2.com

FingerprintA4:51:C9:87:1D:92:1D:13:D0:8B:6B:B9:1A:64:9B:D2:F8:68:EB:B1

ValidityThu, 28 Nov 2024 22:15:05 GMT - Wed, 26 Feb 2025 22:15:04 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: vjav2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNctx2HdHE4MmwKfkgRXAqhNSJ2TtMEOZT9FynGFOWnsGsDa2%2Bd4x0ct9xYY2I6%2BWQ00q000EMKx2mGmCZEDLxKcT0cvSZiG5w8JK%2BjJ6BtXYtuX7PCr3ZJC2kw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18423d8351c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6496&min_rtt=5796&rtt_var=2921&sent=61&recv=83&lost=0&retrans=0&sent_bytes=6751&recv_bytes=5075&delivery_rate=59886&cwnd=12000&unsent_bytes=0&cid=9d40aacde89b670d&ts=5768&x=1", cfExtPri, cfHdrFlush;dur=0

GET timg191.top/videos/a9da4439d805f0c01813fdabbdd88e2ba9488300/cover/5_505_259?ih=1

0.0.0.0

200 OK

0 B

URL GET HTTPS

timg191.top/videos/a9da4439d805f0c01813fdabbdd88e2ba9488300/cover/5_505_259?ih=1

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjecttimg191.top

Fingerprint07:E8:C8:38:46:64:FB:9A:7D:87:53:99:5C:CE:34:BA:4A:0F:B2:BC

ValidityWed, 23 Oct 2024 13:29:20 GMT - Tue, 21 Jan 2025 14:27:01 GMT

HTTP Headers

GET /videos/a9da4439d805f0c01813fdabbdd88e2ba9488300/cover/5_505_259?ih=1 HTTP/1.1
Host: timg191.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: application/octet-stream
vary: Accept-Encoding, Origin, Accept-Encoding
t-cache: MISS
cache-control: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-meta-erid: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMxOQgfSsMdbl3OT0ABTGBfZEm0YIQAsMrtHIDm1VMGn0awXgLZ9Qj8kM1WVMwdhH0fw6eLP2fl0mLt1PQNGSMYHOKewJ3nFdD90lYt%2BdpPngufLk3OVRxGMFNBuCgA4J3Xo"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 1808FAC8C774DC3A
server-timing: cfL4;desc="?proto=TCP&rtt=6782&sent=14702&recv=3346&lost=0&retrans=3&sent_bytes=19272962&recv_bytes=253186&delivery_rate=70108043&cwnd=464&unsent_bytes=0&cid=a3c23050dc3e9d4f&ts=861228&x=0"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content
x-xss-protection: 1; mode=block
etag: W/"3f43bb6ee5f71994fca2bc4bf2cc6e34"
x-amz-meta-mtime: 1716897356.11737909
last-modified: Tue, 28 May 2024 11:55:57 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1288242
x-referer: no
server: cloudflare
cf-ray: 8ee18403f9130b4d-OSL
X-Firefox-Spdy: h2

GET baophapluat.vn/404

123.30.41.185

404 Not Found

0 B

URL GET HTTPS

baophapluat.vn/404

IP / ASN

123.30.41.185

#45899 VNPT Corp

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGlobalSign nv-sa

Subject*.baophapluat.vn

Fingerprint63:B7:51:19:63:64:32:81:39:A2:94:F5:84:BC:47:E8:8A:86:E1:2E

ValidityWed, 18 Sep 2024 08:37:00 GMT - Mon, 20 Oct 2025 08:36:59 GMT

HTTP Headers

GET /404 HTTP/1.1
Host: baophapluat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
accept-ranges: bytes
access-control-allow-origin: *
server: Universe
content-encoding: gzip
x-cache-status: MISS
age: 0
content-length: 6101
content-type: text/html;charset=utf-8
cache-control: Private
X-Firefox-Spdy: h2

GET javlulu.com/https://jpgjingpinx.com/upload/vod/20231219-1/4c84c73a81bccefe1ea4ed981b81cf21.jpg

104.21.44.73

404 Not Found

0 B

URL GET HTTPS

javlulu.com/https://jpgjingpinx.com/upload/vod/20231219-1/4c84c73a81bccefe1ea4ed981b81cf21.jpg

IP / ASN

104.21.44.73

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectjavlulu.com

Fingerprint91:6D:9B:45:23:CF:2A:71:AA:AD:AD:C6:56:57:91:FD:8B:D9:63:48

ValiditySat, 12 Oct 2024 11:25:37 GMT - Fri, 10 Jan 2025 11:25:36 GMT

HTTP Headers

GET /https://jpgjingpinx.com/upload/vod/20231219-1/4c84c73a81bccefe1ea4ed981b81cf21.jpg HTTP/1.1
Host: javlulu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 10
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGI2XH8T6hZfCFy7%2F2QNY5Tm3qtc%2FoJux2fZD6COOExJ8I5D5iI2jQIOehBEjISEdHcW9JdnvGAlQQs1WJKKznqNb2S%2BkKppbKmoGjI2xkNQDnYqPUXJo2W0934VJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee184001b53b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1410&min_rtt=438&rtt_var=1957&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3199&recv_bytes=1121&delivery_rate=8165413&cwnd=254&unsent_bytes=0&cid=1923c8e673efa8ef&ts=2273&x=0"
X-Firefox-Spdy: h2

GET 28892384-22554-ex.somentibrot.com/iiFPDIc2PQviZtczvVjGJyVPldkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYBaKmqGlubqKdAUfS7xOnqK_kxDnZOLP0N2LNViQOg?kws=hot%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fav.tub4us.top%2F2&referer=https%3A%2F%2Ffavor.jtube.top%2F&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20Dec%2007%202024%2003%3A44%3A11%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1

88.208.22.3

200 OK

1.5 kB

URL GET HTTPS

28892384-22554-ex.somentibrot.com/iiFPDIc2PQviZtczvVjGJyVPldkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYBaKmqGlubqKdAUfS7xOnqK_kxDnZOLP0N2LNViQOg?kws=hot%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fav.tub4us.top%2F2&referer=https%3A%2F%2Ffavor.jtube.top%2F&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20Dec%2007%202024%2003%3A44%3A11%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1

IP / ASN

88.208.22.3

#39572 DataWeb Global Group B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeASCII text, with very long lines (1480), with no line terminators

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size1.5 kB (1480 bytes)

MD54b83c754ccfb3270f91a749d842bcc85

SHA1d6670ae801a6682f38dd011bd226008e03afea65

SHA2563a5ae7acf21e78e17fd8e8ea4b2843bb72c56b1b0074cbf1f26cbcbc3c9a806d

Certificate Info

IssuerLet's Encrypt

Subject*.somentibrot.com

FingerprintC2:53:55:59:64:4C:35:BB:7E:AB:CB:E4:6A:6F:6A:47:E8:E1:2A:3B

ValiditySun, 22 Sep 2024 14:19:31 GMT - Sat, 21 Dec 2024 14:19:30 GMT

HTTP Headers

GET /iiFPDIc2PQviZtczvVjGJyVPldkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYBaKmqGlubqKdAUfS7xOnqK_kxDnZOLP0N2LNViQOg?kws=hot%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fav.tub4us.top%2F2&referer=https%3A%2F%2Ffavor.jtube.top%2F&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20Dec%2007%202024%2003%3A44%3A11%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 28892384-22554-ex.somentibrot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://av.tub4us.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://av.tub4us.top
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Sat, 07 Dec 2024 03:44:17 UTC
expires: Sat, 07 Dec 2024 03:44:17 UTC
content-encoding: gzip
X-Firefox-Spdy: h2

GET javp1.cc/https://img.caoliuzywimg.com:188/20230220/wT6JYtHe/1.jpg

172.67.162.226

404 Not Found

0 B

URL GET HTTPS

javp1.cc/https://img.caoliuzywimg.com:188/20230220/wT6JYtHe/1.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /https://img.caoliuzywimg.com:188/20230220/wT6JYtHe/1.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o4RspmGv04LrlQVV%2FPu0gAWe5ZCHF2dZX%2FQHiKKoXfkv8ZleFTd%2BoK9NRJoR3i8P5u%2FmxME8P8JoJdDfdTWe3hY3MRLrFijg0juyiqvRGkabf78OeP83wJqYWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1840e6bd8b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10170&min_rtt=4872&rtt_var=5849&sent=70&recv=76&lost=0&retrans=0&sent_bytes=13882&recv_bytes=6009&delivery_rate=241683&cwnd=12000&unsent_bytes=0&cid=5322974bcf27bca7&ts=2960&x=1", cfExtPri, cfHdrFlush;dur=0

GET onlyindianporn.tv/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

onlyindianporn.tv/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectonlyindianporn.tv

Fingerprint01:B9:96:4F:85:E9:6D:64:44:C4:16:06:C3:C8:38:46:C1:0E:A2:B4

ValidityMon, 25 Nov 2024 07:44:58 GMT - Sun, 23 Feb 2025 07:44:57 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: onlyindianporn.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
last-modified: Thu, 06 Oct 2022 16:56:28 GMT
etag: W/"633f08bc-2eee"
expires: Tue, 10 Dec 2024 13:08:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2298958
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7Bh8VJGGELLR6EW9zun2V9k10TewpRyMUWF7agAM3ttN097TTPi0ItGh%2Fg4yF9Fb%2BFgV3OTA0F7J5I1F5N2Ek5TlJ0gqU1dCtXBXVkgOcaa04%2FyvTkD6w%2BT2UIJJxKpkUlQAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1842e6a9b0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1498&min_rtt=441&rtt_var=2049&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3290&recv_bytes=1187&delivery_rate=6464285&cwnd=254&unsent_bytes=0&cid=8ad2681bd14d6caa&ts=970&x=0"
X-Firefox-Spdy: h2

GET www.apornvideo.com/favicon.ico

104.21.95.144

404 Not Found

0 B

URL GET HTTPS

www.apornvideo.com/favicon.ico

IP / ASN

104.21.95.144

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectapornvideo.com

Fingerprint1C:02:02:7D:A6:88:58:BD:31:79:74:CB:B0:5F:B0:90:BB:B0:C4:59

ValidityTue, 29 Oct 2024 19:08:32 GMT - Mon, 27 Jan 2025 19:08:31 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.apornvideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
cf-cache-status: BYPASS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YuwmbPI%2B%2FwNmjLDS4TXigbpfQtJDogI0rHhM2ypXSRKlgA%2FX7OlNLTm9kx9lLethA3n1HYXXOiOYpfprGysTqRhQfeJ2JsdIuuOXUD8VoMnMUGJlNDR6kmx0MT%2FTJVkQlhK%2BhVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18423dcbcb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5711&min_rtt=1510&rtt_var=4047&sent=93&recv=113&lost=0&retrans=0&sent_bytes=8524&recv_bytes=6653&delivery_rate=50758&cwnd=12000&unsent_bytes=0&cid=c4abbe7be904f5a1&ts=5056&x=1", cfExtPri, cfHdrFlush;dur=0

GET record.r7.com/favicon.ico/

23.36.76.186

404 Not Found

0 B

URL GET HTTPS

record.r7.com/favicon.ico/

IP / ASN

23.36.76.186

#20940 Akamai International B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectnewr7.web.arc-cdn.net

FingerprintEA:CF:0F:2A:9B:21:3B:0E:06:4C:28:5C:5F:21:AA:B6:65:FA:37:07

ValidityThu, 14 Nov 2024 20:44:10 GMT - Wed, 12 Feb 2025 20:44:09 GMT

HTTP Headers

GET /favicon.ico/ HTTP/1.1
Host: record.r7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
content-length: 171444
server: openresty
content-encoding: gzip
x-arc-pb-mx-id: 00000000
x-arc-pb-request-id: 619113da-5181-4833-923e-6929e5a722af
etag: W/"1ccb12-PTAD3ikNzenNGxUt9N9bG7Sa+MU"
last-modified: Sat, 07 Dec 2024 03:44:11 GMT
vary: Accept-Encoding
cache-control: private, max-age=60
expires: Sat, 07 Dec 2024 03:45:18 GMT
date: Sat, 07 Dec 2024 03:44:18 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=28, origin; dur=0, ak_p; desc="1733543057519_388254902_159914240_2861_7844_0_969_13";dur=1
content-security-policy: upgrade-insecure-requests
x-arc-ttl: -1
x-arc-request-id: 0.b64c2417.1733543057.9881900
X-Firefox-Spdy: h2

GET s8.jshumeng.com/xwupload/video/thumb/87668584f1336acf07106ef0cbbf6585.jpg

0.0.0.0

0 B

URL GET HTTP

s8.jshumeng.com/xwupload/video/thumb/87668584f1336acf07106ef0cbbf6585.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /xwupload/video/thumb/87668584f1336acf07106ef0cbbf6585.jpg HTTP/1.1
Host: s8.jshumeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET www.pornlulu.com/favicon.ico

104.21.80.1

404 Not Found

0 B

URL GET HTTPS

www.pornlulu.com/favicon.ico

IP / ASN

104.21.80.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectpornlulu.com

FingerprintDD:83:8E:15:EA:1E:9F:7B:6B:00:16:6C:E5:E6:70:42:51:70:72:A8

ValiditySat, 26 Oct 2024 17:44:21 GMT - Fri, 24 Jan 2025 17:44:20 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.pornlulu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3410
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIg%2FUgmgwwbo4zEsG4Y1Kl7RUGecaKP4zpiCdhujKf9OdY853cpgSnyy5utNZQ5G0E5ZxrO0ablY6mzfeimoLS3r7fAk7jsEwhNlSUYZzhRjd7Q0BOaK8Dtjhvjf9UfuK1P8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1842c8e98712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=808&min_rtt=466&rtt_var=730&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3200&recv_bytes=1025&delivery_rate=7313131&cwnd=253&unsent_bytes=0&cid=caeda7cc53f915dc&ts=779&x=0"
X-Firefox-Spdy: h2

GET aporntv.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

aporntv.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectaporntv.com

FingerprintBB:58:9C:AA:4A:C5:8C:B8:91:78:3F:FD:BA:6C:F4:85:48:3C:BE:E6

ValiditySun, 27 Oct 2024 23:47:18 GMT - Sat, 25 Jan 2025 23:47:17 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: aporntv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/vnd.microsoft.icon
last-modified: Mon, 12 Jun 2017 13:15:14 GMT
etag: W/"282-551c31c033c80"
cache-control: max-age=16070400
cf-cache-status: HIT
age: 3024
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORknsscxJPaHvj3931Okk4mqHGON8Se3bzKasbmRlRODl%2FuPWRdd%2FKfeMzfAsiab6jafi0eq9tiz3LR0JL3JxNuBxLhjoJhjOo%2Bkw%2FpjhEdSun7G0%2FpoD8KUp5K0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18425f87a0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14535&min_rtt=2848&rtt_var=9990&sent=65&recv=90&lost=0&retrans=0&sent_bytes=6595&recv_bytes=5438&delivery_rate=119463&cwnd=12000&unsent_bytes=0&cid=65b9e11e9f43c263&ts=5588&x=1", cfExtPri, cfHdrFlush;dur=0

GET blumpkintube.com/favicon.ico

172.67.148.206

200 OK

1.2 kB

URL GET HTTPS

blumpkintube.com/favicon.ico

IP / ASN

172.67.148.206

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2024-05-18

Last Seen2025-08-05

Times Seen120

Size1.2 kB (1150 bytes)

MD53de13983da1e7755426362ee988fae6a

SHA151d87d2cb8a6950b5e1c8ca24a257cb397664a93

SHA25616c3dc433b7b2460b9ba12b1aa28a14c598e93f5bab8f7cb1b5afa3989457c05

Certificate Info

IssuerGoogle Trust Services

Subjectblumpkintube.com

FingerprintF0:18:78:09:66:C3:98:B3:C9:80:17:A5:23:70:38:01:E6:7E:33:52

ValidityFri, 18 Oct 2024 15:02:39 GMT - Thu, 16 Jan 2025 15:02:38 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: blumpkintube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 29 Nov 2019 11:53:39 GMT
etag: "5de106c3-47e"
expires: Sun, 30 Nov 2025 08:58:28 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 585947
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQH1ACG1UjiU%2BsObVMHFBR4uXfCqCuKeoFyO%2FGZ9XU1CcIBpkGrzTfZ5M4IEZSSzwm47aF2zXOKjykmnF%2BN%2FHLCf78WbwmPyGr8qumiwsqXqgRO2hT3X%2FydGaWJTBrVuqSbv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18422ee0856ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25060&min_rtt=1530&rtt_var=13269&sent=53&recv=81&lost=0&retrans=0&sent_bytes=6377&recv_bytes=4972&delivery_rate=26276&cwnd=12000&unsent_bytes=0&cid=45ed9c9469033301&ts=6360&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.ttsp.tv/favicon.ico

0.0.0.0

0 B

URL GET HTTP

www.ttsp.tv/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.ttsp.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET sekesporno.net/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

sekesporno.net/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectsekesporno.net

FingerprintAA:35:24:5C:60:5A:AE:AC:09:07:C5:EF:75:B5:D2:EA:0F:C7:93:32

ValidityWed, 20 Nov 2024 04:21:37 GMT - Tue, 18 Feb 2025 04:21:36 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sekesporno.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 23 Dec 2020 01:44:28 GMT
etag: W/"3c2e-5b717d4f1ff63"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1966
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZjNyGKRzm%2BrmxBS4NlD0CirS3Fw8%2FAw6YZffhdqG%2FLOk5rZrQVklCmlLDhWAlzZIYZccFDPY2PKSrrnGqdDIh74q54oqvYxfQtWtnYwoG68bSyO451nwzI7isOcEh9RPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184283cb8b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19625&min_rtt=3012&rtt_var=9965&sent=67&recv=98&lost=0&retrans=0&sent_bytes=7056&recv_bytes=5857&delivery_rate=47814&cwnd=12000&unsent_bytes=0&cid=8e294d0f355ade83&ts=7175&x=1", cfExtPri, cfHdrFlush;dur=0

GET fcclr.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

fcclr.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectfcclr.com

Fingerprint05:6D:42:5E:C7:17:36:24:87:B3:5E:1B:87:DA:72:F7:66:5A:6B:44

ValidityTue, 05 Nov 2024 19:09:28 GMT - Mon, 03 Feb 2025 19:09:27 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: fcclr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
last-modified: Thu, 31 Oct 2024 11:44:20 GMT
etag: W/"67236d94-1083e"
expires: Tue, 24 Dec 2024 03:09:49 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1125268
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ha8Ogd%2BmzowHd%2BkIkoO12YV128Z2ED95%2FgRG%2Bs%2Bz5Z0mzV2kv8PKR9t2UJwhjoagt7T1iHqKXDqAPjZTem0YYECgL4JeSdScNbQ4r36cShQYhxz2MUFssTZY45Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1842b4d58b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=477&min_rtt=429&rtt_var=112&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3189&recv_bytes=1051&delivery_rate=7121311&cwnd=254&unsent_bytes=0&cid=3b107fc5ebaedf4b&ts=710&x=0"
X-Firefox-Spdy: h2

GET sasisa.ru/favicon.ico

0.0.0.0

0 B

URL GET HTTP

sasisa.ru/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sasisa.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET roriruo.com/favicon.ico

104.21.34.203

404 Not Found

0 B

URL GET HTTPS

roriruo.com/favicon.ico

IP / ASN

104.21.34.203

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectroriruo.com

Fingerprint46:A3:44:73:D8:90:52:1A:4E:9E:E7:D1:B1:20:9F:61:61:35:14:A2

ValidityTue, 26 Nov 2024 00:36:54 GMT - Mon, 24 Feb 2025 00:36:53 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: roriruo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6U3gInTlo%2FIy2W2M9swa7i1uUzf8JknH%2Fut1lwdKmTKR7O%2B5kzul6iaSDsnSHof%2BJPbwgJY44H%2Ftz8VhwFtqiAYWhU3kKIec0jHT8npt267%2B7Dz3Xb2PBWU3FS84lA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184266a8b56bf-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=3698&min_rtt=418&rtt_var=6523&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1176&delivery_rate=7489655&cwnd=254&unsent_bytes=0&cid=2fe00cdca320527c&ts=457&x=0"
X-Firefox-Spdy: h2

GET www.javdove.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

www.javdove.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectjavdove.com

Fingerprint78:D1:82:68:A9:F9:DE:2D:B4:72:87:FF:E3:70:FE:33:FC:C8:FE:F4

ValidityWed, 20 Nov 2024 21:12:31 GMT - Tue, 18 Feb 2025 21:12:30 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.javdove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
last-modified: Tue, 23 Jul 2024 01:30:53 GMT
etag: W/"669f07cd-10be"
cache-control: max-age=691200
cf-cache-status: HIT
age: 1364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8YgLG9ByK9HcS0Qdjrmw46VbGsuayPbyBK6z6JFGUu3znmcu99J%2Btc6ha%2FSM3vhacRBDiSRR7RG4eMVZlV4iaH3wAkssBIFaMDHPekYYfY92b8Pb7NQXPQ9RHWCCkplS%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18423c8d294aa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=25217&min_rtt=20084&rtt_var=12035&sent=24&recv=15&lost=0&retrans=1&sent_bytes=26801&recv_bytes=1188&delivery_rate=388976&cwnd=35&unsent_bytes=0&cid=25e3f840854f2254&ts=8926&x=0"
X-Firefox-Spdy: h2

GET cdn5.pornmaster.fun/picture/original/nUE0pUZ6Yl9cLl1_qP1hp3ZhrTuwMT-hL_9gY_RiJyEWZH5KJGWnE1S5GIqEq0-lFzuMoIxmJzcIrR9HDzkMIRxlGxqEZ1cdDF9mXUp6ZmVjYTt6ZGtjXFkdpTIaYmNkAl8-AQxiAwL_YmRlBQO-AmVjYwxhnaOaXFfbXSOipz5ALKA0MKVhMaIhXI8kZwtjrQplZP05YzcjMj3p9W/(PornMaster.fun)_marie-rose-rule-34-compilation.jpg

0.0.0.0

0 B

URL GET HTTP

cdn5.pornmaster.fun/picture/original/nUE0pUZ6Yl9cLl1_qP1hp3ZhrTuwMT-hL_9gY_RiJyEWZH5KJGWnE1S5GIqEq0-lFzuMoIxmJzcIrR9HDzkMIRxlGxqEZ1cdDF9mXUp6ZmVjYTt6ZGtjXFkdpTIaYmNkAl8-AQxiAwL_YmRlBQO-AmVjYwxhnaOaXFfbXSOipz5ALKA0MKVhMaIhXI8kZwtjrQplZP05YzcjMj3p9W/(PornMaster.fun)_marie-rose-rule-34-compilation.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /picture/original/nUE0pUZ6Yl9cLl1_qP1hp3ZhrTuwMT-hL_9gY_RiJyEWZH5KJGWnE1S5GIqEq0-lFzuMoIxmJzcIrR9HDzkMIRxlGxqEZ1cdDF9mXUp6ZmVjYTt6ZGtjXFkdpTIaYmNkAl8-AQxiAwL_YmRlBQO-AmVjYwxhnaOaXFfbXSOipz5ALKA0MKVhMaIhXI8kZwtjrQplZP05YzcjMj3p9W/(PornMaster.fun)_marie-rose-rule-34-compilation.jpg HTTP/1.1
Host: cdn5.pornmaster.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET www.cnhuayitang.com/favicon.ico

104.21.42.217

404 Not Found

0 B

URL GET HTTPS

www.cnhuayitang.com/favicon.ico

IP / ASN

104.21.42.217

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectcnhuayitang.com

Fingerprint6E:11:5E:F4:5F:B2:74:C1:13:52:48:80:A0:37:EB:2B:C5:83:51:19

ValiditySun, 10 Nov 2024 13:37:01 GMT - Sat, 08 Feb 2025 13:37:00 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.cnhuayitang.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: STALE
age: 61705
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujTekTiYlt%2BpqVos%2FRdOUF0kOF96WnM1aS9kzhWfNlK4pvrtkkM0sheAG7qTVGjkqdzMV2U9oKEnq9xNc2QrRTjYEzhIDlgOL%2BN0XVQ9KHqRRB9728bvuZ8VcndusVTzDEY0LeEl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184262a6d0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=477&min_rtt=365&rtt_var=128&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3212&recv_bytes=1058&delivery_rate=7554782&cwnd=254&unsent_bytes=0&cid=1c5342e03b85a5a3&ts=399&x=0"
X-Firefox-Spdy: h2

GET static.vecteezy.com/system/resources/thumbnails/021/722/911/original/close-up-face-of-happy-cute-little-girl-hugging-twin-sister-and-kissing-her-on-the-cheek-two-sisters-hugging-and-kissing-each-other-s-cheeks-older-sister-kisses-her-younger-sister-s-cheek-family-free-video.jpg

104.18.4.151

200 OK

230 kB

URL GET HTTPS

static.vecteezy.com/system/resources/thumbnails/021/722/911/original/close-up-face-of-happy-cute-little-girl-hugging-twin-sister-and-kissing-her-on-the-cheek-two-sisters-hugging-and-kissing-each-other-s-cheeks-older-sister-kisses-her-younger-sister-s-cheek-family-free-video.jpg

IP / ASN

104.18.4.151

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x2160, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size230 kB (229510 bytes)

MD5b5022722648f7338404a208369cac76b

SHA1775e58028dcc75459a359b37514162283d03c231

SHA2563a9068adea98190c1661af4dc1220c9ee11c95e1d2480731498bf8446594deaf

Certificate Info

IssuerGoogle Trust Services

Subjectvecteezy.com

Fingerprint83:CB:B8:5C:B8:AC:CA:6B:6A:2C:31:EA:79:7B:AA:67:D3:F1:AD:47

ValiditySat, 30 Nov 2024 23:11:13 GMT - Sat, 01 Mar 2025 00:11:09 GMT

HTTP Headers

GET /system/resources/thumbnails/021/722/911/original/close-up-face-of-happy-cute-little-girl-hugging-twin-sister-and-kissing-her-on-the-cheek-two-sisters-hugging-and-kissing-each-other-s-cheeks-older-sister-kisses-her-younger-sister-s-cheek-family-free-video.jpg HTTP/1.1
Host: static.vecteezy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:07 GMT
content-type: image/jpeg
content-length: 229510
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=242618
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
etag: "47da4494317d546302eea35e30f29329"
last-modified: Sat, 25 Mar 2023 08:44:29 GMT
via: 1.1 82636c8aa9a5ece412a0bc535c0ca124.cloudfront.net (CloudFront)
x-amz-cf-id: mI-U9biVLKE_9wm2b5JgYh34xFkhQlUhvFWhWp_gRLZp42XCZ81Wxw==
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: bLnJ7LsNC3oaMKaWRB8g.uYGeJu3Kawv
x-cache: Hit from cloudfront
cf-cache-status: HIT
age: 1089
expires: Sun, 07 Dec 2025 03:44:07 GMT
accept-ranges: bytes
set-cookie: __cf_bm=UQg46I7BnakdAfFNW43lvBWaxgIClUqU9ZehEbDaIQo-1733543047-1.0.1.1-_P1tS8IKpmYo5MrkPrm8Gy7L5BgLVtwqxDzk5ESDvS1516wkICYnmfLcN13MBLJEOOKlaKnsYqIMhrEw1pBkSQ; path=/; expires=Sat, 07-Dec-24 04:14:07 GMT; domain=.vecteezy.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
server: cloudflare
cf-ray: 8ee183ebba0d56c4-OSL
X-Firefox-Spdy: h2

GET www.effedupmovies.com/wp-content/uploads/2020/04/cropped-EUM-32x32.png

101.99.88.242

200 OK

681 B

URL GET HTTPS

www.effedupmovies.com/wp-content/uploads/2020/04/cropped-EUM-32x32.png

IP / ASN

101.99.88.242

#45839 Shinjiru Technology Sdn Bhd

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced

First Seen2024-05-18

Last Seen2025-08-05

Times Seen96

Size681 B (681 bytes)

MD5447b76c309032733ac501a31b2f2d3d4

SHA1840e72874ac70f7a3bd560c1ffb5fa2637d7d354

SHA256837c6f9ccfe7b567669012298335703f085c92469cff5f876732c6d5bd9993f0

Certificate Info

IssuerLet's Encrypt

Subjecteffedupmovies.com

Fingerprint7C:76:8E:FB:95:40:49:23:DF:F1:9B:9B:FE:6F:68:DE:CD:5E:7C:BF

ValidityTue, 05 Nov 2024 04:34:39 GMT - Mon, 03 Feb 2025 04:34:38 GMT

HTTP Headers

GET /wp-content/uploads/2020/04/cropped-EUM-32x32.png HTTP/1.1
Host: www.effedupmovies.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/png
content-length: 681
x-accel-version: 0.01
last-modified: Fri, 16 Feb 2024 14:27:11 GMT
etag: "2a9-611808a1e6dc0"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

GET www.pornfactory.info/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

www.pornfactory.info/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectpornfactory.info

Fingerprint60:0F:08:A2:B4:0C:57:A4:D6:AE:6F:98:87:9D:6B:8E:83:49:2E:1E

ValidityFri, 18 Oct 2024 20:08:14 GMT - Thu, 16 Jan 2025 20:08:13 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.pornfactory.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
last-modified: Fri, 30 Dec 2022 09:14:23 GMT
etag: W/"63aeabef-202"
expires: Tue, 10 Dec 2024 03:44:17 GMT
cache-control: max-age=259200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zUrTBAhnMtHF%2FnjuYsCbL345rXPVIz8Qvp2eFchm4BxtEll3YgZQ4u%2BU9wnP3FNuL2EqmCgqXM1OXQvA15cvQYD7Il0uwnRxii7gIG8bpmk4ctZirL6dGvIAoFxM9AfAcfirvgfwQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1842a7fb756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4379&min_rtt=432&rtt_var=7868&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3212&recv_bytes=1059&delivery_rate=4462249&cwnd=254&unsent_bytes=0&cid=4ac57eec3bbe70eb&ts=844&x=0"
X-Firefox-Spdy: h2

GET akhwbjyshezaxck.buzz/favicon.ico

188.114.96.1

301 Moved Permanently

0 B

URL GET HTTPS

akhwbjyshezaxck.buzz/favicon.ico

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectakhwbjyshezaxck.buzz

Fingerprint50:C0:E5:CF:15:E0:90:C6:18:4B:B4:D4:1A:D3:99:BB:73:D9:25:EF

ValiditySat, 09 Nov 2024 17:56:02 GMT - Fri, 07 Feb 2025 17:56:01 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: akhwbjyshezaxck.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: text/html
location: https://jysheqwrf.cfd/favicon.ico
cache-control: max-age=14400
cf-cache-status: HIT
age: 951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YmSFTbv3wAVIqcHji8YxHNaL53tBObYwuWlHky6%2Fwsv1iMwa8jmXWrHOfYKhW9nGEtlJj59JL12MaxXleI32xkYZCfzKgw4ekDIj91%2FJhbUpTq%2BXuG9ECzpdABDENGmrQZixI%2FyfQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1842a2b0656ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=480&min_rtt=452&rtt_var=112&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3226&recv_bytes=1029&delivery_rate=8074349&cwnd=253&unsent_bytes=0&cid=86a7bb36bd87ebb0&ts=609&x=0"
X-Firefox-Spdy: h2

GET rapefilms.net/favicon.ico

0.0.0.0

0 B

URL GET HTTP

rapefilms.net/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rapefilms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET img.xvideosporno.blog/wp-content/uploads/44890759/color-climax-incest-family.jpg

172.67.192.69

200 OK

16 kB

URL GET HTTPS

img.xvideosporno.blog/wp-content/uploads/44890759/color-climax-incest-family.jpg

IP / ASN

172.67.192.69

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, components 3

First Seen2024-12-07

Last Seen2025-07-26

Times Seen5

Size16 kB (16089 bytes)

MD5c07e8f9527a497c7ff8d8d64eb7cab54

SHA1e7a34c8eb65a0c5e7d15aaebd472f79636e606c6

SHA2562ff3635f2b78e327adeaf7903af7b841cd8fa10f11b375a7b7ff4ebe1fc433d5

Certificate Info

IssuerLet's Encrypt

Subjectxvideosporno.blog

FingerprintCF:E6:41:13:13:12:DB:E3:90:13:21:94:96:D9:8C:B8:A9:5A:31:25

ValiditySun, 24 Nov 2024 00:26:13 GMT - Sat, 22 Feb 2025 00:26:12 GMT

HTTP Headers

GET /wp-content/uploads/44890759/color-climax-incest-family.jpg HTTP/1.1
Host: img.xvideosporno.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
expires: Sun, 05 Jan 2025 04:49:18 GMT
cache-control: max-age=3531600
version: MS24102801
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-micro-cache: HIT
cf-cache-status: HIT
age: 1021963
last-modified: Mon, 25 Nov 2024 07:51:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2FXPmwXoGEFFB3UUfWRiUEuNYC59MGLGs8TwjB5kkI%2BiiiVAQt0YPJiHc0c%2BxZzy0N%2FX4oIeXXQIumUvWHdKCxToMRm3irf%2BaJVwhltlRrn35yf53PJqNwXa5OpsXmndKU0mIZngXas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fe6fafb505-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=453&min_rtt=422&rtt_var=102&sent=5&recv=10&lost=0&retrans=0&sent_bytes=2866&recv_bytes=1213&delivery_rate=5098591&cwnd=253&unsent_bytes=0&cid=8e4d4b36a1c72cc5&ts=2447&x=0"
X-Firefox-Spdy: h2

GET rule34porn.net/favicon.ico

172.67.132.222

302 Found

897 B

URL GET HTTPS

rule34porn.net/favicon.ico

IP / ASN

172.67.132.222

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size897 B (897 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectrule34porn.net

Fingerprint14:34:D6:7B:67:DC:A2:11:E1:0E:26:AA:61:A4:35:4A:24:95:D5:FD

ValidityMon, 18 Nov 2024 05:23:48 GMT - Sun, 16 Feb 2025 05:23:47 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rule34porn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: text/html; charset=UTF-8
location: https://rule34porn.net/web/cropped-fav-1-32x32.png
x-powered-by: PHP/7.4.33
cf-edge-cache: cache,platform=wordpress
link: <https://rule34porn.net/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
cache-control: max-age=14400
expires: Sat, 07 Dec 2024 04:54:31 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 2984
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxT%2F442ajfAG9TI%2BHjPIWLaY9fNVr%2FhgZX0Z6%2F%2Fv9ybZvsuBYUA0%2Fbmnh2rYs5FkiS%2FQLui4u7EleQljYseNinlXco2E3mHiSL0AVlAxaQKaPmcyLTenRDtPFd1BZ7tL3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee18423186756bf-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17659&min_rtt=4090&rtt_var=12969&sent=47&recv=59&lost=0&retrans=0&sent_bytes=5996&recv_bytes=3836&delivery_rate=116118&cwnd=12000&unsent_bytes=0&cid=b3c1972e9cd04d78&ts=5415&x=1", cfExtPri, cfHdrFlush;dur=0

GET img.caoliuzywimg.com:188/20240302/c81WhSzB/1.jpg

0.0.0.0

0 B

URL GET HTTP

img.caoliuzywimg.com:188/20240302/c81WhSzB/1.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /20240302/c81WhSzB/1.jpg HTTP/1.1
Host: img.caoliuzywimg.com:188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET cf.gekso.com/thumbs/274806.jpg

0.0.0.0

0 B

URL GET HTTP

cf.gekso.com/thumbs/274806.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thumbs/274806.jpg HTTP/1.1
Host: cf.gekso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET javlulu.com/https://jpgjingpinx.com/upload/vod/20231219-1/4c84c73a81bccefe1ea4ed981b81cf21.jpg

104.21.44.73

404 Not Found

0 B

URL GET HTTPS

javlulu.com/https://jpgjingpinx.com/upload/vod/20231219-1/4c84c73a81bccefe1ea4ed981b81cf21.jpg

IP / ASN

104.21.44.73

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectjavlulu.com

Fingerprint91:6D:9B:45:23:CF:2A:71:AA:AD:AD:C6:56:57:91:FD:8B:D9:63:48

ValiditySat, 12 Oct 2024 11:25:37 GMT - Fri, 10 Jan 2025 11:25:36 GMT

HTTP Headers

GET /https://jpgjingpinx.com/upload/vod/20231219-1/4c84c73a81bccefe1ea4ed981b81cf21.jpg HTTP/1.1
Host: javlulu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 12
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cI5crWI328RO5JkqE7XbX82jUe%2BlNduwexWSoDPlYeeaUr9HGGDzjRneO2usFJZRI38C%2Bk0r%2BusflyK7CD0RHLUeSmecu%2BtIcpEDEDDafGSDELbh9EpQiZEsauTl5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1840dd9d7b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7164&min_rtt=912&rtt_var=5484&sent=61&recv=86&lost=0&retrans=0&sent_bytes=6806&recv_bytes=5300&delivery_rate=180174&cwnd=12000&unsent_bytes=0&cid=307bec9cb75b3a37&ts=2177&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.vecteezy.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

www.vecteezy.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectvecteezy.com

Fingerprint83:CB:B8:5C:B8:AC:CA:6B:6A:2C:31:EA:79:7B:AA:67:D3:F1:AD:47

ValiditySat, 30 Nov 2024 23:11:13 GMT - Sat, 01 Mar 2025 00:11:09 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.vecteezy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=UQg46I7BnakdAfFNW43lvBWaxgIClUqU9ZehEbDaIQo-1733543047-1.0.1.1-_P1tS8IKpmYo5MrkPrm8Gy7L5BgLVtwqxDzk5ESDvS1516wkICYnmfLcN13MBLJEOOKlaKnsYqIMhrEw1pBkSQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 05 Dec 2024 17:04:15 GMT
strict-transport-security: max-age=15552000; preload
x-cache: Miss from cloudfront
via: 1.1 08b84720fd9415ecb290dcdb71c8b776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7DQZruBQZt1loyx-euZ-R98U0hquBH2kcKZiEj9VcqSx8MZGNwUncw==
cf-cache-status: HIT
age: 260
expires: Sun, 07 Dec 2025 03:44:16 GMT
cache-control: public, max-age=31536000
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184278aff56c9-OSL
content-encoding: br
server-timing: cfExtPri

GET thumb.pornbraze.com/media/videos/tmb/000/040/668/player.jpg

0.0.0.0

0 B

URL GET HTTP

thumb.pornbraze.com/media/videos/tmb/000/040/668/player.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/videos/tmb/000/040/668/player.jpg HTTP/1.1
Host: thumb.pornbraze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET sorkab.com/favicon.ico

104.21.234.105

404 Not Found

0 B

URL GET HTTPS

sorkab.com/favicon.ico

IP / ASN

104.21.234.105

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectsorkab.com

FingerprintD3:11:17:D3:EB:D7:75:32:87:93:33:0C:EE:8B:E9:79:13:66:B2:04

ValidityFri, 08 Nov 2024 02:56:19 GMT - Thu, 06 Feb 2025 02:56:18 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUGq0eYKB%2Bdk3sgsVCfq4Wujv0GmySO7ZCmBuBLzMioQ5OJ4e%2BG306YdX7MfN8R3knAi0egy1KLx1ZFdUufsOOTHqd9yVZWwc0HRJNG6pPV7vHucG7xpa%2BmQcMvx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee18422bc1fd1fb-LHR
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=74600&min_rtt=32035&rtt_var=42417&sent=26&recv=24&lost=0&retrans=0&sent_bytes=4893&recv_bytes=2003&delivery_rate=20040&cwnd=12000&unsent_bytes=0&cid=f832c7175a36ba3c&ts=9134&x=1", cfExtPri, cfHdrFlush;dur=0

GET static.thisav.com/images/videothumbs/164115-1.jpg

0.0.0.0

0 B

URL GET HTTP

static.thisav.com/images/videothumbs/164115-1.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/164115-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET oedy9.com/favicon.ico

188.114.96.1

403 Forbidden

0 B

URL GET HTTPS

oedy9.com/favicon.ico

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectoedy9.com

FingerprintB1:02:91:D2:1C:9B:68:6C:A7:E7:F2:B3:E2:4A:6F:77:CC:9C:D8:FA

ValidityTue, 15 Oct 2024 16:33:43 GMT - Mon, 13 Jan 2025 16:33:42 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: oedy9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Be45nmdOricTNwPHSEkYkeiuhcR2MohHvHqRw4ha6LZrU2W67YnpxX+DzyJlczO57Vu8ES2Q084tsoOYs3PtP/hpA09xOew4keAEO8jHTK9qw1KcBGxbei1H3SVyx6OGSKJkjvoDDvlkYTrocUC3JA==$IRDs8XBliotBClGpcgtVew==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DFL%2Bd6iZ2%2B%2BbKQtITNbvE5g0Tm0Dv9o9pKONFW2N7MLiyDsYxNSpyDS7nLDtv3iBoK%2Fy1xzwraQmpPxzYRG9%2BNCILnQJ344148E7ErMObEzhBpemEHX9eUQb%2B6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1843068a5b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=489&min_rtt=425&rtt_var=129&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3269&recv_bytes=1142&delivery_rate=7489655&cwnd=253&unsent_bytes=0&cid=12e6536bcd15bdca&ts=1184&x=0"
X-Firefox-Spdy: h2

GET mc.webvisor.org/watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fav.tub4us.top%2F2&page-ref=https%3A%2F%2Ffavor.jtube.top%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2ry4ydu9fr0zbj9aowv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A798601407665%3Ahid%3A747193505%3Az%3A0%3Ai%3A20241207034411%3Aet%3A1733543052%3Ac%3A1%3Arn%3A302924426%3Arqn%3A1%3Au%3A1733543052825791113%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C30%2C12%2C3%2C370%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1733543046099%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1733543053%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1

77.88.21.119

200 OK

604 B

URL GET HTTPS

mc.webvisor.org/watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fav.tub4us.top%2F2&page-ref=https%3A%2F%2Ffavor.jtube.top%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2ry4ydu9fr0zbj9aowv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A798601407665%3Ahid%3A747193505%3Az%3A0%3Ai%3A20241207034411%3Aet%3A1733543052%3Ac%3A1%3Arn%3A302924426%3Arqn%3A1%3Au%3A1733543052825791113%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C30%2C12%2C3%2C370%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1733543046099%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1733543053%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1

IP / ASN

77.88.21.119

#13238 YANDEX LLC

Requested byhttps://av.tub4us.top/2

Resource Info

File typetroff or preprocessor input, ASCII text, with very long lines (660), with no line terminators

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size604 B (604 bytes)

MD5b6b1ab6e7ba542ebc268378111e1f658

SHA1d3d1a880b0f83a45ccc2a866c46cf9f2806ace4c

SHA25662fc05429a8835bb742e4f50aba66aad32be4ba822d1f76276f695b0a8d5cde2

Certificate Info

IssuerGlobalSign nv-sa

Subjectmc.webvisor.com

Fingerprint0E:34:88:85:15:0E:93:C0:12:EF:3F:45:B6:E8:61:82:0B:EC:4B:BD

ValiditySat, 28 Sep 2024 21:02:48 GMT - Sat, 22 Mar 2025 20:59:59 GMT

HTTP Headers

GET /watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fav.tub4us.top%2F2&page-ref=https%3A%2F%2Ffavor.jtube.top%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2ry4ydu9fr0zbj9aowv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A798601407665%3Ahid%3A747193505%3Az%3A0%3Ai%3A20241207034411%3Aet%3A1733543052%3Ac%3A1%3Arn%3A302924426%3Arqn%3A1%3Au%3A1733543052825791113%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C30%2C12%2C3%2C370%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1733543046099%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1733543053%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1 HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://av.tub4us.top
Referer: https://av.tub4us.top/
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=2096765391733543053; i=hNYBEX8DW3BkyFtMNysAJ8PP+GfCag9U5gP9vtAByMljcC2nMNvlU1DaeyRsg/pQM747qFFO5dmC2LwTv9G4nZ8FwJY=; yandexuid=4010048731733543053; yuidss=4010048731733543053; ymex=1765079053.yrts.1733543053#1765079053.yrtsi.1733543053
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 604
pragma: no-cache
last-modified: Sat, 07-Dec-2024 03:44:13 GMT
x-content-type-options: nosniff
date: Sat, 07 Dec 2024 03:44:13 GMT
expires: Sat, 07-Dec-2024 03:44:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
access-control-allow-origin: https://av.tub4us.top
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
X-Firefox-Spdy: h2

GET wild-kitty.net/favicon.ico

104.21.40.107

403 Forbidden

0 B

URL GET HTTPS

wild-kitty.net/favicon.ico

IP / ASN

104.21.40.107

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectwild-kitty.net

Fingerprint47:7B:FE:9B:11:28:DB:29:5E:28:79:FB:30:98:6E:C7:C6:EB:A2:2D

ValiditySat, 09 Nov 2024 17:17:26 GMT - Fri, 07 Feb 2025 17:17:25 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: wild-kitty.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
cf-cache-status: BYPASS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bau2Tr%2FbIsXUhAtV0fW4xx%2FOPXrlB5pADtdb%2B56bmGxBWXwaUNpyUQz9AlwMksoEl52I3IDWOav%2Fv3AEiz40BNbj6CnSyMWMZlR2N7jrtVOyY9V9lqdFG1GGwsjIBb7sCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18422ebc90b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6005&min_rtt=632&rtt_var=4238&sent=45&recv=47&lost=0&retrans=0&sent_bytes=5887&recv_bytes=3201&delivery_rate=50856&cwnd=12000&unsent_bytes=0&cid=ab82efadf1f5d3b9&ts=4294&x=1", cfExtPri, cfHdrFlush;dur=0

GET jsjs.4jpg.top/index.php?js=very

188.114.96.1

200 OK

0 B

URL GET HTTPS

jsjs.4jpg.top/index.php?js=very

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subject4jpg.top

FingerprintC4:37:E6:09:C5:3C:99:D3:7D:3F:90:98:D9:5E:80:F2:A7:C8:D2:F4

ValidityTue, 29 Oct 2024 17:25:21 GMT - Mon, 27 Jan 2025 17:25:20 GMT

HTTP Headers

GET /index.php?js=very HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:06 GMT
content-type: text/html; charset=UTF-8
imghost: 104194820-h-jsjs4jpgtopmh--NO-rm162158222116/index.php?js=very
56nloadrate: 1.161875
cache-control: max-age=360000, private
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUQR7A8P3ZGh5nMH9RZ%2Bvi4vBu3Amfhym%2Fr9CtjsGzopZQtPrr5uVzGcD6LDDWwbpuaY5CX6FBjfhQDXZTqnnE4ZsGWPhMfGHKD3xEskD9DyUNRn5eJnCkq3lyZaVWJ2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee183e9eb5256ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=963&min_rtt=435&rtt_var=992&sent=40&recv=14&lost=0&retrans=0&sent_bytes=46773&recv_bytes=1277&delivery_rate=12079249&cwnd=254&unsent_bytes=0&cid=53768ebbfbc19aa5&ts=231&x=0"
X-Firefox-Spdy: h2

GET hotmoza.tv/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

hotmoza.tv/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjecthotmoza.tv

FingerprintE3:06:3B:68:CE:47:76:70:A9:16:AF:3D:D5:41:69:7A:89:52:4B:1A

ValidityWed, 30 Oct 2024 14:13:06 GMT - Tue, 28 Jan 2025 14:13:05 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hotmoza.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/x-icon
last-modified: Mon, 17 Jun 2019 23:17:09 GMT
etag: W/"5d081f75-47e"
expires: Sat, 07 Dec 2024 03:49:28 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1788
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=glgFKF9tHtv2kvrcXjng2N6EwGdehNCW6bFpdXOhEOMa4g5cCW9ebiW4wSaHbF4B%2ByjV1zaukm8BFq5ehc8JZcqdg2QP%2FoQqvpcR47Vnca50FAC%2BZfJRRxwQmVXG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee1842749b356b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15075&min_rtt=12924&rtt_var=7499&sent=53&recv=71&lost=0&retrans=0&sent_bytes=6302&recv_bytes=4446&delivery_rate=24675&cwnd=12000&unsent_bytes=0&cid=12b11e911fff920f&ts=6038&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.cmav.net/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

www.cmav.net/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectcmav.net

Fingerprint08:A9:8F:C6:AC:3F:5B:2E:BF:5A:8D:98:58:58:CE:2C:A0:9B:B8:8F

ValidityFri, 25 Oct 2024 16:26:43 GMT - Thu, 23 Jan 2025 16:26:42 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.cmav.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
last-modified: Thu, 28 Sep 2023 12:03:49 GMT
etag: W/"65156ba5-25be"
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 1139
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4GY9i12GBCgK0s9IdgCjudlZ43e58Y2bCN6B7%2BQ39jImY%2Bq3N3%2FxTlIq1t4s773b3eXVV1F226cKLml8591JGh1Yk64OFoWC9HlKoYV0AEuP9Gy9cO9zJXzoPH0t7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184234ff156be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17568&min_rtt=837&rtt_var=9511&sent=62&recv=88&lost=0&retrans=0&sent_bytes=6804&recv_bytes=5343&delivery_rate=38624&cwnd=12000&unsent_bytes=0&cid=378055e2f9dd8e70&ts=5881&x=1", cfExtPri, cfHdrFlush;dur=0

GET jysheqwrf.cfd/favicon.ico

104.21.17.181

404 Not Found

0 B

URL GET HTTPS

jysheqwrf.cfd/favicon.ico

IP / ASN

104.21.17.181

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectjysheqwrf.cfd

Fingerprint03:85:BB:2F:E2:AE:52:D9:4A:8D:1C:B3:61:6B:3C:F1:93:BF:5D:6D

ValidityTue, 03 Dec 2024 00:39:51 GMT - Mon, 03 Mar 2025 00:39:50 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jysheqwrf.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
content-language: ru-RU
cache-control: max-age=1200
cf-cache-status: HIT
age: 141
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHJHj1yUSnGRjCeYbhzvMq%2F8eLdr6zUh2Adnx6tmsb5X3pvoGPlJUfYxKes1ywIrUtddxsbEKPQR37cQFsr2JUaofyULrHsJ1C01oSzj3bnCgGstmPAD0ZJl0fX7FvGR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee18431cd5e56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=553&min_rtt=511&rtt_var=125&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3280&recv_bytes=1149&delivery_rate=6928229&cwnd=253&unsent_bytes=0&cid=e55875dda1d9ea68&ts=1047&x=0"
X-Firefox-Spdy: h2

GET img.youtube.com/vi/Iu4V1x0dt5A/0.jpg

142.250.74.46

200 OK

8.9 kB

URL GET HTTPS

img.youtube.com/vi/Iu4V1x0dt5A/0.jpg

IP / ASN

142.250.74.46

#15169 GOOGLE

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3

First Seen2024-12-07

Last Seen2024-12-07

Times Seen1

Size8.9 kB (8854 bytes)

MD5b6feaf8bdd836467a00dafedac97fc05

SHA1ab4ef4c0afd817f288f72db0ab82d020d78317c0

SHA256437fd94fd697dfee74d841d5565cc65a32eb2c6317ef78b4d19b86a7d65a031e

Certificate Info

IssuerGoogle Trust Services

Subject*.google.com

Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB

ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

HTTP Headers

GET /vi/Iu4V1x0dt5A/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 8854
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Dec 2024 02:54:32 GMT
expires: Sat, 07 Dec 2024 04:54:32 GMT
cache-control: public, max-age=7200
age: 2982
etag: "0"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET javlulu.com/favicon.ico

104.21.44.73

404 Not Found

0 B

URL GET HTTPS

javlulu.com/favicon.ico

IP / ASN

104.21.44.73

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectjavlulu.com

Fingerprint91:6D:9B:45:23:CF:2A:71:AA:AD:AD:C6:56:57:91:FD:8B:D9:63:48

ValiditySat, 12 Oct 2024 11:25:37 GMT - Fri, 10 Jan 2025 11:25:36 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: javlulu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 118
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAtLUfSwHRuV09I1kAxZ0CJWEVzTUxqAw4HSXl2AaUEYlPu9f07e9xB4laMqFCYuMJk8e6LKS%2FCq4MKBcktSueeZXJrhUoKNGHbreMCcM8XzIHTlEDqyt2oEuhYPOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee184232f0eb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6650&min_rtt=912&rtt_var=5140&sent=66&recv=88&lost=0&retrans=0&sent_bytes=9335&recv_bytes=5593&delivery_rate=102418&cwnd=12000&unsent_bytes=0&cid=307bec9cb75b3a37&ts=5583&x=1", cfExtPri, cfHdrFlush;dur=0

GET thisav.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

thisav.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectthisav.com

Fingerprint6E:DA:7C:E3:1D:50:D7:ED:8A:BA:05:3F:82:E8:82:D7:5D:62:0A:F4

ValiditySun, 24 Nov 2024 21:12:35 GMT - Sat, 22 Feb 2025 21:12:34 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: thisav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
last-modified: Fri, 16 Aug 2024 02:37:03 GMT
vary: Accept-Encoding
etag: W/"66bebb4f-3c2e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=43200
cf-cache-status: HIT
age: 2331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kvzvu%2Fqt1M%2B8NcodZnzcsHrKPOAEMPu9%2FLyGxqkamzqKLBKSBI06fkkhYr%2FDZmzULhUSRMhZqPYwcD57KKfpuz5ax%2BQe%2FCIEIFni850zqLi2kiLtrezs8VfFDlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1842aad7e712d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=999&min_rtt=468&rtt_var=969&sent=19&recv=22&lost=0&retrans=1&sent_bytes=8898&recv_bytes=1297&delivery_rate=8369942&cwnd=257&unsent_bytes=0&cid=269d65eca62d4831&ts=789&x=0"
X-Firefox-Spdy: h2

GET vidmo.pro/thumbs_320/95/36/9536ba3756a3574f530b30cc2281f6c4/15784325.jpg

89.248.193.244

404 Not Found

0 B

URL GET HTTPS

vidmo.pro/thumbs_320/95/36/9536ba3756a3574f530b30cc2281f6c4/15784325.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/95/36/9536ba3756a3574f530b30cc2281f6c4/15784325.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sat, 07 Dec 2024 03:44:12 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

GET bp.vancouvercache.com/contents/videos_screenshots20241015/232000/232482/preview.jpg

0.0.0.0

200 OK

0 B

URL GET HTTPS

bp.vancouvercache.com/contents/videos_screenshots20241015/232000/232482/preview.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectvancouvercache.com

FingerprintC1:36:AD:84:D9:22:2A:20:F6:EF:95:48:89:5C:4E:39:0A:CE:BC:66

ValidityThu, 31 Oct 2024 08:52:17 GMT - Wed, 29 Jan 2025 08:52:16 GMT

HTTP Headers

GET /contents/videos_screenshots20241015/232000/232482/preview.jpg HTTP/1.1
Host: bp.vancouvercache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: image/jpeg
last-modified: Tue, 05 Apr 2022 04:56:04 GMT
vary: Accept-Encoding
etag: W/"624bcbe4-346d"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6076
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycwknbC16TS%2FUNuAfhmS352OTwJZyz1WHjEfSOSqC3JLQIiHYRUY8ZVBbfHAsCOnZ3mwadWS7wRdUpwIn1JredSaWtmpuIhfIKOF87GLjIaT8MnwUxMuo4YLrE9HfXMLP3FQEpO%2BaMY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee184034e030afa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=498&min_rtt=450&rtt_var=131&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3222&recv_bytes=1080&delivery_rate=6950400&cwnd=253&unsent_bytes=0&cid=405d506f6a30d2fe&ts=1935&x=0"
X-Firefox-Spdy: h2

GET rrs1.xyz/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

rrs1.xyz/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectrrs1.xyz

Fingerprint47:F9:58:2A:6C:28:D2:A8:4E:E4:ED:BD:02:79:02:F1:1F:58:58:57

ValidityWed, 16 Oct 2024 01:45:01 GMT - Tue, 14 Jan 2025 01:45:00 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rrs1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
last-modified: Fri, 20 Mar 2020 00:30:18 GMT
etag: W/"5e740e9a-c6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5805
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5aSUwTsw0Drriis2o7ly1BV2XIE5Bcx5lGFePKQZsPGnOJpHsbvcs%2BM1VgayYcz6rz1p9%2Fi7Fi2MP00oLOsgoYMN0it86EDOHmUjcJd0cezzK8KiSdR2uDEYew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184235810ef54-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38386&min_rtt=31312&rtt_var=19568&sent=41&recv=45&lost=0&retrans=0&sent_bytes=5616&recv_bytes=3092&delivery_rate=14530&cwnd=12000&unsent_bytes=0&cid=8a83e8681f3a0282&ts=5246&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.91rb.net/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

www.91rb.net/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subject91rb.net

FingerprintCD:09:2C:3C:7F:47:F8:71:00:9B:15:E7:D8:4F:4D:E5:D1:A1:44:D2

ValidityMon, 11 Nov 2024 09:30:39 GMT - Sun, 09 Feb 2025 09:30:38 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.91rb.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
last-modified: Thu, 28 Sep 2023 12:03:49 GMT
etag: W/"65156ba5-25be"
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6505
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORXTwyoaA730G6S8FVMXI6FNghqRDpM5UcGF7szQxGLlz1sXYF8%2Bo7nx9DHGlDtZZ1cysY25Rr4Ka4JbQ76zrMdObUgCCK5dZZl%2FrTuIE3MGIZ0YoNs0PRhYsS3pHC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184237a5ab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13506&min_rtt=565&rtt_var=13566&sent=106&recv=127&lost=0&retrans=0&sent_bytes=9185&recv_bytes=7375&delivery_rate=131235&cwnd=12000&unsent_bytes=0&cid=9fcf37d597503de5&ts=5131&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.coolsexnew.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

www.coolsexnew.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectcoolsexnew.com

FingerprintE9:CD:2C:35:B1:5F:42:9A:75:15:3D:B1:A8:03:0B:C6:A2:A2:E3:46

ValidityFri, 22 Nov 2024 14:14:34 GMT - Thu, 20 Feb 2025 14:14:33 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.coolsexnew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
last-modified: Tue, 06 Apr 2021 01:58:06 GMT
etag: W/"606bc02e-3c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 179773
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9wZk88AzeHeXh27G2%2FbpbdNkJmcJVYugdOCEzBPxAJpjdbXCxSHJsCCgD%2BbIK%2BLwvYgXl5PVFabonmPMM8wVyXmgJ7NfaG2Eqs4lsVz94MQDCcwUuMvd1Baz23RVkwGmx1oscAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18423a8a6bd76-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27380&min_rtt=25645&rtt_var=13088&sent=28&recv=30&lost=0&retrans=0&sent_bytes=4976&recv_bytes=2333&delivery_rate=15017&cwnd=12000&unsent_bytes=0&cid=64ed5ff1ba7f1716&ts=4749&x=1", cfExtPri, cfHdrFlush;dur=0

GET cf.gekso.com/thumbs/274806.jpg

0.0.0.0

0 B

URL GET HTTP

cf.gekso.com/thumbs/274806.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thumbs/274806.jpg HTTP/1.1
Host: cf.gekso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET pornohub24.ru/favicon.ico

193.163.7.2

404 Not Found

0 B

URL GET HTTPS

pornohub24.ru/favicon.ico

IP / ASN

193.163.7.2

#204601 Zomro B.V.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectpornohub24.ru

Fingerprint16:59:1E:F3:1A:6B:29:1A:5D:B8:52:4F:D0:8F:54:B2:CD:EE:1B:57

ValidityMon, 02 Dec 2024 06:01:45 GMT - Sun, 02 Mar 2025 06:01:44 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pornohub24.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx/1.24.0
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: text/html; charset=iso-8859-1
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET comments.4jpg.top/comments/embed.js?37

0.0.0.0

302 Found

0 B

URL GET HTTPS

comments.4jpg.top/comments/embed.js?37

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subject4jpg.top

FingerprintC4:37:E6:09:C5:3C:99:D3:7D:3F:90:98:D9:5E:80:F2:A7:C8:D2:F4

ValidityTue, 29 Oct 2024 17:25:21 GMT - Mon, 27 Jan 2025 17:25:20 GMT

HTTP Headers

GET /comments/embed.js?37 HTTP/1.1
Host: comments.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 07 Dec 2024 03:44:11 GMT
content-type: text/html
location: https://av.tub4us.top/2
x-proxy-cache-192g-la: MISS
xkey-192la: jcomments./comments/embed.js?37-A-comments.4jpg.top-comments.4jpg.top-cacpdo2---no
x-proxy-cache-g-la: HIT
xkey-g-la: comments.4jpg.top/comments/embed.js?37--comments.4jpg.top--my_zone
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZXgya%2FhlgFLXZXvDR3NnIlr07ZVsqJS3dGrZDc03KDLm5setr23WZ3sP%2FX%2Biil94%2BHjY6erx4%2Fk6zaBBN3vc5%2F87exJEjlfzYKW%2FtMkGSv%2BLCbgp9YabRl2ZGkHB1%2BcAuUZkKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18407b8731c02-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=464&min_rtt=403&rtt_var=119&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3185&recv_bytes=1065&delivery_rate=7215946&cwnd=254&unsent_bytes=0&cid=808706c6d0e98930&ts=2476&x=0"
X-Firefox-Spdy: h2

GET play.anh.moe/favicon.ico

188.114.96.1

404 Not Found

0 B

URL GET HTTPS

play.anh.moe/favicon.ico

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectanh.moe

Fingerprint8F:D2:44:51:66:8F:01:42:11:64:9E:5D:44:AC:38:93:8E:48:9E:6A

ValiditySat, 16 Nov 2024 03:05:54 GMT - Fri, 14 Feb 2025 03:05:53 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: play.anh.moe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 32
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DS3VUyLYZFh%2F9Ru8FzvvDZWl20MHKLk0BgLVqbpvVqbHiu9PjUHJUYkBP%2FknwkXdGOCz20bQ5roG3HOvb9EI0AkB4SxeGNMUy7gxBdxUtKMD6kyniiAxvTZfGPB8v9I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee18431192f0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=480&min_rtt=458&rtt_var=108&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3185&recv_bytes=1022&delivery_rate=7827027&cwnd=253&unsent_bytes=0&cid=37672a2750868b54&ts=1213&x=0"
X-Firefox-Spdy: h2

GET 99xing.cc/favicon.ico

188.114.97.1

404 Not Found

0 B

URL GET HTTPS

99xing.cc/favicon.ico

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subject99xing.cc

Fingerprint44:B8:9F:50:6D:CF:50:B1:65:0F:79:D8:1F:26:BC:C7:A2:66:CE:BC

ValidityFri, 11 Oct 2024 09:59:38 GMT - Thu, 09 Jan 2025 09:59:37 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 99xing.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: text/html
cache-control: max-age=31536000
cf-cache-status: HIT
age: 40298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2SoRyM1EK8pCSsU%2BZTqCJABQI5cjP%2BcALqWJjKneUmEoz0v%2BA7mJDHp2QGYZSnwj%2B3GuImYx5390rWd7OgTF9vCYx%2BJtbEkSpX4kclMjHc5YPxawo0mtn53%2FoQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184311d2256a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=463&min_rtt=426&rtt_var=104&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3272&recv_bytes=1142&delivery_rate=8337811&cwnd=253&unsent_bytes=0&cid=f3ce4a6846699ab2&ts=1201&x=0"
X-Firefox-Spdy: h2

GET area51.porn/

0.0.0.0

200 OK

0 B

URL GET HTTPS

area51.porn/

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectarea51.porn

Fingerprint6D:41:11:95:AA:89:BA:C7:D3:0A:C0:C3:1C:1D:84:9A:8C:16:34:35

ValiditySat, 16 Nov 2024 06:13:20 GMT - Fri, 14 Feb 2025 06:13:19 GMT

HTTP Headers

GET / HTTP/1.1
Host: area51.porn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=reghbvag772vln20gi03ivgf5s; path=/; domain=.area51.porn; secure; SameSite=None
kt_ips=91.90.42.154; expires=Sun, 08-Dec-2024 03:44:17 GMT; Max-Age=86400; path=/; domain=.area51.porn; secure; SameSite=None
vary: Accept-Encoding
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NeOr0jE%2FdZGftRoyeCiRRt152zSsnxHcR94W9a5r8%2B4q4R0QuAFO2sILc8DZHwK4uL73X3lWgWfELhI%2Fpfk8EUzJRfP9bXFJHPkh8GtmfETlcPF5xoriOdHEP%2F3gAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1842ab87c6364-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40273&min_rtt=20097&rtt_var=22988&sent=36&recv=49&lost=0&retrans=0&sent_bytes=5390&recv_bytes=3293&delivery_rate=26660&cwnd=12000&unsent_bytes=0&cid=77ebdff4e23cc7f3&ts=7131&x=1", cfExtPri, cfHdrFlush;dur=0

GET mamaporno.net/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

mamaporno.net/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectmamaporno.net

Fingerprint26:BF:E0:B6:24:24:17:3B:30:D6:97:9C:70:B1:7B:91:40:1E:CE:4D

ValidityFri, 22 Nov 2024 06:21:56 GMT - Thu, 20 Feb 2025 06:21:55 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mamaporno.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 03 Dec 2020 01:41:56 GMT
etag: W/"3c2e-5b585770ee62d"
x-request-id: dcd40a410bf8355fa407d0fccf5e8e0d
cache-control: max-age=14400
cf-cache-status: HIT
age: 4593
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=50Ru%2FgFbKPrT5xoK9sh6vRNGyjnmcnO4%2FmVvdHdJCgJQt7davrNV3D%2Bp3KoOng0uevPGr1sZzt4L93qT%2FpLRiglGWeee2%2BNNa%2F9lqm71XBJrqe0cocVKE87tMq77gKDf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184255ba55693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=875&min_rtt=443&rtt_var=848&sent=8&recv=11&lost=0&retrans=1&sent_bytes=3292&recv_bytes=1065&delivery_rate=7528596&cwnd=256&unsent_bytes=0&cid=c04de8b0d539da3a&ts=141&x=0"
X-Firefox-Spdy: h2

GET www.rbe66.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

www.rbe66.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectrbe66.com

Fingerprint9E:3C:82:44:D6:58:6C:4F:17:FD:A1:E8:9A:BC:72:78:59:85:9A:D0

ValidityFri, 06 Dec 2024 11:55:48 GMT - Thu, 06 Mar 2025 11:55:47 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.rbe66.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
etag: W/"65156ba5-25be"
last-modified: Mon, 25 Nov 2024 00:00:02 GMT
x-cache: HIT, policy, disk
cache-control: max-age=14400
cf-cache-status: HIT
age: 4960
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jifJ6%2FxTAKi4qv3GhKrKHz7v5PlM2Ce5gsPyNcAZga3wOwi0Rbue8S1x1S0dnuPficoYkpjVWD6kBd%2FVsajRilhgRYYwq%2BU9WbSE5STB8BR6Vb36eNfCJmOWv%2FA73Cp%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18423abdab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9467&min_rtt=1790&rtt_var=7109&sent=55&recv=73&lost=0&retrans=0&sent_bytes=6415&recv_bytes=4560&delivery_rate=228353&cwnd=12000&unsent_bytes=0&cid=196104590f536a6e&ts=5764&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.youxvids.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

www.youxvids.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectyouxvids.com

FingerprintFD:3B:5D:E9:11:BE:BB:B6:E7:73:59:82:58:04:CE:E9:00:7D:11:27

ValidityWed, 30 Oct 2024 20:04:46 GMT - Tue, 28 Jan 2025 20:04:45 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.youxvids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
last-modified: Sat, 30 May 2020 09:12:02 GMT
etag: W/"5ed22362-3c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 507288
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNZpOpRu65lQ3nQyB5Hh3aV37WkcKP75tv8BVoiLC%2ByIyic4QT8LSg2olSD76WHMt%2B95lHh01vAFEAoKWJthI5O6Sep3qGmyJFo8BcHfWZaifb1bzA2mtxK5QH5uADCjflYn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18423b9a963c8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26747&min_rtt=26412&rtt_var=10575&sent=28&recv=32&lost=0&retrans=0&sent_bytes=4960&recv_bytes=2422&delivery_rate=20398&cwnd=12000&unsent_bytes=0&cid=e7a4a51fe03c773b&ts=4782&x=1", cfExtPri, cfHdrFlush;dur=0

GET fapdig.com/faviconico/

104.21.6.130

404 Not Found

0 B

URL GET HTTPS

fapdig.com/faviconico/

IP / ASN

104.21.6.130

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectfapdig.com

Fingerprint3D:E1:B1:4D:BD:9F:ED:36:05:28:1A:3C:A6:02:EE:0E:85:BA:67:2A

ValidityThu, 21 Nov 2024 13:40:59 GMT - Wed, 19 Feb 2025 13:40:58 GMT

HTTP Headers

GET /faviconico/ HTTP/1.1
Host: fapdig.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: ASPro_1382933ca042bef776e8100bd5eb8ac5=v5gmmso7d0dcgj3suatqr21449; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiORjc1tz%2ByUyH2iT00rpTwqqSCG9mBk7wV71hY7RdUY8v4uMGLBHBbApVMkcr%2BU%2BMLn8y7xXzI81nPh%2FLLD4fRgKJglzFdhry24zxuu%2BjIc4RgP0PbI24xZf%2FMR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1842a8fff56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27895&min_rtt=6033&rtt_var=16763&sent=51&recv=73&lost=0&retrans=0&sent_bytes=6985&recv_bytes=4740&delivery_rate=232&cwnd=12000&unsent_bytes=0&cid=cae23007005d8489&ts=7216&x=1", cfExtPri, cfHdrFlush;dur=0

GET cdn3.pornmaster.fun/picture/original/nUE0pUZ6Yl9ynF1jnP5lMUEwMT-hL_9gY3McMTIipl8lZQVkZQLiZGtiZmt5BQN_ZwHkY_9lnJqcozSfYlugCJIUFxL-MvxboJt9ITkKLJIBMKOXJaAmpTSTGvxkAv5dpTpcXltbHT9lox1up3Eypv5zqJ-cK_1yM_czBTMgnUEfq_SyozIjnacmp3OuMz-kAv5dpTp5v7P/(PornMaster.fun)_slutty-wife-squirts-on-public-beach-while-i-shoot-cum-on-her-pussy-preview-6.jpg

0.0.0.0

0 B

URL GET HTTP

cdn3.pornmaster.fun/picture/original/nUE0pUZ6Yl9ynF1jnP5lMUEwMT-hL_9gY3McMTIipl8lZQVkZQLiZGtiZmt5BQN_ZwHkY_9lnJqcozSfYlugCJIUFxL-MvxboJt9ITkKLJIBMKOXJaAmpTSTGvxkAv5dpTpcXltbHT9lox1up3Eypv5zqJ-cK_1yM_czBTMgnUEfq_SyozIjnacmp3OuMz-kAv5dpTp5v7P/(PornMaster.fun)_slutty-wife-squirts-on-public-beach-while-i-shoot-cum-on-her-pussy-preview-6.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /picture/original/nUE0pUZ6Yl9ynF1jnP5lMUEwMT-hL_9gY3McMTIipl8lZQVkZQLiZGtiZmt5BQN_ZwHkY_9lnJqcozSfYlugCJIUFxL-MvxboJt9ITkKLJIBMKOXJaAmpTSTGvxkAv5dpTpcXltbHT9lox1up3Eypv5zqJ-cK_1yM_czBTMgnUEfq_SyozIjnacmp3OuMz-kAv5dpTp5v7P/(PornMaster.fun)_slutty-wife-squirts-on-public-beach-while-i-shoot-cum-on-her-pussy-preview-6.jpg HTTP/1.1
Host: cdn3.pornmaster.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET xvideosporno.blog/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

xvideosporno.blog/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectxvideosporno.blog

FingerprintCF:E6:41:13:13:12:DB:E3:90:13:21:94:96:D9:8C:B8:A9:5A:31:25

ValiditySun, 24 Nov 2024 00:26:13 GMT - Sat, 22 Feb 2025 00:26:12 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xvideosporno.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 21:24:21 GMT
vary: Accept-Encoding
etag: W/"63321885-3aee"
version: MS24092601
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 24 Oct 2025 21:23:53 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 108861
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V5MjZaWG5L6DMUnrU8GqnP5rmnZOJsUbJsu45I9QbpLw09HrPHZcP9KsAYuhvMlCWdLQsXR%2FxZLjtMmJTiL5nQnc%2FK60Spv8l2qUP843ymCJbn%2B8J3Are6AfA7up4r6KD6bEig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1842c5ce5b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=411&min_rtt=371&rtt_var=138&sent=5&recv=9&lost=0&retrans=0&sent_bytes=2867&recv_bytes=1156&delivery_rate=4810631&cwnd=252&unsent_bytes=0&cid=eff080bed3c82606&ts=756&x=0"
X-Firefox-Spdy: h2

GET uzbak.ru/favicon.ico

51.83.213.151

200 OK

495 B

URL GET HTTPS

uzbak.ru/favicon.ico

IP / ASN

51.83.213.151

#16276 OVH SAS

Requested byhttps://av.tub4us.top/2

Resource Info

File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

First Seen2024-06-17

Last Seen2025-08-03

Times Seen60

Size495 B (495 bytes)

MD50c19c2a6163fbf4c669707bde76ca544

SHA1b4dc653f20445c38e93bd8128f96966ad000565d

SHA25633df002fc10b9e1be2c51738ccdfec04a26801ad54044c8e8852026cb3687e71

Certificate Info

IssuerLet's Encrypt

Subjectuzbak.ru

FingerprintBA:F0:97:3F:1F:CC:48:CE:83:93:F7:2A:7D:28:F7:66:16:84:DD:19

ValidityFri, 01 Nov 2024 00:45:55 GMT - Thu, 30 Jan 2025 00:45:54 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: uzbak.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
content-length: 495
last-modified: Mon, 12 Oct 2020 13:16:33 GMT
etag: "5f845731-1ef"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

GET img.hgimg01.com/upload/vod/20230412-11/64732051a77a1f64d82a5914f7544dd3.jpg

0.0.0.0

0 B

URL GET HTTP

img.hgimg01.com/upload/vod/20230412-11/64732051a77a1f64d82a5914f7544dd3.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /upload/vod/20230412-11/64732051a77a1f64d82a5914f7544dd3.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET www.pornbf.mobi/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

www.pornbf.mobi/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectpornbf.mobi

FingerprintC7:47:78:67:8C:9B:79:84:60:01:48:9F:68:2C:C0:2A:67:D6:B4:0F

ValidityTue, 12 Nov 2024 11:17:40 GMT - Mon, 10 Feb 2025 11:17:39 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.pornbf.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2FZ3BMs23AyeZ7xRb0L8hWft8lLll%2B26%2B%2BQHhAB9n%2FwlZiqUsmjHc4%2BYyrqxNX7EUmBgLC4%2Ff7Vp%2FON3Uyl1qCPSEzPzGICzc8eMLrX6SxZ6Q%2B9p1rfCFh7hywxyOkEFJyg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Thu, 12 Dec 2024 14:15:30 GMT
last-modified: Sat, 21 Mar 2020 16:23:38 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 134927
content-encoding: br
cf-ray: 8ee1842dbb2e56c0-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

GET thisav.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

thisav.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectthisav.com

Fingerprint6E:DA:7C:E3:1D:50:D7:ED:8A:BA:05:3F:82:E8:82:D7:5D:62:0A:F4

ValiditySun, 24 Nov 2024 21:12:35 GMT - Sat, 22 Feb 2025 21:12:34 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: thisav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/x-icon
last-modified: Fri, 16 Aug 2024 02:37:03 GMT
vary: Accept-Encoding
etag: W/"66bebb4f-3c2e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=43200
cf-cache-status: HIT
age: 2330
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDE7C4OWTcba2O%2FSB%2BFpU7ZaaKTZEajiqCLp5TTEu7IElOVBcmEnvghCwkRao675HfSKGan3k%2FnE4I%2FEHOOuIBA4rBepxflSveiMkVlkdTarOWTU7teB3rGjMKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee18426fbb0712d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=821&min_rtt=487&rtt_var=660&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3197&recv_bytes=1020&delivery_rate=8369942&cwnd=254&unsent_bytes=0&cid=269d65eca62d4831&ts=211&x=0"
X-Firefox-Spdy: h2

GET filmesporno.xxx/favicon.ico

172.67.218.93

404 Not Found

0 B

URL GET HTTPS

filmesporno.xxx/favicon.ico

IP / ASN

172.67.218.93

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectfilmesporno.xxx

FingerprintAB:08:04:5C:1B:01:B3:F8:37:DB:E6:AF:81:61:BD:CA:DC:C4:89:79

ValidityWed, 04 Dec 2024 07:01:32 GMT - Tue, 04 Mar 2025 07:01:31 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: filmesporno.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
version: MS24102801
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=300
cf-cache-status: HIT
age: 46932
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2F3gm16QEAvrL4lcYbhQYutvjQOYZF1owW1INW675V7TQ4gX9aB3bT5oxaYqHozFnlg8wuWKt5HBXfZ%2Fn%2BqhGwm0Byk3OrTwryqEMRVYkalD4%2B7cvESQvlfPKp%2F7qR2wy9s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee184234b57568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34677&min_rtt=25368&rtt_var=16162&sent=32&recv=38&lost=0&retrans=0&sent_bytes=5241&recv_bytes=2740&delivery_rate=25306&cwnd=12000&unsent_bytes=0&cid=9ce6cb7e29c37b0b&ts=5308&x=1", cfExtPri, cfHdrFlush;dur=0

GET static.thisav.com/images/videothumbs/164115-1.jpg

0.0.0.0

0 B

URL GET HTTP

static.thisav.com/images/videothumbs/164115-1.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/videothumbs/164115-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET vidmo.pro/thumbs_320/95/36/9536ba3756a3574f530b30cc2281f6c4/15784325.jpg

89.248.193.244

404 Not Found

0 B

URL GET HTTPS

vidmo.pro/thumbs_320/95/36/9536ba3756a3574f530b30cc2281f6c4/15784325.jpg

IP / ASN

89.248.193.244

#49505 OOO Network of data-centers Selectel

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjecten.vidmo.pro

FingerprintC6:EE:22:3F:68:AD:7D:90:2C:14:76:5B:9F:A5:AC:30:7C:C0:0D:CE

ValidityTue, 26 Nov 2024 20:51:05 GMT - Mon, 24 Feb 2025 20:51:04 GMT

HTTP Headers

GET /thumbs_320/95/36/9536ba3756a3574f530b30cc2281f6c4/15784325.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

GET thumb.pornbraze.com/media/videos/tmb/000/040/668/player.jpg

0.0.0.0

0 B

URL GET HTTP

thumb.pornbraze.com/media/videos/tmb/000/040/668/player.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/videos/tmb/000/040/668/player.jpg HTTP/1.1
Host: thumb.pornbraze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET 2beeg.net/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

2beeg.net/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subject2beeg.net

Fingerprint0B:5D:9E:57:81:19:1B:72:88:69:F5:0E:32:BB:F9:ED:EE:18:A8:EE

ValidityFri, 18 Oct 2024 09:29:53 GMT - Thu, 16 Jan 2025 09:29:52 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 2beeg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:16 GMT
content-type: image/x-icon
last-modified: Mon, 17 Jun 2019 23:16:40 GMT
etag: W/"5d081f58-10be"
expires: Mon, 09 Dec 2024 07:42:57 GMT
cache-control: max-age=259200
cf-cache-status: HIT
age: 72079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2vcdU5uGYFgkX839twgW0qoJXyTIICz%2BWf7fljEKvmkAA0IGaBiKLw0SAVANXEkhWST9QjH524TOAS2bxYzxWZrC1BpTvvtKHMsPq%2BlVwl%2FtL0JzMUauS1KfDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee184246fcfb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=572&min_rtt=480&rtt_var=115&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3267&recv_bytes=1142&delivery_rate=6755832&cwnd=254&unsent_bytes=0&cid=eb4b95211943d6c4&ts=110&x=0"
X-Firefox-Spdy: h2

GET v.sina.cn/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

v.sina.cn/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerDigiCert Inc

Subjectsina.com

FingerprintBF:FD:31:A1:5B:1E:27:ED:CB:CB:84:B8:04:24:C1:13:49:49:A7:5F

ValidityWed, 29 Nov 2023 00:00:00 GMT - Sun, 29 Dec 2024 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: v.sina.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Dec 2024 03:44:18 GMT
content-type: image/x-icon
vary: Accept-Encoding
last-modified: Sun, 05 May 2024 03:40:27 GMT
etag: W/"6636ffab-1536"
backend: cms-front-page-wq-online-5f8f7675b8-gxrtx
content-encoding: gzip
x-via-ssl: ssl.80.sinag1.hyds.lb.sinanode.com
X-Firefox-Spdy: h2

GET javp1.cc/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

javp1.cc/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
content-length: 332
last-modified: Sun, 11 Aug 2024 13:35:37 GMT
etag: "10be-61f68739d1c40-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 3648
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fy6jZjNBh6YaEElTizmFghM66Rq46pFEh%2FnKPDuUJp%2BrlLsPqSWJr0txit7v2K27W1YLP%2BvAgLWeA6Pmg3efG%2FXAAeDfXzhvl3Ndtq53WBbE0yLBTqQAPB6sDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee18422ed43b505-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13109&min_rtt=4872&rtt_var=7991&sent=89&recv=84&lost=0&retrans=0&sent_bytes=26194&recv_bytes=7065&delivery_rate=362562&cwnd=12000&unsent_bytes=0&cid=5322974bcf27bca7&ts=6244&x=1", cfExtPri, cfHdrFlush;dur=0

GET javp1.cc/https://img.caoliuzywimg.com:188/20230220/wT6JYtHe/1.jpg

172.67.162.226

404 Not Found

0 B

URL GET HTTPS

javp1.cc/https://img.caoliuzywimg.com:188/20230220/wT6JYtHe/1.jpg

IP / ASN

172.67.162.226

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectjavp1.cc

FingerprintA7:E1:25:AC:7F:91:E9:98:6B:F1:E8:29:88:16:95:A8:39:B6:DB:DE

ValiditySat, 26 Oct 2024 03:38:47 GMT - Fri, 24 Jan 2025 03:38:46 GMT

HTTP Headers

GET /https://img.caoliuzywimg.com:188/20230220/wT6JYtHe/1.jpg HTTP/1.1
Host: javp1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 07 Dec 2024 03:44:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSI2WJd93izqhQ8HC50FkP0wZPkqqcXYkU49VjymvsjpGrsrBmHnTbe9i9y%2FWQa%2FFSQltXBOXvqa8mNBlr91xjhG7Z89qemNeuWUPaey3Oe8ZrkybCtsjRpJpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee184016d125685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=985&min_rtt=404&rtt_var=970&sent=29&recv=34&lost=0&retrans=1&sent_bytes=17416&recv_bytes=1893&delivery_rate=8901639&cwnd=254&unsent_bytes=0&cid=40ea2862d3916f43&ts=3530&x=0"
X-Firefox-Spdy: h2

GET m.thisav.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

m.thisav.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectthisav.com

Fingerprint6E:DA:7C:E3:1D:50:D7:ED:8A:BA:05:3F:82:E8:82:D7:5D:62:0A:F4

ValiditySun, 24 Nov 2024 21:12:35 GMT - Sat, 22 Feb 2025 21:12:34 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: m.thisav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:17 GMT
content-type: image/x-icon
last-modified: Fri, 16 Aug 2024 02:37:12 GMT
vary: Accept-Encoding
etag: W/"66bebb58-3c2e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: BYPASS
set-cookie: SRVNAME=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5J0FAw6RkkHzWwW5vjUPV4Tllv4utruMF6xLoxfGQt1sjBCeRsHiOIKpdOBm%2B2TIj35pq4CosWomaNsckHtayG2waergQuVdQ2KRdqgpHli%2BI6%2BUE7Bz4xMURmnWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee1842a0d2c712d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1248&min_rtt=470&rtt_var=1404&sent=15&recv=18&lost=0&retrans=1&sent_bytes=6615&recv_bytes=1223&delivery_rate=8369942&cwnd=257&unsent_bytes=0&cid=269d65eca62d4831&ts=734&x=0"
X-Firefox-Spdy: h2

GET vip.pornbraze.com/favicon.ico

0.0.0.0

0 B

URL GET HTTP

vip.pornbraze.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: vip.pornbraze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET pornmaster.fun/favicon.ico

0.0.0.0

0 B

URL GET HTTP

pornmaster.fun/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pornmaster.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET www.dirtysancheztube.com/thumbs/373/664__.jpg

172.67.216.69

200 OK

13 kB

URL GET HTTPS

www.dirtysancheztube.com/thumbs/373/664__.jpg

IP / ASN

172.67.216.69

#13335 CLOUDFLARENET

Requested byhttps://av.tub4us.top/2

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x208, components 3

First Seen2024-04-19

Last Seen2025-08-03

Times Seen104

Size13 kB (13244 bytes)

MD5c3d1bb7a9ea55cae6300ca425aaa8b2c

SHA19c79345806d3a24acc1c0a9f6cafd1e0bf353e57

SHA256bbda3f2849c94267ab4b8e52c879ead5c4c5717b5391f0400b53e748bcd354e8

Certificate Info

IssuerGoogle Trust Services

Subjectdirtysancheztube.com

Fingerprint0F:AF:FE:53:66:66:69:62:0E:FE:60:20:22:9C:B1:E5:D3:AC:F2:4A

ValidityTue, 22 Oct 2024 02:00:12 GMT - Mon, 20 Jan 2025 02:00:11 GMT

HTTP Headers

GET /thumbs/373/664__.jpg HTTP/1.1
Host: www.dirtysancheztube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 03:44:09 GMT
content-type: image/jpeg
content-length: 13244
last-modified: Thu, 05 Nov 2020 04:44:23 GMT
etag: "5fa38327-33bc"
expires: Tue, 25 Nov 2025 00:45:03 GMT
cache-control: public, max-age=31536000, no-transform
x-cache-status: HIT
cf-cache-status: HIT
age: 1047546
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQ%2BgDc8y2uHlk2ccyZIqKBHB%2F26oQJrVpYxikuMBBqRiXms8G%2BK0goGyChOoVuiLgULKmpjWsoL92XJWMn8LmuUM5jSTXF2OpqXkyAVnz4tURM8mjdOpS%2BhqOrkOAvu3uj%2BdD%2FopfBxo4EA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee183fd18f17131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1435&min_rtt=402&rtt_var=1951&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3301&recv_bytes=1224&delivery_rate=6075524&cwnd=254&unsent_bytes=0&cid=9dd87fa4447602bf&ts=2320&x=0"
X-Firefox-Spdy: h2

GET s8.jshumeng.com/xwupload/video/thumb/87668584f1336acf07106ef0cbbf6585.jpg

0.0.0.0

0 B

URL GET HTTP

s8.jshumeng.com/xwupload/video/thumb/87668584f1336acf07106ef0cbbf6585.jpg

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /xwupload/video/thumb/87668584f1336acf07106ef0cbbf6585.jpg HTTP/1.1
Host: s8.jshumeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.tub4us.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET toprealincestporn.com/favicon.ico

0.0.0.0

200 OK

0 B

URL GET HTTPS

toprealincestporn.com/favicon.ico

IP / ASN

0.0.0.0

Requested byhttps://av.tub4us.top/2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691063

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjecttoprealincestporn.com

Fingerprint8E:8A:42:D2:36:0E:F2:F7:03:46:5E:D1:47:2B:F0:7C:3D:83:69:8B

ValidityFri, 06 Dec 2024 04:18:49 GMT - Thu, 06 Mar 2025 04:18:48 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: toprealincestporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 03:44:15 GMT
content-type: image/x-icon
last-modified: Fri, 09 Feb 2024 06:00:42 GMT
etag: W/"65c5bf8a-3c2e"
expires: Thu, 26 Dec 2024 05:32:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 943895
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qowlPZC%2BJtuM5tmXjCeiAM57YcGRM8134HfR%2BgDAJoby8QORLD4m3IiTmu5FmveMdOuCQtvzWIrchhHcALx63nlNsZgCeMmIjq9P1R6YJ5psrzwSmqX3Jdu6eC3u1G6PaPU64DA28VA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee18422db0056a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10308&min_rtt=5309&rtt_var=8814&sent=70&recv=92&lost=0&retrans=0&sent_bytes=7257&recv_bytes=5549&delivery_rate=32101&cwnd=12000&unsent_bytes=0&cid=9fba90cd6e6200ba&ts=6218&x=1", cfExtPri, cfHdrFlush;dur=0

GET okashik.atype.jp/favicon.ico

39.110.226.221

200 OK

27 kB

URL GET HTTPS

okashik.atype.jp/favicon.ico

IP / ASN

39.110.226.221

#2527 Sony Network Communications Inc.

Requested byhttps://av.tub4us.top/2

Resource Info

File typeMS Windows icon resource - 1 icon, -106x-106, 8 bits/pixel

First Seen2024-08-19

Last Seen2025-08-05

Times Seen55

Size27 kB (26886 bytes)

MD5c96307b54559ba5b66bf64349fffaeed

SHA1ed0cf0bb16c7920bd8d9d07ca64cdeb5bac869b0

SHA25600690fc9a758e373f131eb5748f95d55238b0b60dca77bbfdb9c04949db74f88

Certificate Info

IssuerLet's Encrypt

Subject*.atype.jp

Fingerprint78:B0:BD:A9:52:DF:0B:AE:19:E8:04:3F:CF:B1:D1:F4:0E:98:D4:E4

ValidityFri, 13 Sep 2024 07:30:37 GMT - Thu, 12 Dec 2024 07:30:36 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 07 Dec 2024 03:44:18 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:22:28 GMT
ETag: "dc0718-6906-5c439817e2b05"
Accept-Ranges: bytes
Content-Length: 26886
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/vnd.microsoft.icon